Crowd-Blending Privacy

  • Johannes Gehrke
  • Michael Hay
  • Edward Lui
  • Rafael Pass
Conference paper

DOI: 10.1007/978-3-642-32009-5_28

Part of the Lecture Notes in Computer Science book series (LNCS, volume 7417)
Cite this paper as:
Gehrke J., Hay M., Lui E., Pass R. (2012) Crowd-Blending Privacy. In: Safavi-Naini R., Canetti R. (eds) Advances in Cryptology – CRYPTO 2012. Lecture Notes in Computer Science, vol 7417. Springer, Berlin, Heidelberg

Abstract

We introduce a new definition of privacy called crowd-blending privacy that strictly relaxes the notion of differential privacy. Roughly speaking, k-crowd blending private sanitization of a database requires that each individual i in the database “blends” with k other individuals j in the database, in the sense that the output of the sanitizer is “indistinguishable” if i’s data is replaced by j’s.

We demonstrate crowd-blending private mechanisms for histograms and for releasing synthetic data points, achieving strictly better utility than what is possible using differentially private mechanisms. Additionally, we demonstrate that if a crowd-blending private mechanism is combined with a “pre-sampling” step, where the individuals in the database are randomly drawn from some underlying population (as is often the case during data collection), then the combined mechanism satisfies not only differential privacy, but also the stronger notion of zero-knowledge privacy. This holds even if the pre-sampling is slightly biased and an adversary knows whether certain individuals were sampled or not. Taken together, our results yield a practical approach for collecting and privately releasing data while ensuring higher utility than previous approaches.

Copyright information

© International Association for Cryptologic Research 2012 2012

Authors and Affiliations

  • Johannes Gehrke
    • 1
  • Michael Hay
    • 1
  • Edward Lui
    • 1
  • Rafael Pass
    • 1
  1. 1.Department of Computer ScienceCornell UniversityIthacaUSA

Personalised recommendations