Skip to main content

Secure Random Sampling in Differential Privacy

Part of the Lecture Notes in Computer Science book series (LNSC,volume 12973)

Abstract

Differential privacy is among the most prominent techniques for preserving privacy of sensitive data, oweing to its robust mathematical guarantees and general applicability to a vast array of computations on data, including statistical analysis and machine learning. Previous work demonstrated that concrete implementations of differential privacy mechanisms are vulnerable to statistical attacks. This vulnerability is caused by the approximation of real values to floating point numbers. This paper presents a practical solution to the finite-precision floating point vulnerability, where the inverse transform sampling of the Laplace distribution can itself be inverted, thus enabling an attack where the original value can be retrieved with non-negligible advantage.

The proposed solution has the advantages of being (i) mathematically sound, (ii) generalisable to any infinitely divisible probability distribution, and (iii) of simple implementation in modern architectures. Finally, the solution has been designed to make side channel attack infeasible, because of inherently exponential, in the size of the domain, brute force attacks.

Keywords

  • Differential privacy
  • Random numbers
  • Computational complexity

This is a preview of subscription content, access via your institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-88428-4_26
  • Chapter length: 20 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   89.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-88428-4
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   119.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.

Notes

  1. 1.

    ANSI/IEEE Std 754–2019 http://754r.ucbtest.org.

  2. 2.

    Since \(\cos (\theta ) + \sin (\theta ) = \sqrt{2} \cos \left( \theta - \frac{\pi }{4}\right) \).

  3. 3.

    We need only use n samples for sampling procedures that do not share uniform variates between executions, for example the normalvariate method in Python’s random library, which uses the Kinderman-Monahan sampling procedure [19].

  4. 4.

    https://github.com/IBM/differential-privacy-library/tree/main/diffprivlib/mechanisms.

References

  1. Ahrens, J.H., Dieter, U.: Computer methods for sampling from the exponential and normal distributions. Commun. ACM 15(10), 873–882 (1972)

    MathSciNet  CrossRef  Google Scholar 

  2. Ahrens, J.H., Dieter, U.: Efficient table-free sampling methods for the exponential, Cauchy, and normal distributions. Commun. ACM 31(11), 1330–1337 (1988)

    CrossRef  Google Scholar 

  3. Bell, J.R.: Algorithm 334: normal random deviates. Commun. ACM 11(7), 498 (1968)

    CrossRef  Google Scholar 

  4. Box, G.E.P., Muller, M.E.: A note on the generation of random normal deviates. Ann. Math. Stat. 29(2), 610–611 (1958)

    CrossRef  Google Scholar 

  5. Brent, R.P.: Fast normal random number generators on vector processors. Technical report TR-CS-93-04, Department of Computer Science, The Australian National University, Canberra, 0200 ACT, Australia (1993)

    Google Scholar 

  6. Canonne, C.L., Kamath, G., Steinke, T.: The discrete Gaussian for differential privacy. In: Larochelle, H., Ranzato, M., Hadsell, R., Balcan, M.F., Lin, H. (eds.) Advances in Neural Information Processing Systems, vol. 33, pp. 15676–15688. Curran Associates, Inc. (2020). https://proceedings.neurips.cc/paper/2020/file/b53b3a3d6ab90ce0268229151c9bde11-Paper.pdf

  7. Cheu, A., Smith, A., Ullman, J.: Manipulation attacks in local differential privacy. arXiv preprint arXiv:1909.09630 (2019)

  8. Devroye, L.: Non-uniform Random Variate Generation. Springer, New York (1986). https://doi.org/10.1007/978-1-4613-8643-8

    CrossRef  MATH  Google Scholar 

  9. Dodis, Y., López-Alt, A., Mironov, I., Vadhan, S.: Differential privacy with imperfect randomness. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 497–516. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_29

    CrossRef  Google Scholar 

  10. Garey, M.R., Johnson, D.S.: Computers and Intractability: A Guide to the Theory of NP-Completeness. W. H. Freeman and Company, New York (1979)

    MATH  Google Scholar 

  11. Garfinkel, S.L., Leclerc, P.: Randomness concerns when deploying differential privacy. In: Proceedings of the 19th Workshop on Privacy in the Electronic Society. WPES 2020, pp. 73–86. Association for Computing Machinery, New York (2020)

    Google Scholar 

  12. Gazeau, I., Miller, D., Palamidessi, C.: Preserving differential privacy under finite-precision semantics. Theoret. Comput. Sci. 655, 92–108 (2016). Quantitative Aspects of Programming Languages and Systems (2013–14)

    Google Scholar 

  13. Goldberg, D.: What every computer scientist should know about floating-point arithmetic. ACM Comput. Surv. (CSUR) 23(1), 5–48 (1991)

    CrossRef  Google Scholar 

  14. Google Differential Privacy Team: Secure noise generation. github.com/google 1(1), 1–14 (2020)

    Google Scholar 

  15. Haeberlen, A., Pierce, B.C., Narayan, A.: Differential privacy under fire. In: USENIX Security Symposium, vol. 33 (2011)

    Google Scholar 

  16. Holohan, N., Braghin, S., Mac Aonghusa, P., Levacher, K.: Diffprivlib: the IBM differential privacy library. arXiv e-prints 1907.02444 [cs.CR], July 2019

  17. Ilvento, C.: Implementing the exponential mechanism with base-2 differential privacy. In: Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, pp. 717–742 (2020)

    Google Scholar 

  18. Karney, C.F.F.: Sampling exactly from the normal distribution. ACM Trans. Math. Softw. 42(1), 1–14 (2016)

    MathSciNet  CrossRef  Google Scholar 

  19. Kinderman, A.J., Monahan, J.F.: Computer generation of random variables using the ratio of uniform deviates. ACM Trans. Math. Softw. 3(3), 257–260 (1977)

    CrossRef  Google Scholar 

  20. Kotz, S., Kozubowski, T., Podgorski, K.: The Laplace Distribution and Generalizations: A Revisit with Applications to Communications, Economics, Engineering, and Finance. Springer, Heidelberg (2012)

    MATH  Google Scholar 

  21. McSherry, F., Talwar, K.: Mechanism design via differential privacy. In: 2007 48th Annual IEEE Symposium on Foundations of Computer Science. FOCS 2007, pp. 94–103. IEEE (2007)

    Google Scholar 

  22. Mironov, I.: On significance of the least significant bits for differential privacy. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security. CCS 2012, pp. 650–661. Association for Computing Machinery, New York (2012)

    Google Scholar 

  23. Mironov, I., Pandey, O., Reingold, O., Vadhan, S.: Computational differential privacy. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 126–142. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-03356-8_8

    CrossRef  Google Scholar 

  24. Thomas, D.B., Luk, W., Leong, P.H., Villasenor, J.D.: Gaussian random number generators. ACM Comput. Surv. 39(4), 11-es (2007)

    CrossRef  Google Scholar 

  25. van der Walt, S., Colbert, S.C., Varoquaux, G.: The NumPy array: a structure for efficient numerical computation. Comput. Sci. Eng. 13(2), 22–30 (2011)

    CrossRef  Google Scholar 

Download references

Acknowledgments

The authors wish to thank David Malone (Hamilton Institute, Maynooth University) for useful discussions at the beginning of this project.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Stefano Braghin .

Editor information

Editors and Affiliations

Appendices

Appendix

A Probability Density Functions

The following probability distributions are referenced in Sect. 4.

1.1 A.1 Uniform Distribution

The uniform distribution on the interval \([a, b] \subset \mathbb {R}\), \(-\infty< a< b < \infty \), is given by the Probability Density Function (PDF)

$$f_{\mathcal {U}(a, b)}(x) = {\left\{ \begin{array}{ll} \frac{1}{b-a} &{} \text {if } x \in [a, b],\\ 0 &{} \text {otherwise}. \end{array}\right. }$$

We make use of the uniform distribution \(\mathcal {U}(0, 1)\) on the unit interval [0, 1].

1.2 A.2 Gaussian Distribution

The Gaussian distribution with mean \(\mu \) and variance \(\sigma ^2\) is given by the PDF

$$f_{\mathcal {N}(\mu , \sigma )}(x) = \frac{1}{\sigma \sqrt{2 \pi }} e^{-\frac{1}{2} \left( \frac{x-\mu }{\sigma }\right) ^2}.$$

We refer to the case when \(\mu = 0\) and \(\sigma = 1\) as the standard Gaussian distribution. If \(N \sim \mathcal {N}(0, 1)\), then \(\sigma N + \mu \sim \mathcal {N}(\mu , \sigma )\).

1.3 A.3 Laplace Distribution

The Laplace distribution with mean \(\mu \) and variance \(2b^2\) is given by the PDF

$$f_{\mathrm {Lap}(\mu , b)}(x) = \frac{1}{2b} e^{-\frac{|x - \mu |}{b}}.$$

We refer to the case when \(\mu = 0\) and \(b = 1\) as the standard Laplace distribution. If \(L \sim \mathrm {Lap}(0, 1)\), then \(b L + \mu \sim \mathrm {Lap}(\mu , b)\).

1.4 A.4 Exponential Distribution

The exponential distribution with mean \(\frac{1}{\lambda }\) and variance \(\frac{1}{\lambda ^2}\) is given by the PDF

$$f_{\mathrm {Exp}(\lambda )}(x) = \lambda e^{-\lambda x}.$$

We refer to the case when \(\lambda = 1\) as the standard exponential distribution. If \(E \sim \mathrm {Exp}(1)\), then \(\frac{E}{\lambda } \sim \mathrm {Exp}(\lambda )\).

1.5 A.5 Gamma Distribution

The gamma distribution with mean \(k \theta \) and variance \(k \theta ^2\) is given by the PDF

$$f_{\varGamma (k, \theta )}(x) = \frac{1}{\varGamma (k) \theta ^k} x^{k-1} e^{-\frac{x}{\theta }}.$$

If \(G \sim \varGamma (k, \theta )\), then \(c G \sim \varGamma (k, c \theta )\) for any \(c > 0\).

1.6 A.6 Chi-Squared Distribution

The chi-squared distribution with \(k \in \mathbb {N}\) degrees of freedom is given by the PDF

$$f_{\chi ^2(k)}(x) = \frac{1}{2 ^{\frac{k}{2}} \varGamma \left( \frac{k}{2}\right) } x^{\frac{k}{2} - 1} e^{-\frac{x}{2}}.$$

B Code Samples

The following code samples were used in estimating execution time for different implementations. This code was run using Python 3.8.6.

1.1 B.1 Naïve Sampling

The naïve standard Laplace sampling given by (2) was implemented using:

figure f

1.2 B.2 Theorem 1 Sampling

The implementation of Theorem 1 was given by:

figure g

1.3 B.3 Sampling with math and random

We combine the Gaussian and Laplace sampling procedures from (7) and (2) to generate standard Laplace samples from 8n uniform variates using the math and random libraries as follows:

figure h

1.4 B.4 Sampling with Numpy

Finally, we present an implementation of the same procedure using the popular Numpy package, leveraging its C-based code for faster computations with larger n:

figure i

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Holohan, N., Braghin, S. (2021). Secure Random Sampling in Differential Privacy. In: Bertino, E., Shulman, H., Waidner, M. (eds) Computer Security – ESORICS 2021. ESORICS 2021. Lecture Notes in Computer Science(), vol 12973. Springer, Cham. https://doi.org/10.1007/978-3-030-88428-4_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-88428-4_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-88427-7

  • Online ISBN: 978-3-030-88428-4

  • eBook Packages: Computer ScienceComputer Science (R0)