Abstract
The goal of a statistical database is to provide statistics about a population while simultaneously protecting the privacy of the individual records in the database. The tension between privacy and usability of statistical databases has attracted much attention in statistics, theoretical computer science, security, and database communities in recent years. A line of research initiated by Dinur and Nissim investigates for a particular type of queries, lower bounds on the distortion needed in order to prevent gross violations of privacy. The first result in the current paper simplifies and sharpens the Dinur and Nissim result.
The Dinur-Nissim style results are strong because they demonstrate insecurity of all low-distortion privacy mechanisms. The attacks have an all-or-nothing flavor: letting n denote the size of the database, Ω(n) queries are made before anything is learned, at which point Θ(n) secret bits are revealed. Restricting attention to a wide and realistic subset of possible low-distortion mechanisms, our second result is a more acute attack, requiring only a fixed number of queries for each bit revealed.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Adam, N., Wortmann, J.: Security-control methods for statistical databases: a comparative study. ACM Computing Surveys 21(4), 515–556 (1989)
Alon, N., Spencer, J.: The probabilistic method, 2nd edn. Wiley-Interscience [John Wiley and sons], New York (2000)
Barak, B., Chaudhuri, K., Dwork, C., Kale, S., McSherry, F., Talwar, K.: Privacy, accuracy, and consistency too: a holistic solution to contingency table release. In: Proc. of the 26th Symposium on Principles of Database Systems (PODS), pp. 273–282 (2007)
Blum, A., Ligett, K., Roth, A.: A learning theory approach to non-interactive database privacy. In: Proc. of the Symp. on the Theory of Computation (STOC) (2008)
Candes, E., Tao, T.: Near-optimal signal recovery from random projections: universal encoding strategies. IEEE Trans. Inform. Theory 52, 5406–5425 (2004)
Chawla, S., Dwork, C., McSherry, F., Smith, A., Wee, H.: Toward privacy in public databases. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 363–385. Springer, Heidelberg (2005)
Chen, S., Donoho, D., Saunders, M.: Atomic decomposition via basis pursuit. SIAM Journal on Scientific Computing 48(1), 33–61 (1999)
Donoho, D., Johnstone, I.: Minimax estimation via wavelet shrinkage. Annals of Statistics 26(3), 879–921 (1998)
Blum, A., Dwork, C., McSherry, F., Nissim, K.: Practical privacy: the SuLQ framework. In: Proc. of the 24th Symposium on Principles of Database Systems (PODS), pp. 128–138 (2005)
Clifton, C., Kantarcioglu, M., Vaidya, J., Lin, X., Zhu, M.: Tool for privacy preserving data minining. SIGKDD Explorations 4(2), 28–34 (2002)
Cormen, T., Leiserson, C., Rivest, R., Stein, C.: Introduction to algorithms. MIT Press, Cambridge (2001)
Dinur, I., Nissim, K.: Revealing information while preserving privacy. In: Proc. of the 22nd Symposium on Principles of Database Systems (PODS), pp. 202–210 (2003)
Dwork, C.: Differential privacy. In: Bugliesi, M., Preneel, B., Sassone, V., Wegener, I. (eds.) ICALP 2006. LNCS, vol. 4052, pp. 1–12. Springer, Heidelberg (2006)
Dwork, C.: Ask a better question, get a better answer: a new approach to private data analysis. In: Schwentick, T., Suciu, D. (eds.) ICDT 2007. LNCS, vol. 4353, pp. 18–27. Springer, Heidelberg (2006)
Dwork, C., Kenthapadi, K., McSherry, F., Mironov, I., Naor, M.: Our data, ourselves: privacy via distributed noise generation. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 486–503. Springer, Heidelberg (2006)
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Callibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006)
Dwork, C., McSherry, F., Talwar, K.: The price of privacy and the limits of LP decoding. In: Proc. of the 39th Symposium on the Theory of Computation (STOC), pp. 85–94 (2007)
Dwork, C., Nissim, K.: Privacy preserving data-mining on vertically partitioned databases. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 528–544. Springer, Heidelberg (2004)
Gemmell, P., Sudan, M.: Highly resilient correctors for polynomials. Information Processing Letters 43(4), 169–174 (1992)
Kasiviswanathan, S., Lee, H., Nissim, K., Raskhodnikova, S., Smith, A.: What Can We Learn Privately? (manuscript, 2007)
McSherry, F., Talwar, K.: Mechanism Design via Differential Privacy. In: Proc. of the 48th Symposium on the Foundations of Computer Science (FOCS) (2007)
MacWilliams, F., Sloane, N.: The theory of error-correcting codes. North-Holland, Amsterdam (1977)
Nissim, K., Raskhodnikova, S., Smith, A.: Smooth sensitivity and sampling in private data analysis. In: Proc. of the 39th Symposium on the Theory of Computation (STOC), pp. 75–84 (2007)
Slavkovic, A.: Statistical disclosure limitation beyond the margins: characterization of joint distributions for contingency tables. Ph.D. thesis, Department of statistics, Carnegie Mellon University (2004)
Shoshani, A.: Statistical databases: Characteristics, problems and some solutiuons. In: Proc. of the 8th International Conference on Very Large Databases (VLDB), pp. 208–222 (1982)
Sweeney, L.: Privacy-enchanced linking. SIGKDD Explorations 7(2), 72–75 (2005)
Vaidya, P.: An algorithm for linear programming which requires O(((m + n)n 2 + (m + n)1.5 n)L) arithmetic opertaions. Mathematical Programming 47, 175–201 (1990)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Dwork, C., Yekhanin, S. (2008). New Efficient Attacks on Statistical Disclosure Control Mechanisms. In: Wagner, D. (eds) Advances in Cryptology – CRYPTO 2008. CRYPTO 2008. Lecture Notes in Computer Science, vol 5157. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-85174-5_26
Download citation
DOI: https://doi.org/10.1007/978-3-540-85174-5_26
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-85173-8
Online ISBN: 978-3-540-85174-5
eBook Packages: Computer ScienceComputer Science (R0)