Amplification by Shuffling without Shuffling
Pages 2292 - 2305
Abstract
Motivated by recent developments in the shuffle model of differential privacy, we propose a new approximate shuffling functionality called Alternating Shuffle, and provide a protocol implementing alternating shuffling in a single-server threat model where the adversary observes all communication. Unlike previous shuffling protocols in this threat model, the per-client communication of our protocol only grows sub-linearly in the number of clients. Moreover, we study the concrete efficiency of our protocol and show it can improve per-client communication by one or more orders of magnitude with respect to previous (approximate) shuffling protocols. We also show a differential privacy amplification result for alternating shuffling analogous to the one for uniform shuffling, and demonstrate that shuffling-based protocols for secure summation based a construction of Ishai et al. remain secure under the Alternating Shuffle. In the process we also develop a protocol for exact shuffling in single-server threat model with amortized logarithmic communication per-client which might be of independent interest.
References
[1]
Bar Alon, Moni Naor, Eran Omri, and Uri Stemmer. 2022. MPC for Tech Giants (GMPC): Enabling Gulliver and the Lilliputians to Cooperate Amicably. CoRR abs/2207.05047 (2022). https://doi.org/10.48550/arXiv.2207.05047 arXiv:2207.05047
[2]
Bar Alon, Moni Naor, Eran Omri, and Uri Stemmer. 2022. MPC for Tech Giants (GMPC): Enabling Gulliver and the Lilliputians to Cooperate Amicably. IACR Cryptol. ePrint Arch. (2022), 902.
[3]
Victor Balcer and Albert Cheu. 2020. Separating Local & Shuffled Differential Privacy via Histograms. In 1st Conference on Information-Theoretic Cryptography, ITC 2020, June 17-19, 2020, Boston, MA, USA (LIPIcs, Vol. 163), Yael Tauman Kalai, Adam D. Smith, and Daniel Wichs (Eds.). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 1:1-1:14. https://doi.org/10.4230/LIPIcs.ITC.2020.1
[4]
Victor Balcer, Albert Cheu, Matthew Joseph, and Jieming Mao. 2021. Connecting Robust Shuffle Privacy and Pan-Privacy. In Proceedings of the 2021 ACM-SIAM Symposium on Discrete Algorithms, SODA 2021, Virtual Conference, January 10 - 13, 2021, Dániel Marx (Ed.). SIAM, 2384--2403. https://doi.org/10.1137/1. 9781611976465.142
[5]
Borja Balle, Gilles Barthe, and Marco Gaboardi. 2018. Privacy Amplification by Subsampling: Tight Analyses via Couplings and Divergences. In NeurIPS.
[6]
Borja Balle, James Bell, and Adrià Gascón. 2023. Amplification by Shuffling without Shuffling. CoRR abs/2305.10867 (2023). https://doi.org/10.48550/arXiv. 2305.10867 arXiv:2305.10867
[7]
Borja Balle, James Bell, Adrià Gascón, and Kobbi Nissim. 2019. The Privacy Blanket of the Shuffle Model. In Advances in Cryptology - CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2019, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 11693), Alexandra Boldyreva and Daniele Micciancio (Eds.). Springer, 638--667. https: //doi.org/10.1007/978-3-030-26951-7_22
[8]
Borja Balle, James Bell, Adrià Gascón, and Kobbi Nissim. 2020. Private Summation in the Multi-Message Shuffle Model. In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 657--676. https://doi.org/10.1145/3372297.3417242
[9]
Borja Balle, James Bell, Adrià Gascón, and Kobbi Nissim. 2020. Private Summation in the Multi-Message Shuffle Model. In CCS.
[10]
Borja Balle, Peter Kairouz, Brendan McMahan, Om Dipakbhai Thakkar, and Abhradeep Thakurta. 2020. Privacy Amplification via Random Check-Ins. In NeurIPS.
[11]
Stephanie Bayer and Jens Groth. 2012. Efficient Zero-Knowledge Argument for Correctness of a Shuffle. In Advances in Cryptology - EUROCRYPT 2012, David Pointcheval and Thomas Johansson (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 263--280.
[12]
James Bell, Adrià Gascón, Tancrède Lepoint, Baiyu Li, Sarah Meiklejohn, Mariana Raykova, and Cathie Yun. 2022. ACORN: Input Validation for Secure Aggregation. IACR Cryptol. ePrint Arch. (2022), 1461.
[13]
James Henry Bell, Kallista A. Bonawitz, Adrià Gascón, Tancrède Lepoint, and Mar-iana Raykova. 2020. Secure Single-Server Aggregation with (Poly)Logarithmic Overhead. In CCS '20: 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event, USA, November 9-13, 2020, Jay Ligatti, Xinming Ou, Jonathan Katz, and Giovanni Vigna (Eds.). ACM, 1253--1269. https: //doi.org/10.1145/3372297.3417885
[14]
Andrea Bittau, Úlfar Erlingsson, Petros Maniatis, Ilya Mironov, Ananth Raghu-nathan, David Lie, Mitch Rudominer, Ushasree Kode, Julien Tinnés, and Bernhard Seefeld. 2017. Prochlo: Strong Privacy for Analytics in the Crowd. In Proceedings of the 26th Symposium on Operating Systems Principles, Shanghai, China, October 28-31, 2017. ACM, 441--459. https://doi.org/10.1145/3132747.3132769
[15]
Kallista A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Bren-dan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth. 2017. Practical Secure Aggregation for Privacy-Preserving Machine Learning. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017, Dallas, TX, USA, October 30 - November 03, 2017, Bhavani Thuraisingham, David Evans, Tal Malkin, and Dongyan Xu (Eds.). ACM, 1175--1191. https://doi.org/10.1145/3133956.3133982
[16]
Benedikt Bünz, Yuncong Hu, Shin'ichiro Matsuo, and Elaine Shi. 2021. Non-Interactive Differentially Anonymous Router. IACR Cryptol. ePrint Arch. (2021), 1242. https://eprint.iacr.org/2021/1242
[17]
David L Chaum. 1981. Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24, 2 (1981), 84--90.
[18]
Albert Cheu. 2021. Differential Privacy in the Shuffle Model: A Survey of Separa-tions. CoRR abs/2107.11839 (2021). arXiv:2107.11839 https://arxiv.org/abs/2107. 11839
[19]
Albert Cheu, Adam D. Smith, Jonathan R. Ullman, David Zeber, and Maxim Zhilyaev. 2019. Distributed Differential Privacy via Shuffling. In Advances in Cryptology - EUROCRYPT 2019 - 38th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Darmstadt, Germany, May 19-23, 2019, Proceedings, Part I (Lecture Notes in Computer Science, Vol. 11476), Yuval Ishai and Vincent Rijmen (Eds.). Springer, 375--403. https://doi.org/10.1007/978- 3-030-17653-2_13
[20]
Albert Cheu and Maxim Zhilyaev. 2021. Differentially Private Histograms in the Shuffle Model from Fake Users. CoRR abs/2104.02739 (2021). arXiv:2104.02739 https://arxiv.org/abs/2104.02739
[21]
Úlfar Erlingsson, Vitaly Feldman, Ilya Mironov, Ananth Raghunathan, Shuang Song, Kunal Talwar, and Abhradeep Thakurta. 2020. Encode, Shuffle, Analyze Privacy Revisited: Formalizations and Empirical Evaluation. CoRR abs/2001.03618 (2020).
[22]
Úlfar Erlingsson, Vitaly Feldman, Ilya Mironov, Ananth Raghunathan, Kunal Talwar, and Abhradeep Thakurta. 2019. Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity. In Proceedings of the Thirtieth Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2019, San Diego, California, USA, January 6-9, 2019, Timothy M. Chan (Ed.). SIAM, 2468--2479. https://doi.org/10.1137/1.9781611975482.151
[23]
Paul Feldman. 1987. A Practical Scheme for Non-interactive Verifiable Secret Sharing. In FOCS. IEEE Computer Society, 427--437.
[24]
Vitaly Feldman, Audra McMillan, and Kunal Talwar. 2021. Hiding Among the Clones: A Simple and Nearly Optimal Analysis of Privacy Amplification by Shuffling. In 62nd IEEE Annual Symposium on Foundations of Computer Science, FOCS 2021, Denver, CO, USA, February 7-10, 2022. IEEE, 954--964. https://doi.org/ 10.1109/FOCS52979.2021.00096
[25]
Vitaly Feldman, Audra McMillan, and Kunal Talwar. 2022. Stronger Privacy Amplification by Shuffling for Rényi and Approximate Differential Privacy. CoRR abs/2208.04591 (2022).
[26]
Badih Ghazi, Noah Golowich, Ravi Kumar, Pasin Manurangsi, Rasmus Pagh, and Ameya Velingker. 2020. Pure Differentially Private Summation from Anonymous Messages. In 1st Conference on Information-Theoretic Cryptography, ITC 2020, June 17-19, 2020, Boston, MA, USA (LIPIcs, Vol. 163), Yael Tauman Kalai, Adam D. Smith, and Daniel Wichs (Eds.). Schloss Dagstuhl - Leibniz-Zentrum für Informatik, 15:1--15:23. https://doi.org/10.4230/LIPIcs.ITC.2020.15
[27]
Badih Ghazi, Noah Golowich, Ravi Kumar, Rasmus Pagh, and Ameya Velingker. 2021. On the Power of Multiple Anonymous Messages: Frequency Estimation and Selection in the Shuffle Model of Differential Privacy. In Advances in Cryptology - EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, October 17-21, 2021, Proceedings, Part III (Lecture Notes in Computer Science, Vol. 12698), Anne Canteaut and François-Xavier Standaert (Eds.). Springer, 463--488. https://doi.org/10.1007/ 978--3-030-- 77883-5_16
[28]
Badih Ghazi, Ravi Kumar, Pasin Manurangsi, Rasmus Pagh, and Amer Sinha. 2021. Differentially Private Aggregation in the Shuffle Model: Almost Central Accuracy in Almost a Single Message. In Proceedings of the 38th International Conference on Machine Learning, ICML 2021, 18--24 July 2021, Virtual Event (Proceedings of Machine Learning Research, Vol. 139), Marina Meila and Tong Zhang (Eds.). PMLR, 3692--3701. http://proceedings.mlr.press/v139/ghazi21a.html
[29]
Badih Ghazi, Pasin Manurangsi, Rasmus Pagh, and Ameya Velingker. 2020. Private Aggregation from Fewer Anonymous Messages. In Advances in Cryptology - EUROCRYPT 2020 - 39th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Zagreb, Croatia, May 10-14, 2020, Proceedings, Part II (Lecture Notes in Computer Science, Vol. 12106), Anne Canteaut and Yuval Ishai (Eds.). Springer, 798--827. https://doi.org/10.1007/978-3-030-45724-2_27
[30]
Badih Ghazi, Pasin Manurangsi, Rasmus Pagh, and Ameya Velingker. 2020. Private Aggregation from Fewer Anonymous Messages. In EUROCRYPT.
[31]
Oded Goldreich. 2004. The Foundations of Cryptography - Volume 2: Basic Appli-cations. Cambridge University Press.
[32]
Michael T. Goodrich and Michael Mitzenmacher. 2011. Invertible bloom lookup tables. In Allerton. IEEE, 792--799.
[33]
S. Dov Gordon, Jonathan Katz, Mingyu Liang, and Jiayu Xu. 2022. Spreading the Privacy Blanket: - Differentially Oblivious Shuffling for Differential Privacy. In Applied Cryptography and Network Security - 20th International Conference, ACNS 2022, Rome, Italy, June 20-23, 2022, Proceedings (Lecture Notes in Computer Science, Vol. 13269), Giuseppe Ateniese and Daniele Venturi (Eds.). Springer, 501--520. https://doi.org/10.1007/978-3-031-09234- -3_25
[34]
Yue Guo, Antigoni Polychroniadou, Elaine Shi, David Byrd, and Tucker Balch. 2022. MicroFedML: Privacy Preserving Federated Learning for Small Weights. IACR Cryptol. ePrint Arch. (2022), 714.
[35]
Johan Håstad. 2006. The square lattice shuffle. Random Structures & Algorithms 29, 4 (2006), 466--474. https://doi.org/10.1002/rsa.20131 arXiv:https://onlinelibrary.wiley.com/doi/pdf/10.1002/rsa.20131
[36]
Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai. 2006. Cryptography from Anonymity. In 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS 2006), 21-24 October 2006, Berkeley, California, USA, Proceedings. IEEE Computer Society, 239--248. https://doi.org/10.1109/FOCS.2006.25
[37]
Peter Kairouz, H. Brendan McMahan, Brendan Avent, Aurélien Bellet, Mehdi Bennis, Arjun Nitin Bhagoji, Kallista A. Bonawitz, Zachary Charles, Graham Cormode, Rachel Cummings, Rafael G. L. D'Oliveira, Hubert Eichner, Salim El Rouayheb, David Evans, Josh Gardner, Zachary Garrett, Adrià Gascón, Badih Ghazi, Phillip B. Gibbons, Marco Gruteser, Zaïd Harchaoui, Chaoyang He, Lie He, Zhouyuan Huo, Ben Hutchinson, Justin Hsu, Martin Jaggi, Tara Javidi, Gauri Joshi, Mikhail Khodak, Jakub Koneńý, Aleksandra Korolova, Farinaz Koushanfar, Sanmi Koyejo, Tancrède Lepoint, Yang Liu, Prateek Mittal, Mehryar Mohri, Richard Nock, Ayfer Özgür, Rasmus Pagh, Hang Qi, Daniel Ramage, Ramesh Raskar, Mariana Raykova, Dawn Song, Weikang Song, Sebastian U. Stich, Ziteng Sun, Ananda Theertha Suresh, Florian Tramèr, Praneeth Vepakomma, Jianyu Wang, Li Xiong, Zheng Xu, Qiang Yang, Felix X. Yu, Han Yu, and Sen Zhao. 2021. Advances and Open Problems in Federated Learning. Found. Trends Mach. Learn. 14, 1--2 (2021), 1--210. https://doi.org/10.1561/2200000083
[38]
Peter Kairouz, Sewoong Oh, and Pramod Viswanath. 2017. The Composition Theorem for Differential Privacy. IEEE Trans. Inf. Theory 63, 6 (2017).
[39]
Antti Koskela, Mikko A. Heikkilä, and Antti Honkela. 2023. Numerical Ac- counting in the Shuffle Model of Differential Privacy. Transactions on Machine Learning Research (2023). https://openreview.net/forum?id=11osftjEbF Featured Certification.
[40]
Yehuda Lindell. 2017. How to Simulate It - A Tutorial on the Simulation Proof Technique. In Tutorials on the Foundations of Cryptography. Springer International Publishing, 277--346.
[41]
Isis Agora Lovecruft and Henry de Valence. 2023. Efficient Bulletproofs in Rust. https://github.com/dalek-cryptography/curve25519-dalek
[42]
Yiping Ma, Jess Woods, Sebastian Angel, Antigoni Polychroniadou, and Tal Rabin. 2023. Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learning. Cryptology ePrint Archive, Paper 2023/486. https://eprint.iacr.org/2023/486 https://eprint.iacr.org/2023/486.
[43]
Luca Melis, George Danezis, and Emiliano De Cristofaro. 2016. Efficient Private Statistics with Succinct Sketches. In NDSS. The Internet Society.
[44]
Mahnush Movahedi, Jared Saia, and Mahdi Zamani. 2015. Secure Multi-party Shuffling. In SIROCCO (Lecture Notes in Computer Science, Vol. 9439). Springer, 459--473.
[45]
Nicholas Pippenger. 1980. On the Evaluation of Powers and Monomials. SIAM J. Comput. 9, 2 (1980), 230--250.
[46]
Elaine Shi, T.-H. Hubert Chan, Eleanor Gilbert Rieffel, Richard Chow, and Dawn Song. 2011. Privacy-Preserving Aggregation of Time-Series Data. In NDSS. The Internet Society.
[47]
Mingxun Zhou, Elaine Shi, T.-H. Hubert Chan, and Shir Maimon. 2022. A Theory of Composition for Differential Obliviousness. IACR Cryptol. ePrint Arch. (2022), 1357. https://eprint.iacr.org/2022/1357
Index Terms
- Amplification by Shuffling without Shuffling
Recommendations
On the Round Complexity of the Shuffle Model
Theory of CryptographyAbstractThe shuffle model of differential privacy [Bittau et al. SOSP 2017; Erlingsson et al. SODA 2019; Cheu et al. EUROCRYPT 2019] was proposed as a viable model for performing distributed differentially private computations. Informally, the model ...
Infinite self-shuffling words
In this paper we introduce and study a new property of infinite words: An infinite word x A N , with values in a finite set A , is said to be k-self-shuffling ( k 2 ) if x admits factorizations: x = i = 0 ∞ U i ( 1 ) U i ( k ) = i = 0 ∞ U i ( 1 ) = = i =...
Self-shuffling words
ICALP'13: Proceedings of the 40th international conference on Automata, Languages, and Programming - Volume Part IIIn this paper we introduce and study a new property of infinite words which is invariant under the action of a morphism: We say an infinite word $x\in \mathbb{A}^{\mathbb N},$ defined over a finite alphabet $\mathbb{A}$, is self-shuffling if x admits ...
Comments
Information & Contributors
Information
Published In
November 2023
3722 pages
ISBN:9798400700507
DOI:10.1145/3576915
- General Chairs:
- Weizhi Meng,
- Christian D. Jensen,
- Program Chairs:
- Cas Cremers,
- Engin Kirda
Copyright © 2023 Owner/Author.
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 21 November 2023
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
CCS '23
Sponsor:
CCS '23: ACM SIGSAC Conference on Computer and Communications Security
November 26 - 30, 2023
Copenhagen, Denmark
Acceptance Rates
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%
Upcoming Conference
CCS '24
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 349Total Downloads
- Downloads (Last 12 months)349
- Downloads (Last 6 weeks)52
Reflects downloads up to 30 Aug 2024
Other Metrics
Citations
View Options
Get Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in