Privacy amplification by shuffling Vitaly Feldman Ulfar Erlingsson
Privacy amplification by shuffling Vitaly Feldman Ulfar Erlingsson Ilya Mironov Ananth Raghunathan Kunal Talwar Abhradeep Thakurta
Local Differential Privacy (LDP) Server
![Encode-Shuffle-Analyze (ESA) [Bittau et al. ‘ 17] Server Shuffler 3](http://slidetodoc.com/presentation_image_h/0a8b915ea3bd1acc254a5573a359ba5c/image-3.jpg "Encode-Shuffle-Analyze (ESA) [Bittau et al. ‘ 17] Server Shuffler 3")
Encode-Shuffle-Analyze (ESA) [Bittau et al. ‘ 17] Server Shuffler 3
![Warm-up: binary randomized response • [Cheu, Smith, Ullman, Zeber, Zhilyaev ‘ 19] (independent) 4](http://slidetodoc.com/presentation_image_h/0a8b915ea3bd1acc254a5573a359ba5c/image-4.jpg "Warm-up: binary randomized response • [Cheu, Smith, Ullman, Zeber, Zhilyaev ‘ 19] (independent) 4")
Warm-up: binary randomized response • [Cheu, Smith, Ullman, Zeber, Zhilyaev ‘ 19] (independent) 4
Privacy amplification by shuffling • 5
Implications for ESA Server Shuffler 6
Comparison with subsampling Advantages of shuffling: • does not affect the statistics of the dataset • does not increase LDP cost 7
Online monitoring with LDP 8
Online monitoring time 9
Monitoring with LDP • 10
Conclusions • General privacy amplification technique o For some problems achieves state of the art in the central model o Can be used to derive lower bounds for LDP • Provable benefits of anonymity for ESA-like architectures • Same algorithm, different attack/trust models 11
- Slides: 11
