differentially private oblivious ram
play

Differentially Private Oblivious RAM Sameer Wagh , Paul Cuff , - PowerPoint PPT Presentation

Oct 29, 2023 •345 likes •898 views

Differentially Private Oblivious RAM Sameer Wagh , Paul Cuff , Prateek Mittal July 24, 2019 Princeton University, Renaissance Technologies Introduction: Oblivious RAM Access data privately from private database. 1

  1. Differentially Private Oblivious RAM Sameer Wagh ∗ , Paul Cuff † , Prateek Mittal ∗ July 24, 2019 ∗ Princeton University, † Renaissance Technologies

  2. Introduction: Oblivious RAM Access data privately from private database. 1

  3. Introduction: Oblivious RAM User receives record R 2

  4. Introduction: Oblivious RAM Obliviousness: Adversary should not know R 3

  5. ORAM Application I Client-server environments 4

  6. ORAM Application II Trusted Execution Environments such as SGX-based enclaves 5

  7. The Problem? 6

  8. The Problem? 7

  9. The Problem: Overhead Overheads • Logarithmic bandwidth overhead ( ≥ 100 × ) • Logarithmic storage overhead 8

  10. Key Insight Overheads • Logarithmic bandwidth overhead ( ≥ 100 × ) • Logarithmic storage overhead Key Insight Can we improve performance by relaxing privacy? 9

  11. Key Insight: Improve Performance by Relaxing Privacy • Statistically private ORAM ◮ Better performance at the cost of privacy loss ◮ Challenge: Can we provide rigorous guarantees? 10

  12. Key Insight: Improve Performance by Relaxing Privacy • Statistically private ORAM ◮ Better performance at the cost of privacy loss ◮ Challenge: Can we provide rigorous guarantees? • Efficiency ◮ Reduce performance overheads – bandwidth, local storage ◮ Achieve privacy proportional to application resources 10

  13. Key Insight: Improve Performance by Relaxing Privacy Differential Privacy • Statistically private ORAM ◮ Better performance at the cost of privacy loss • Formalize Differentially Private ORAM ◮ Challenge: Can we provide rigorous guarantees? • Introduce Root ORAM • Efficiency ◮ Reduce performance overheads – bandwidth, local storage ◮ Achieve privacy proportional to application resources 11

  14. Key Insight: Improve Performance by Relaxing Privacy Differential Privacy • Statistically private ORAM ◮ Better performance at the cost of privacy loss • Formalize Differentially Private ORAM ◮ Challenge: Can we provide rigorous guarantees? • Introduce Root ORAM Root ORAM • Efficiency ◮ Reduce performance overheads – bandwidth, local storage • Theoretical Results ◮ Achieve privacy proportional to application resources • Empirical Results • Private Information Retrieval 12

  15. Differentially Private Oblivious RAM

  16. DP-ORAM Intuition 13

  17. DP-ORAM Intuition 14

  18. DP-ORAM Intuition 15

  19. Statistical closeness - Differential Privacy Pr [ ORAM ( a 1 ) ∈ S ] ≤ e ǫ Pr [ ORAM ( a 2 ) ∈ S ] + δ 16

  20. Protocol Construction

  21. Root ORAM: Storage 17

  22. Root ORAM: Invariant 18

  23. Root ORAM: Updated mapping 19

  24. Root ORAM: Updated mapping 20

  25. Root ORAM: Updated mapping Key Insight • Uniform mapping ⇒ Conventional Security • Non-uniform mapping ⇒ DP-ORAM Security 21

  26. Root ORAM: Updated mapping Key Insight • Uniform mapping ⇒ Conventional Security • Non-uniform mapping ⇒ DP-ORAM Security 22

  27. Root ORAM: Updated mapping 23

  28. Root ORAM: Non-Uniform mapping Impact • Lower average placement ⇒ Improved performance • Privacy loss 24

  29. Root ORAM: Write back 25

  30. Root ORAM: Lowest Common Intersection 26

  31. Root ORAM: Lowest Common Intersection 27

  32. Root ORAM: Lowest Common Intersection 28

  33. Database view before access 29

  34. Database view after access 30

  35. Results

  36. Security Result: Root ORAM is DP-ORAM Differentially Private ORAM Protocol The Root ORAM protocol with parameters k , p is ( ǫ, δ ) -differentially private for the following choice of ǫ and δ � 1 + (2 k − 1) · p � ǫ = 2 log 1 − (1 − δ k 0 ) p (1) � M � 1 + (2 k − 1) · p δ = M · N where δ k 0 is the Kronecker delta, M is the size of the access sequence and M > total stash size. 31

  37. Performance Improvements Improvement in stash usage for ( L , k , Z ) = (15 , 1 , 4) 32

  38. Performance Improvements Key takeaway DP-ORAM can enhance performance at the cost of privacy Improvement in stash usage for ( L , k , Z ) = (15 , 1 , 4) 33

  39. Application: Private Information Retrieval

  40. Private Information Retrieval (PIR) Access data privately from public database. [46] Mittal, Prateek, Femi G. Olumofin, Carmela Troncoso, Nikita Borisov, and Ian Goldberg. ”PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval.” In USENIX Security Symposium , p. 31. 2011. 34

  41. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 35

  42. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 35

  43. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 36

  44. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 37

  45. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 38

  46. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 39

  47. ORAM based PIR • ORAM has been used previously for PIR [7, 59] [7] Michael Backes, Aniket Kate, Matteo Maffei, and Kim Pecina. ObliviAd: Provably secure and practical online behavioral advertising. In IEEE Symposium on Security and Privacy (S&P) , 2012. [59] Peter Williams and Radu Sion. Usable PIR. In Symposium on Network and Distributed System Security (NDSS) , 2008. 40

  48. DP-PIR Bandwidth Comparison Security-Bandwidth trade-offs for DP-PIR protocols (Toledo et.al. [54], Path-PIR [42], and Path ORAM [53]). 41

  49. DP-PIR Bandwidth Comparison DP-ORAMs provide significant performance benefits for DP-PIR Security-Bandwidth trade-offs for DP-PIR protocols (Toledo et.al. [54], Path-PIR [42], and Path ORAM [53]). 42

  50. Conclusion

  51. Summary • Formalized Differentially Private ORAMs • Introduced a family of DP-ORAM protocols • Analyzed security, performance • Showcased utility for Private Information Retrieval 43

  52. Summary • Formalized Differentially Private ORAMs • Introduced a family of DP-ORAM protocols • Analyzed security, performance • Showcased utility for Private Information Retrieval • Possible to enhance performance by relaxing privacy 43

  53. Summary • Formalized Differentially Private ORAMs • Introduced a family of DP-ORAM protocols • Analyzed security, performance • Showcased utility for Private Information Retrieval • Possible to enhance performance by relaxing privacy Source code is available at https://github.com/inspire-group/Root-ORAM 43

  54. Thank you! 43

  55. Thank you! Questions? 43

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Estimating the Variance of Complex Differentially Private Algorithms Robert Ashmead JSM 2019,

Estimating the Variance of Complex Differentially Private Algorithms Robert Ashmead JSM 2019,

Estimating the Variance of Complex Differentially Private Algorithms Robert Ashmead JSM 2019, Denver, Colorado Collaborators John Abowd, Philip Leclerc, and William Sexton of the U.S. Census Bureau and the entire team working on differentially

314 views • 30 slides
Verifying Differentially Private Bayesian Inference Marco Gaboardi University of Dundee Joint

Verifying Differentially Private Bayesian Inference Marco Gaboardi University of Dundee Joint

Verifying Differentially Private Bayesian Inference Marco Gaboardi University of Dundee Joint work with G. Barthe, G.P . Farina, E.J. Gallego Arias, A.Gordon, Differentially Private vs Probabilistic Inference Differential Probabilistic

1.06k views • 102 slides
Development, Evaluation, and Management of Differentially Private ML Pipelines on

Development, Evaluation, and Management of Differentially Private ML Pipelines on

Development, Evaluation, and Management of Differentially Private ML Pipelines on MyChosenDataset Assignment XX Name 1 (UNI 1), Name 2 (UNI 2) Name 1, Name 2 1 Overview Brief summary of your completed assignments and main results.

193 views • 8 slides
Differentially-Private Federated Linear Bandits Introduction Federated Learning Contextual

Differentially-Private Federated Linear Bandits Introduction Federated Learning Contextual

Differentially- Private Federated Linear Bandits Dubey and Pentland June 2020 Differentially-Private Federated Linear Bandits Introduction Federated Learning Contextual Bandits Summary Background Abhimanyu Dubey and Alex Pentland

437 views • 20 slides
Differentially-Private Deep Learning from an Optimization Perspective Presenter: Liyao Xiang

Differentially-Private Deep Learning from an Optimization Perspective Presenter: Liyao Xiang

Differentially-Private Deep Learning from an Optimization Perspective Presenter: Liyao Xiang Shanghai Jiao Tong University 4/30/2019 Privacy Threat Personal information in big data era Is anonymization sufficient to protect user

463 views • 18 slides
Differentially Private Model Publishing for Deep Learning Lei Yu, Ling Liu, Calton Pu , Mehmet

Differentially Private Model Publishing for Deep Learning Lei Yu, Ling Liu, Calton Pu , Mehmet

Differentially Private Model Publishing for Deep Learning Lei Yu, Ling Liu, Calton Pu , Mehmet Emre Gursoy, Stacey Truex School of Computer Science, College of Computing Georgia Institute of Technology This work is partially sponsored by NSF

594 views • 30 slides
Differentially Private Algorithm and Auction Configuration Ellen Vitercik CMU, Theory Lunch

Differentially Private Algorithm and Auction Configuration Ellen Vitercik CMU, Theory Lunch

Differentially Private Algorithm and Auction Configuration Ellen Vitercik CMU, Theory Lunch October 11, 2017 Joint work with Nina Balcan and Travis Dick $1 Prices learned from purchase histories can reveal information about individual

949 views • 79 slides
Differentially Private Distributed Convex Optimization via Functional Perturbation Erfan Nozari

Differentially Private Distributed Convex Optimization via Functional Perturbation Erfan Nozari

Differentially Private Distributed Convex Optimization via Functional Perturbation Erfan Nozari Department of Mechanical and Aerospace Engineering University of California, San Diego http://carmenere.ucsd.edu/erfan July 6, 2016 Joint work with

826 views • 63 slides
Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con

Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con

Lo Locally Differentially Private Frequency Es Esti timati tion on Ex Exploi oiti ting Con Consi sistency Tianhao Wang Purdue University Joint work with Milan Lopuha-Zwakenberg, Zitao Li, Boris Skoric, Ninghui Li 1 Privacy in

336 views • 14 slides
Releasing a Differentially Private Password Frequency Corpus from 70 Million Yahoo! Passwords

Releasing a Differentially Private Password Frequency Corpus from 70 Million Yahoo! Passwords

Releasing a Differentially Private Password Frequency Corpus from 70 Million Yahoo! Passwords Jeremiah Blocki Purdue University DIMACS/Northeast Big Data Hub Workshop on Overcoming Barriers to Data Sharing including Privacy and Fairness What

915 views • 52 slides
Differentially Private Recommender Systems David Madras University of Toronto April 4, 2017

Differentially Private Recommender Systems David Madras University of Toronto April 4, 2017

Differentially Private Recommender Systems David Madras University of Toronto April 4, 2017 David Madras (University of Toronto) DP Recommender Systems April 4, 2017 1 / 24 Introduction Today Ill be discussing Differentially Private

505 views • 24 slides
Differentially Private Markov Chain Monte Carlo o 2 , Onur Dikmen 3 and Antti Honkela 1 a 1

Differentially Private Markov Chain Monte Carlo o 2 , Onur Dikmen 3 and Antti Honkela 1 a 1

Differentially Private Markov Chain Monte Carlo o 2 , Onur Dikmen 3 and Antti Honkela 1 a 1 , Joonas J Mikko Heikkil alk Equal contribution 1 University of Helsinki 2 Aalto University 3 Halmstad University NeurIPS, 12 December

497 views • 11 slides
Towards Practical Differentially Private Convex Optimization ROGER JOSEPH P. DAWN SONG IYENGAR

Towards Practical Differentially Private Convex Optimization ROGER JOSEPH P. DAWN SONG IYENGAR

Towards Practical Differentially Private Convex Optimization ROGER JOSEPH P. DAWN SONG IYENGAR NEAR UNIVERSITY OF CARNEGIE MELLON UNIVERSITY OF CALIFORNIA, BERKELEY UNIVERSITY VERMONT OM THAKKAR ABHRADEEP LUN WANG THAKURTA BOSTON

693 views • 20 slides
A Predictive Differentially-Private Mechanism for Mobility Traces Marco Stronati

A Predictive Differentially-Private Mechanism for Mobility Traces Marco Stronati

A Predictive Differentially-Private Mechanism for Mobility Traces Marco Stronati marco@stronati.org joint work with K. Chatzikokolakis and C. Palamidessi marco@stronati.org (PETS14) Predictive Mechanism July 2014 1 / 18 Location Based

312 views • 30 slides
Formal Verification of Differentially Private Mechanisms Marco Gaboardi University at Buffalo,

Formal Verification of Differentially Private Mechanisms Marco Gaboardi University at Buffalo,

Formal Verification of Differentially Private Mechanisms Marco Gaboardi University at Buffalo, SUNY Goal of formal verification: building programs that are correct. Why correctness matters? Why correctness matters? An example: DARPA HACMS

448 views • 40 slides
Differentially-Private Network Trace Analysis Frank McSherry and Ratul Mahajan Microsoft

Differentially-Private Network Trace Analysis Frank McSherry and Ratul Mahajan Microsoft

Differentially-Private Network Trace Analysis Frank McSherry and Ratul Mahajan Microsoft Research Overview . 1 Overview Question : Is it possible to conduct network trace analyses in a way that provides strict formal differential

496 views • 20 slides
Informatics 1: Data & Analysis Lecture 16: Vector Spaces for Information Retrieval Ian Stark

Informatics 1: Data & Analysis Lecture 16: Vector Spaces for Information Retrieval Ian Stark

Informatics 1: Data & Analysis Lecture 16: Vector Spaces for Information Retrieval Ian Stark School of Informatics The University of Edinburgh Tuesday 19 March 2013 Semester 2 Week 9 N I V E U R S E I H T T Y O H F G R E

544 views • 20 slides
Information Retrieval CS276: Information Retrieval and Web Search Pandu Nayak and Prabhakar

Information Retrieval CS276: Information Retrieval and Web Search Pandu Nayak and Prabhakar

Introduction to Information Retrieval Introduction to Information Retrieval CS276: Information Retrieval and Web Search Pandu Nayak and Prabhakar Raghavan Lecture 4: Index Construction Introduction to Information Retrieval Plan Last

611 views • 49 slides
Introduction to NLP Diyi Yang Some slides borrowed from Yulia Tsvetkov at CMU and Noah Smith at

Introduction to NLP Diyi Yang Some slides borrowed from Yulia Tsvetkov at CMU and Noah Smith at

CS 4650/7650: Natural Language Processing Introduction to NLP Diyi Yang Some slides borrowed from Yulia Tsvetkov at CMU and Noah Smith at UW 1 Welcome! 2 Course Website https://www.cc.gatech.edu/classes/AY2020/cs7650_spring 3

973 views • 69 slides
TALP at GeoCLEF 2007: Using Terrier with Geographical Knowledge Filtering Daniel Ferr es and

TALP at GeoCLEF 2007: Using Terrier with Geographical Knowledge Filtering Daniel Ferr es and

TALPGeoIR Daniel Ferr es TALP at GeoCLEF 2007: Using Terrier with Geographical Knowledge Filtering Daniel Ferr es and Horacio Rodr guez TALP Research Center Universitat Polit` ecnica de Catalunya CLEF 2007, 21 September, Budapest,

872 views • 17 slides
Attentive Moment Retrieval in Videos Meng Liu 1 , Xiang Wang 2 , Liqiang Nie 1 , Xiangnan He 2 ,

Attentive Moment Retrieval in Videos Meng Liu 1 , Xiang Wang 2 , Liqiang Nie 1 , Xiangnan He 2 ,

Attentive Moment Retrieval in Videos Meng Liu 1 , Xiang Wang 2 , Liqiang Nie 1 , Xiangnan He 2 , Baoquan Chen 1 , and Tat-Seng Chua 2 1 Shandong University, China 2 National University of Singapore, Singapore Pipeline Background Learning

732 views • 23 slides
Deep Quantization Network for Efficient Image Retrieval . . . Yue Cao, Mingsheng Long, Jianmin

Deep Quantization Network for Efficient Image Retrieval . . . Yue Cao, Mingsheng Long, Jianmin

. Deep Quantization Network for Efficient Image Retrieval . . . Yue Cao, Mingsheng Long, Jianmin Wang, Han Zhu, and Qingfu Wen School of Software Tsinghua University The Thirtieth AAAI Conference on Artificial Intelligence, 2016 . . . .

448 views • 18 slides
Image organization, annotation, Image organization, annotation, and retrieval from a human- -

Image organization, annotation, Image organization, annotation, and retrieval from a human- -

Image organization, annotation, Image organization, annotation, and retrieval from a human- - and retrieval from a human centered perspective centered perspective Dr. Oge Marques Associate Professor Computer Science and Engineering Florida

399 views • 27 slides
Current Status of NOAA IASI and CrIS/ATMS retrieval algorithm Antonia Gambacorta (1), Kexin Zhang

Current Status of NOAA IASI and CrIS/ATMS retrieval algorithm Antonia Gambacorta (1), Kexin Zhang

Current Status of NOAA IASI and CrIS/ATMS retrieval algorithm Antonia Gambacorta (1), Kexin Zhang (1) , Tom King (1) , Eric Maddy (1) , Haibing Sun (1) , Chris Barnet (2), Walter Wolf (2), Mitch Goldberg (2) (1) NOAA/NESDIS/STAR DELL (2)

476 views • 24 slides

More recommend