Private Two-Terminal Hypothesis Testing Varun Narayanan TIFR, - - PowerPoint PPT Presentation

private two terminal hypothesis testing
SMART_READER_LITE
LIVE PREVIEW

Private Two-Terminal Hypothesis Testing Varun Narayanan TIFR, - - PowerPoint PPT Presentation

Jun 20, 2023 302 likes •639 views

Private Two-Terminal Hypothesis Testing Varun Narayanan TIFR, Mumbai Joint work with Manoj Mishra (NISER, Bhubaneswar), Vinod Prabhakaran (TIFR, Mumbai) ISIT 2020 Two-Terminal Hypothesis Testing X Y Alice Bob H A H B H = 0 : ( X ,

slide-1
SLIDE 1

Private Two-Terminal Hypothesis Testing

Varun Narayanan

TIFR, Mumbai

Joint work with Manoj Mishra (NISER, Bhubaneswar), Vinod Prabhakaran (TIFR, Mumbai) ISIT 2020

slide-2
SLIDE 2

Two-Terminal Hypothesis Testing

Alice Bob X Y ˆ HA ˆ HB H = 0 : (X, Y ) ∼ P0

XY

H = 1 : (X, Y ) ∼ P1

XY

slide-3
SLIDE 3

Two-Terminal Hypothesis Testing

Alice Bob X Y ˆ HA ˆ HB H = 0 : (X, Y ) ∼ P0

XY

H = 1 : (X, Y ) ∼ P1

XY

slide-4
SLIDE 4

Privacy

Motivated by the notion of security in multi-party function computation from cryptography Privacy is against an honest-but-curious user Emulates an ideal setting where users learn only their inputs and true hypothesis

slide-5
SLIDE 5

Alice Bob H = 0 x y

slide-6
SLIDE 6

Alice Bob H = 0 x y Ideal Setting Alice learns

Input : x True hypothesis : H = 0

Alice’s knowledge of Bob’s input p(y|X = x, H = 0)

slide-7
SLIDE 7

Alice Bob H = 0 x y Ideal Setting Alice learns

Input : x True hypothesis : H = 0

Alice’s knowledge of Bob’s input p(y|X = x, H = 0) Real Setting Alice learns

Input : x True hypothesis : H = 0 Alice’s ‘view’ : VA = v A

Alice’s knowledge... p(y|X = x, H = 0, VA = vA)

slide-8
SLIDE 8

Alice Bob H = 0 x y Ideal Setting Alice learns

Input : x True hypothesis : H = 0

Alice’s knowledge of Bob’s input p(y|X = x, H = 0) Real Setting Alice learns

Input : x True hypothesis : H = 0 Alice’s ‘view’ : VA = v A

Alice’s knowledge... p(y|X = x, H = 0, VA = vA) δ-privacy against Alice: Pr

  • p(y|x, H = 0, VA) − p(y|x, H = 0)
  • TV ≥ δ
  • x, H = 0
  • ≤ δ
slide-9
SLIDE 9

(ǫ, δ)-Private Two-Terminal Hypothesis Testing

Alice Bob X Y ˆ HA ˆ HB

slide-10
SLIDE 10

(ǫ, δ)-Private Two-Terminal Hypothesis Testing

Alice Bob X Y ˆ HA ˆ HB ǫ-Correctness @Alice: For θ ∈ {0, 1}, Pr

  • ˆ

HA = θ|H = θ

  • ≤ ǫ

δ-Privacy @Alice: For θ ∈ {0, 1} and all x such that Pθ

X(x) > 0,

Pr

  • p(y|x, H = θ, VA) − p(y|x, H = θ)
  • TV ≥ δ
  • x, H = θ
  • ≤ δ
slide-11
SLIDE 11

Related Work

Hypothesis testing: Pearson, 1900; Fisher, 1925; Neyman and Pearson, 1933 Multi-terminal hypothesis testing: Ahlswede and Csizar, 1986; Han, 1987; Tsitsiklis, 1993; Han and Amari, 1998 Recently: Xiang and Kim, ‘12, ‘13; Rahman and Wagner, ‘12; Zhang et. al., ‘13; Sreekumar and Gunduz, ‘17; Salehkalaibar et. al., ‘18; Han et. al., ‘18; Diakonikolas et. al., ‘19 Privacy in multi-terminal detection: Duchi et. al., ‘13; Sheffet, ‘18; Acharya et. al., ‘19 Privacy in two-terminal detection: Sreekumar et. al., ‘18; Andoni et. al., ‘18; Gilani et. al, ‘19

slide-12
SLIDE 12

Can we drive both correctness and privacy error to zero simultaneously using more and more samples?

slide-13
SLIDE 13

Theorem 1 ( 1

12, 1 12)-private multi-terminal independence testing is impossible

using private/common randomness and error-free communication

slide-14
SLIDE 14

Theorem 1 ( 1

12, 1 12)-private multi-terminal independence testing is impossible

using private/common randomness and error-free communication Alice Bob X Y ˆ HA ˆ HB H = 0 : X | = Y H = 1 : X = Y

slide-15
SLIDE 15

Theorem 1 ( 1

12, 1 12)-private multi-terminal independence testing is impossible

using private/common randomness and error-free communication Alice Bob X Y ˆ HA ˆ HB H = 0 : X | = Y H = 1 : X = Y Private Distributed Independence Testing = ⇒ Statistically secure computation of AND (impossible)

slide-16
SLIDE 16

Using Correlations...

Alice Bob X Y ˆ HA ˆ HB (R, S) ∼ Φ (R, S) | = (X, Y ) R S When Φ is any non-trivial correlation*, Correctness and privacy error can be made arbitrarily small using more and more samples In fact, we characterize the optimal correctness-privacy error exponent

[*] correlations that do not ‘seperate’ into common and private components

slide-17
SLIDE 17

Correctness-Privacy Error Exponent

A sequence of (n, ǫn, δn)-private hypothesis testing protocols 1 achieve correctness-privacy error exponent (α, β) if: lim sup

n→∞ −1

n log ǫn ≥ α and lim sup

n→∞ −1

n log δn ≥ β

1(n, ǫn, δn)-private protocol uses n samples, and is (ǫ, δ)-private

slide-18
SLIDE 18

Correctness-Privacy Error Exponent

A sequence of (n, ǫn, δn)-private hypothesis testing protocols 1 achieve correctness-privacy error exponent (α, β) if: lim sup

n→∞ −1

n log ǫn ≥ α and lim sup

n→∞ −1

n log δn ≥ β We characterize the correctness-privacy error exponent region of private testing

1(n, ǫn, δn)-private protocol uses n samples, and is (ǫ, δ)-private

slide-19
SLIDE 19

Theorem 2 Private detection with correctness-privacy error exponent (α, β) is possible @Alice if and only if there exist no QXY such that one of the following is satisfied:

1 D(QXY P0 XY ) ≤ α and D(QXY P1 XY ) ≤ α 2 D(QX Pθ X) ≤ α and D(QY |X Pθ Y |X) ≤ β for θ = 0, 1 3 D(QXY Pθ XY ) ≤ α, D(QX P1−θ X

) ≤ α, and D(QY |X P1−θ

Y |X) ≤ β for θ = 0 or 1

slide-20
SLIDE 20

Tradeoff between Privacy and Correctness

0.1 0.2 0.3 0.4 0.5 0.6 α 0.1 0.2 0.3 0.4 0.5 0.6 0.7 β

H = 0 H = 1 X = 0 X = 1 X = 0 X = 1 Y = 0

1 3 1 3

Y = 0

2 3

Y = 1

1 3

Y = 1

1 3

slide-21
SLIDE 21

Overview of the Proof

Reduce the problem to secure computation of decision function Find the optimal decision function

slide-22
SLIDE 22

Secure Multi-Party Computation (MPC)

Alice Bob X Y fA(X, Y ) fB(X, Y ) (R, S) ∼ Φ (R, S) | = (X, Y ) R S Privacy: Y ↔ (X, fA(X, Y )) ↔ ViewA X ↔ (Y , fB(X, Y )) ↔ ViewB Any functions can be computed securely using any non-trivial correlation Φ

slide-23
SLIDE 23

Simplyifying (ǫ, δ)-Private Detection using MPC

Alice Bob x y fA(x, y) fB(x, y) (R, S) ∼ Φ (R, S) | = (X, Y ) R S Pr

  • p(y|x, θ, VA) − p(y|x, θ)
  • TV ≥ δ
  • x, θ
  • ≤ δ

⇔ Pr

  • p(y|x, θ, fA(x, Y )) − p(y|x, θ)
  • TV ≥ δ
  • x, θ
  • ≤ δ
slide-24
SLIDE 24

Error exponent (α, β) is not achievable @Alice if: Scenario 1 P0

XY

P1

XY

QXY

α α

∃QXY : D(QXY P0

XY ) ≤ α and D(QXY P1 XY ) ≤ α

slide-25
SLIDE 25

Error exponent (α, β) is not achievable @Alice if: Scenario 2 P0

XY

P1

XY

QXP1

Y |X

QXP0

Y |X

QXY

α α β β

D(QX Pθ

X) ≤ α and D(QY |X Pθ Y |X) ≤ α for θ = 0, 1

slide-26
SLIDE 26

Error exponent (α, β) is not achievable @Alice if: Scenario 3 P0

XY

P1

XY

QXP1

Y |X

QXY

α α β

D(QXY Pθ

XY ) ≤ α, D(QX P1−θ X

) ≤ α and D(QY |X P1−θ

Y |X) ≤ α for θ = 0 or 1

slide-27
SLIDE 27

Optimal Decision Functions for Alice

For sample size n, when the type of input (xn, yn) is QXY : P0

XY

P1

XY

QXP0

Y |X

QXP1

Y |X α α

  • utput H = 0
slide-28
SLIDE 28

Optimal Decision Functions for Alice

For sample size n, when the type of input (xn, yn) is QXY : P0

XY

P1

XY

QXP1

Y |X

QXY

α α

  • utput H = 1
slide-29
SLIDE 29

Optimal Decision Functions for Alice

For sample size n, when the type of input (xn, yn) is QXY : P0

XY

P1

XY

QXP1

Y |X

QXP0

Y |X α α

  • utput H = 0
slide-30
SLIDE 30

Optimal Decision Functions for Alice

For sample size n, when the type of input (xn, yn) is QXY : P0

XY

P1

XY

QXP1

Y |X

QXP0

Y |X

QXY

α α β

  • utput H = 0
slide-31
SLIDE 31

Optimal Decision Functions for Alice

For sample size n, when the type of input (xn, yn) is QXY : P0

XY

P1

XY

QXP1

Y |X

QXP0

Y |X

QXY

α α β

  • utput H = 1
slide-32
SLIDE 32

Conclusion

An intuitive notion of privacy for distributed testing Generally impossible using only private/common randomness and noise free communication Feasible when users share non-trivial correlations (or channels with non-trivial noise) The correctness-privacy error exponent can be characterized