Document Open Access Logo

Differential Privacy on Trust Graphs

Authors Badih Ghazi , Ravi Kumar , Pasin Manurangsi , Serena Wang

PDF

File

Thumbnail PDF
PDF
LIPIcs.ITCS.2025.53.pdf
  • Filesize: 0.92 MB
  • 23 pages

Document Identifiers

Related Versions

Subject Classification

ACM Subject Classification
  • Security and privacy → Information-theoretic techniques
  • Security and privacy → Trust frameworks
  • Theory of computation → Computational complexity and cryptography
  • Theory of computation → Theory of database privacy and security
Keywords
  • Differential privacy
  • trust graphs
  • minimum dominating set
  • packing number

Metrics

  • Access Statistics
  • Total Accesses (updated on a weekly basis)
    0
    PDF Downloads
    0
    Metadata Views

Abstract

We study differential privacy (DP) in a multi-party setting where each party only trusts a (known) subset of the other parties with its data. Specifically, given a trust graph where vertices correspond to parties and neighbors are mutually trusting, we give a DP algorithm for aggregation with a much better privacy-utility trade-off than in the well-studied local model of DP (where each party trusts no other party). We further study a robust variant where each party trusts all but an unknown subset of at most t of its neighbors (where t is a given parameter), and give an algorithm for this setting. We complement our algorithms with lower bounds, and discuss implications of our work to other tasks in private learning and analytics.

Cite As Get BibTex

Badih Ghazi, Ravi Kumar, Pasin Manurangsi, and Serena Wang. Differential Privacy on Trust Graphs. In 16th Innovations in Theoretical Computer Science Conference (ITCS 2025). Leibniz International Proceedings in Informatics (LIPIcs), Volume 325, pp. 53:1-53:23, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2025) https://doi.org/10.4230/LIPIcs.ITCS.2025.53

Author Details

Badih Ghazi
  • Google Research, Mountain View, CA, USA
Ravi Kumar
  • Google Research, Mountain View, CA, USA
Pasin Manurangsi
  • Google Research, Bangkok, Thailand
Serena Wang
  • Google Research, Mountain View, CA, USA
  • Harvard University, Cambridge, MA, USA

References

  1. Martín Abadi, Andy Chu, Ian J. Goodfellow, H. Brendan McMahan, Ilya Mironov, Kunal Talwar, and Li Zhang. Deep learning with differential privacy. In CCS, pages 308-318, 2016. URL: https://doi.org/10.1145/2976749.2978318.
  2. John M Abowd. The US Census Bureau adopts differential privacy. In KDD, pages 2867-2867, 2018. Google Scholar
  3. Akshay Agrawal, Robin Verschueren, Steven Diamond, and Stephen Boyd. A rewriting system for convex optimization problems. Journal of Control and Decision, 5(1):42-60, 2018. URL: https://doi.org/10.1080/23307706.2017.1397554.
  4. Hilal Asi, Vitaly Feldman, and Kunal Talwar. Optimal algorithms for mean estimation under local differential privacy. In ICML, pages 1046-1056, 2022. URL: https://proceedings.mlr.press/v162/asi22b.html.
  5. Borja Balle, James Bell, Adrià Gascón, and Kobbi Nissim. The privacy blanket of the shuffle model. In CRYPTO, pages 638-667, 2019. URL: https://doi.org/10.1007/978-3-030-26951-7_22.
  6. Borja Balle, James Bell, Adrià Gascón, and Kobbi Nissim. Private summation in the multi-message shuffle model. In CCS, pages 657-676, 2020. URL: https://doi.org/10.1145/3372297.3417242.
  7. Raef Bassily, Adam D. Smith, and Abhradeep Thakurta. Private empirical risk minimization: Efficient algorithms and tight error bounds. In FOCS, pages 464-473, 2014. URL: https://doi.org/10.1109/FOCS.2014.56.
  8. Amos Beimel, Kobbi Nissim, and Eran Omri. Distributed private data analysis: Simultaneously solving how and what. In CRYPTO, pages 451-468, 2008. URL: https://doi.org/10.1007/978-3-540-85174-5_25.
  9. James Henry Bell, Kallista A Bonawitz, Adrià Gascón, Tancrède Lepoint, and Mariana Raykova. Secure single-server aggregation with (poly) logarithmic overhead. In CCS, pages 1253-1269, 2020. URL: https://doi.org/10.1145/3372297.3417885.
  10. Andrea Bittau, Úlfar Erlingsson, Petros Maniatis, Ilya Mironov, Ananth Raghunathan, David Lie, Mitch Rudominer, Ushasree Kode, Julien Tinnés, and Bernhard Seefeld. Prochlo: Strong privacy for analytics in the crowd. In SOSP, pages 441-459, 2017. URL: https://doi.org/10.1145/3132747.3132769.
  11. Keith Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth. Practical secure aggregation for privacy-preserving machine learning. In CCS, pages 1175-1191, 2017. Google Scholar
  12. Sébastien Bubeck. Convex optimization: Algorithms and complexity. Found. Trends Mach. Learn., 8(3-4):231-357, 2015. URL: https://doi.org/10.1561/2200000050.
  13. Mark Bun and Thomas Steinke. Concentrated differential privacy: Simplifications, extensions, and lower bounds. In TCC, pages 635-658, 2016. URL: https://doi.org/10.1007/978-3-662-53641-4_24.
  14. Alewyn P. Burger, Michael A. Henning, and Jan H. van Vuuren. On the ratios between packing and domination parameters of a graph. Discrete Mathematics, 309:2473-2478, 2009. URL: https://doi.org/10.1016/J.DISC.2008.05.030.
  15. T.-H. Hubert Chan, Elaine Shi, and Dawn Song. Optimal lower bound for differentially private multi-party aggregation. In ESA, pages 277-288, 2012. URL: https://doi.org/10.1007/978-3-642-33090-2_25.
  16. Albert Cheu, Adam D. Smith, Jonathan Ullman, David Zeber, and Maxim Zhilyaev. Distributed differential privacy via shuffling. In EUROCRYPT, pages 375-403, 2019. URL: https://doi.org/10.1007/978-3-030-17653-2_13.
  17. Albert Cheu and Chao Yan. Necessary conditions in multi-server differential privacy. In ITCS, 2023. Google Scholar
  18. Edwige Cyffers and Aurélien Bellet. Privacy amplification by decentralization. In AISTATS, pages 5334-5353, 2022. URL: https://proceedings.mlr.press/v151/cyffers22a.html.
  19. Steven Diamond and Stephen Boyd. CVXPY: A Python-embedded modeling language for convex optimization. JMLR, 17(83):1-5, 2016. URL: https://jmlr.org/papers/v17/15-408.html.
  20. Bolin Ding, Janardhan Kulkarni, and Sergey Yekhanin. Collecting telemetry data privately. NIPS, 30, 2017. Google Scholar
  21. Cynthia Dwork, Krishnaram Kenthapadi, Frank McSherry, Ilya Mironov, and Moni Naor. Our data, ourselves: Privacy via distributed noise generation. In EUROCRYPT, pages 486-503, 2006. URL: https://doi.org/10.1007/11761679_29.
  22. Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam D. Smith. Calibrating noise to sensitivity in private data analysis. In TCC, pages 265-284, 2006. URL: https://doi.org/10.1007/11681878_14.
  23. Cynthia Dwork, Aaron Roth, et al. The algorithmic foundations of differential privacy. Foundations and Trendsregistered in Theoretical Computer Science, 9(3-4):211-407, 2014. URL: https://doi.org/10.1561/0400000042.
  24. Cynthia Dwork and Guy N. Rothblum. Concentrated differential privacy. CoRR, abs/1603.01887, 2016. URL: https://arxiv.org/abs/1603.01887.
  25. Úlfar Erlingsson, Vitaly Feldman, Ilya Mironov, Ananth Raghunathan, Kunal Talwar, and Abhradeep Thakurta. Amplification by shuffling: From local to central differential privacy via anonymity. In SODA, pages 2468-2479, 2019. URL: https://doi.org/10.1137/1.9781611975482.151.
  26. Alexandre Evfimievski, Johannes Gehrke, and Ramakrishnan Srikant. Limiting privacy breaches in privacy preserving data mining. In PODS, pages 211-222, 2003. URL: https://doi.org/10.1145/773153.773174.
  27. Uriel Feige. A threshold of ln n for approximating set cover. JACM, 45(4):634-652, 1998. URL: https://doi.org/10.1145/285055.285059.
  28. Vitaly Feldman. Dealing with range anxiety in mean estimation via statistical queries. In ALT, pages 629-640, 2017. URL: http://proceedings.mlr.press/v76/feldman17b.html.
  29. Vitaly Feldman, Cristóbal Guzmán, and Santosh S. Vempala. Statistical query algorithms for mean vector estimation and stochastic convex optimization. In SODA, pages 1265-1277, 2017. URL: https://doi.org/10.1137/1.9781611974782.82.
  30. Badih Ghazi, Ravi Kumar, Pasin Manurangsi, and Rasmus Pagh. Private counting from anonymous messages: Near-optimal accuracy with vanishing communication overhead. In ICML, pages 3505-3514, 2020. URL: http://proceedings.mlr.press/v119/ghazi20a.html.
  31. Badih Ghazi, Ravi Kumar, Pasin Manurangsi, Rasmus Pagh, and Amer Sinha. Differentially private aggregation in the shuffle model: Almost central accuracy in almost a single message. In ICML, pages 3692-3701, 2021. URL: http://proceedings.mlr.press/v139/ghazi21a.html.
  32. Badih Ghazi, Pasin Manurangsi, Rasmus Pagh, and Ameya Velingker. Private aggregation from fewer anonymous messages. In EUROCRYPT, pages 798-827, 2020. URL: https://doi.org/10.1007/978-3-030-45724-2_27.
  33. Arpita Ghosh, Tim Roughgarden, and Mukund Sundararajan. Universally utility-maximizing privacy mechanisms. SICOMP, 41(6):1673-1693, 2012. URL: https://doi.org/10.1137/09076828X.
  34. Oded Goldreich, Silvio Micali, and Avi Wigderson. How to play any mental game, or a completeness theorem for protocols with honest majority. In Providing Sound Foundations for Cryptography: On the Work of Shafi Goldwasser and Silvio Micali, pages 307-328. Association for Computing Machinery, 2019. URL: https://doi.org/10.1145/3335741.3335755.
  35. Magnús M. Halldórsson, Jan Kratochvíl, and Jan Arne Telle. Independent sets with domination constraints. Discret. Appl. Math., 99(1-3):39-54, 2000. URL: https://doi.org/10.1016/S0166-218X(99)00124-9.
  36. Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai. Cryptography from anonymity. In FOCS, pages 239-248, 2006. URL: https://doi.org/10.1109/FOCS.2006.25.
  37. Shiva Prasad Kasiviswanathan, Homin K Lee, Kobbi Nissim, Sofya Raskhodnikova, and Adam Smith. What can we learn privately? SICOMP, 40(3):793-826, 2011. URL: https://doi.org/10.1137/090756090.
  38. Michael J. Kearns. Efficient noise-tolerant learning from statistical queries. JACM, 45(6):983-1006, 1998. URL: https://doi.org/10.1145/293347.293351.
  39. Bryan Klimt and Yiming Yang. The Enron corpus: A new dataset for email classification research. In ECML, pages 217-226, 2004. URL: https://doi.org/10.1007/978-3-540-30115-8_22.
  40. Srijan Kumar, Bryan Hooi, Disha Makhija, Mohit Kumar, Christos Faloutsos, and VS Subrahmanian. Rev2: Fraudulent user prediction in rating platforms. In WSDM, pages 333-341, 2018. Google Scholar
  41. Srijan Kumar, Francesca Spezzano, VS Subrahmanian, and Christos Faloutsos. Edge weight prediction in weighted signed networks. In ICDM, pages 221-230, 2016. Google Scholar
  42. Jure Leskovec, Jon Kleinberg, and Christos Faloutsos. Graph evolution: Densification and shrinking diameters. TKDD, 1(1), 2007. URL: https://doi.org/10.1145/1217299.1217301.
  43. Jure Leskovec and Andrej Krevl. SNAP Datasets: Stanford large network dataset collection. http://snap.stanford.edu/data, June 2014.
  44. Jure Leskovec and Julian Mcauley. Learning to discover social circles in ego networks. NIPS, 25, 2012. Google Scholar
  45. László Lovász. On the ratio of optimal integral and fractional covers. Discret. Math., 13(4):383-390, 1975. URL: https://doi.org/10.1016/0012-365X(75)90058-8.
  46. Carey Radebaugh and Ulfar Erlingsson. Introducing TensorFlow Privacy: Learning with Differential Privacy for Training Data, March 2019. URL: blog.tensorflow.org.
  47. Matthew Richardson, Rakesh Agrawal, and Pedro Domingos. Trust management for the semantic web. In ISWC, pages 351-368, 2003. URL: https://doi.org/10.1007/978-3-540-39718-2_23.
  48. Benedek Rozemberczki, Carl Allen, and Rik Sarkar. Multi-scale attributed node embedding. CoRR, abs/1909.13021, 2019. URL: https://arxiv.org/abs/1909.13021.
  49. Daniel J Solove. Conceptualizing privacy. Calif. L. Rev., 90:1087, 2002. Google Scholar
  50. Thomas Steinke. Multi-central differential privacy. CoRR, abs/2009.05401, 2020. URL: https://arxiv.org/abs/2009.05401.
  51. Davide Testuggine and Ilya Mironov. PyTorch Differential Privacy Series Part 1: DP-SGD Algorithm Explained, August 2020. URL: medium.com.
  52. Salil Vadhan. The complexity of differential privacy. Tutorials on the Foundations of Cryptography: Dedicated to Oded Goldreich, pages 347-450, 2017. URL: https://doi.org/10.1007/978-3-319-57048-8_7.
  53. Stanley L Warner. Randomized response: A survey technique for eliminating evasive answer bias. JASA, 60(309):63-69, 1965. Google Scholar
  54. David P. Williamson and David B. Shmoys. The Design of Approximation Algorithms. Cambridge University Press, 2011. Google Scholar
  55. Andrew C-C Yao. Protocols for secure computations. In FOCS, pages 160-164, 1982. Google Scholar
  56. Andrew C-C Yao. How to generate and exchange secrets. In FOCS, pages 162-167, 1986. Google Scholar
Questions / Remarks / Feedback
X

Feedback for Dagstuhl Publishing


Thanks for your feedback!

Feedback submitted

Could not send message

Please try again later or send an E-mail
© 2023-2025 Schloss Dagstuhl – LZI GmbH About DROPS Imprint Privacy Contact