Results 1 
5 of
5
Panprivate streaming algorithms
 In Proceedings of ICS
, 2010
"... Abstract: Collectors of confidential data, such as governmental agencies, hospitals, or search engine providers, can be pressured to permit data to be used for purposes other than that for which they were collected. To support the data curators, we initiate a study of panprivate algorithms; roughly ..."
Abstract

Cited by 27 (3 self)
 Add to MetaCart
(Show Context)
Abstract: Collectors of confidential data, such as governmental agencies, hospitals, or search engine providers, can be pressured to permit data to be used for purposes other than that for which they were collected. To support the data curators, we initiate a study of panprivate algorithms; roughly speaking, these algorithms retain their privacy properties even if their internal state becomes visible to an adversary. Our principal focus is on streaming algorithms, where each datum may be discarded immediately after processing.
Functionally Private Approximations of Negligiblybiased Estimators
 LEIBNIZ INTERNATIONAL PROCEEDINGS IN INFORMATICS
, 2009
"... We study functionally private approximations. An approximation function g is functionally private with respect to f if, for any input x, g(x) reveals no more information about x than f (x). Our main result states that a function f admits an efficientlycomputable functionally private approximation ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
We study functionally private approximations. An approximation function g is functionally private with respect to f if, for any input x, g(x) reveals no more information about x than f (x). Our main result states that a function f admits an efficientlycomputable functionally private approximation g if there exists an efficientlycomputable and negligiblybiased estimator for f. Contrary to previous generic results, our theorem is more general and has a wider application reach. We provide two distinct applications of the above result to demonstrate its flexibility. In the data stream model, we provide a functionally private approximation to the Lpnorm estimation problem, a quintessential application in streaming, using only polylogarithmic space in the input size. The privacy guarantees rely on the use of pseudorandom functions (PRF) (a stronger cryptographic notion than pseudorandom generators) of which can be based on common cryptographic assumptions. The application of PRFs in this context appears to be novel and we expect other results to follow suit. Moreover, this is the first known functionally private streaming result for any problem. Our second application result states that every problem in some subclasses of ♯P of hard counting problems admit efficient and functionally private approximation protocols. This result is based on a functionally private approximation for the ♯DNF problem (or estimating the number of satisfiable truth assignments to a Boolean formula in disjunctive normal form), which is an application of our main theorem and previously known results.
NearOptimal Private Approximation Protocols via a Black Box Transformation
"... We show the following transformation: any twoparty protocol for outputting a (1 + ε)approximation to f(x, y) = n j=1 g(xj, yj) with probability at least 2/3, for any nonnegative efficienty computable function g, can be transformed into a twoparty private approximation protocol with only a polylo ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
We show the following transformation: any twoparty protocol for outputting a (1 + ε)approximation to f(x, y) = n j=1 g(xj, yj) with probability at least 2/3, for any nonnegative efficienty computable function g, can be transformed into a twoparty private approximation protocol with only a polylogarithmic factor loss in communication, computation, and round complexity. In general it is insufficient to use secure function evaluation or fully homomorphic encryption on a standard, nonprivate protocol for approximating f. This is because the approximation may reveal information about x and y that does not follow from f(x, y). Applying our transformation and variations of it, we obtain nearoptimal private approximation protocols for a wide range of problems in the data stream literature for which previously nothing was known. We give nearoptimal private approximation protocols for the ℓpdistance for every p ≥ 0, for the heavy hitters and importance sampling problems with respect to any ℓpnorm, for the maxdominance and other dominant ℓpnorms, for the distinct summation problem, for entropy, for cascaded frequency moments, for subspace approximation and block sampling, and for measuring independence of datasets. Using a result for data streams, we obtain private approximation protocols with polylogarithmic communication for every nondecreasing and symmetric function g(xj, yj) = h(xj − yj) with at most quadratic growth. If the original (nonprivate) protocol is a simultaneous protocol, e.g., a sketching algorithm, then our only cryptographic assumption is efficient symmetric computationallyprivate information retrieval; otherwise it is fully homomorphic encryption. For all but one of these problems, the original protocol is a sketching algorithm. Our protocols generalize straightforwardly to more than two parties.
REUSABLE LOWERROR COMPRESSIVE SAMPLING SCHEMES THROUGH PRIVACY
"... A compressive sampling algorithm recovers approximately a nearly sparse vector x from a much smaller “sketch ” given by the matrix vector product Φx. Different settings in the literature make different assumptions to meet strong requirements on the accuracy of the recovered signal. Some are robust t ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
A compressive sampling algorithm recovers approximately a nearly sparse vector x from a much smaller “sketch ” given by the matrix vector product Φx. Different settings in the literature make different assumptions to meet strong requirements on the accuracy of the recovered signal. Some are robust to noise (that is, the signal may be far from sparse), but the matrix Φ is only guaranteed to work on a single fixed x with high probability—it may not be reused arbitrarily many times. Others require Φ to work on all x simultaneously, but are much less resilient to noise. In this note, we examine the case of compressive sampling of a RADAR signal. Through a combination of mathematical theory and assumptions appropriate to our scenario, we show how a single matrix Φ can be used repeatedly on multiple input vectors x, and still give the best possible resilience to noise. Index Terms — Privacy preserving, compressive sampling, Forall/Foreach
Secure Computation with Sublinear Amortized Work
"... Traditional approaches to secure computation begin by representing the function f being computed as a circuit. For any function f that depends on each of its inputs, this implies a protocol with complexity at least linear in the input size. In fact, linear running time is inherent for secure computa ..."
Abstract
 Add to MetaCart
(Show Context)
Traditional approaches to secure computation begin by representing the function f being computed as a circuit. For any function f that depends on each of its inputs, this implies a protocol with complexity at least linear in the input size. In fact, linear running time is inherent for secure computation of nontrivial functions, since each party must “touch ” every bit of their input lest information about other party’s input be leaked. This seems to rule out many interesting applications of secure computation in scenarios where at least one of the inputs is huge and sublineartime algorithms can be utilized in the insecure setting; private database search is a prime example. We present an approach to secure twoparty computation that yields sublineartime protocols, in an amortized sense, for functions that can be computed in sublinear time on a random access machine (RAM). Furthermore, a party whose input is “small ” is required to maintain only small state. We provide a generic protocol that achieves the claimed complexity, based on any oblivious RAM and any protocol for secure twoparty computation. We then present an optimized version of this protocol, where generic secure twoparty computation is used only for evaluating a small number of simple operations. 1