Samplable Anonymous Aggregation for Private Federated Data Analysis

Kunal Talwar; Shan Wang; Audra McMillan; Vitaly Feldman; Pansy Bansal; Bailey Basile; Aine Cahill; Yi Sheng Chan; Mike Chatzidakis; Junye Chen; Oliver R.A. Chick; Mona Chitnis; Suman Ganta; Yusuf Goren; Filip Granqvist; Kristine Guo; Frederic Jacobs; Omid Javidbakht; Albert Liu; Richard Low; Dan Mascenik; Steve Myers; David Park; Wonhee Park; Gianni Parsa; Tommy Pauly; Christian Priebe; Rehan Rishi; Guy N. Rothblum; Congzheng Song; Linmao Song; Karl Tarbe; Sebastian Vogt; Shundong Zhou; Vojta Jina; Michael Scaria; Luke Winstrom

doi:10.1145/3658644.3690224

Samplable Anonymous Aggregation for Private Federated Data Analysis

Kunal Talwar, Shan Wang, Audra McMillan, Vitaly Feldman, Pansy Bansal, Bailey Basile, Aine Cahill, Yi Sheng Chan, Mike Chatzidakis, Junye Chen, Oliver R.A. Chick, Mona Chitnis, Suman Ganta, Yusuf Goren, Filip Granqvist, Kristine Guo, Frederic Jacobs, Omid Javidbakht, Albert Liu, Richard LowDan Mascenik, Steve Myers, David Park, Wonhee Park, Gianni Parsa, Tommy Pauly, Christian Priebe, Rehan Rishi, Guy N. Rothblum, Congzheng Song, Linmao Song, Karl Tarbe, Sebastian Vogt, Shundong Zhou, Vojta Jina, Michael Scaria, Luke Winstrom

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

We revisit the problem of designing scalable protocols for private statistics and private federated learning when each device holds its private data. Locally differentially private algorithms require little trust but are (provably) limited in their utility. Centrally differentially private algorithms can allow significantly better utility but require a trusted curator. This gap has led to significant interest in the design and implementation of simple cryptographic primitives, that can allow central-like utility guarantees without having to trust a central server. Our first contribution is to propose a new primitive that allows for efficient implementation of several commonly used algorithms, and allows for privacy accounting that is close to that in the central setting without requiring the strong trust assumptions it entails. Shuffling and aggregation primitives that have been proposed in earlier works enable this for some algorithms, but have significant limitations as primitives. We propose a Samplable Anonymous Aggregation primitive, which computes an aggregate over a random subset of the inputs and show that it leads to better privacy-utility trade-offs for various fundamental tasks. Secondly, we propose a system architecture that implements this primitive and perform a security analysis of the proposed system. Our design combines additive secret-sharing with anonymization and authentication infrastructures.

Original language	English
Title of host publication	CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security
Pages	2859-2873
Number of pages	15
ISBN (Electronic)	9798400706363
DOIs	https://doi.org/10.1145/3658644.3690224
State	Published - 9 Dec 2024
Externally published	Yes
Event	31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024 - Duration: 9 Dec 2024 → …

Publication series

Name	CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security

Conference

Conference	31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024
Period	9/12/24 → …

All Science Journal Classification (ASJC) codes

Computer Networks and Communications
Computer Science Applications
Software

Access to Document

10.1145/3658644.3690224

Cite this

Talwar, K., Wang, S., McMillan, A., Feldman, V., Bansal, P., Basile, B., Cahill, A., Chan, Y. S., Chatzidakis, M., Chen, J., Chick, O. R. A., Chitnis, M., Ganta, S., Goren, Y., Granqvist, F., Guo, K., Jacobs, F., Javidbakht, O., Liu, A., ... Winstrom, L. (2024). Samplable Anonymous Aggregation for Private Federated Data Analysis. In CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security (pp. 2859-2873). (CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security). https://doi.org/10.1145/3658644.3690224

@inproceedings{f058b90be16541e0b97b01497a0c8c13,

title = "Samplable Anonymous Aggregation for Private Federated Data Analysis",

abstract = "We revisit the problem of designing scalable protocols for private statistics and private federated learning when each device holds its private data. Locally differentially private algorithms require little trust but are (provably) limited in their utility. Centrally differentially private algorithms can allow significantly better utility but require a trusted curator. This gap has led to significant interest in the design and implementation of simple cryptographic primitives, that can allow central-like utility guarantees without having to trust a central server. Our first contribution is to propose a new primitive that allows for efficient implementation of several commonly used algorithms, and allows for privacy accounting that is close to that in the central setting without requiring the strong trust assumptions it entails. Shuffling and aggregation primitives that have been proposed in earlier works enable this for some algorithms, but have significant limitations as primitives. We propose a Samplable Anonymous Aggregation primitive, which computes an aggregate over a random subset of the inputs and show that it leads to better privacy-utility trade-offs for various fundamental tasks. Secondly, we propose a system architecture that implements this primitive and perform a security analysis of the proposed system. Our design combines additive secret-sharing with anonymization and authentication infrastructures.",

author = "Kunal Talwar and Shan Wang and Audra McMillan and Vitaly Feldman and Pansy Bansal and Bailey Basile and Aine Cahill and Chan, {Yi Sheng} and Mike Chatzidakis and Junye Chen and Chick, {Oliver R.A.} and Mona Chitnis and Suman Ganta and Yusuf Goren and Filip Granqvist and Kristine Guo and Frederic Jacobs and Omid Javidbakht and Albert Liu and Richard Low and Dan Mascenik and Steve Myers and David Park and Wonhee Park and Gianni Parsa and Tommy Pauly and Christian Priebe and Rehan Rishi and Rothblum, {Guy N.} and Congzheng Song and Linmao Song and Karl Tarbe and Sebastian Vogt and Shundong Zhou and Vojta Jina and Michael Scaria and Luke Winstrom",

note = "Publisher Copyright: {\textcopyright} 2024 Copyright held by the owner/author(s).; 31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024 ; Conference date: 09-12-2024",

year = "2024",

month = dec,

day = "9",

doi = "10.1145/3658644.3690224",

language = "الإنجليزيّة",

series = "CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security",

pages = "2859--2873",

booktitle = "CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security",

}

Talwar, K, Wang, S, McMillan, A, Feldman, V, Bansal, P, Basile, B, Cahill, A, Chan, YS, Chatzidakis, M, Chen, J, Chick, ORA, Chitnis, M, Ganta, S, Goren, Y, Granqvist, F, Guo, K, Jacobs, F, Javidbakht, O, Liu, A, Low, R, Mascenik, D, Myers, S, Park, D, Park, W, Parsa, G, Pauly, T, Priebe, C, Rishi, R, Rothblum, GN, Song, C, Song, L, Tarbe, K, Vogt, S, Zhou, S, Jina, V, Scaria, M & Winstrom, L 2024, Samplable Anonymous Aggregation for Private Federated Data Analysis. in CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security. CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security, pp. 2859-2873, 31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024, 9/12/24. https://doi.org/10.1145/3658644.3690224

Samplable Anonymous Aggregation for Private Federated Data Analysis. / Talwar, Kunal; Wang, Shan; McMillan, Audra et al.
CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security. 2024. p. 2859-2873 (CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Samplable Anonymous Aggregation for Private Federated Data Analysis

AU - Talwar, Kunal

AU - Wang, Shan

AU - McMillan, Audra

AU - Feldman, Vitaly

AU - Bansal, Pansy

AU - Basile, Bailey

AU - Cahill, Aine

AU - Chan, Yi Sheng

AU - Chatzidakis, Mike

AU - Chen, Junye

AU - Chick, Oliver R.A.

AU - Chitnis, Mona

AU - Ganta, Suman

AU - Goren, Yusuf

AU - Granqvist, Filip

AU - Guo, Kristine

AU - Jacobs, Frederic

AU - Javidbakht, Omid

AU - Liu, Albert

AU - Low, Richard

AU - Mascenik, Dan

AU - Myers, Steve

AU - Park, David

AU - Park, Wonhee

AU - Parsa, Gianni

AU - Pauly, Tommy

AU - Priebe, Christian

AU - Rishi, Rehan

AU - Rothblum, Guy N.

AU - Song, Congzheng

AU - Song, Linmao

AU - Tarbe, Karl

AU - Vogt, Sebastian

AU - Zhou, Shundong

AU - Jina, Vojta

AU - Scaria, Michael

AU - Winstrom, Luke

PY - 2024/12/9

Y1 - 2024/12/9

N2 - We revisit the problem of designing scalable protocols for private statistics and private federated learning when each device holds its private data. Locally differentially private algorithms require little trust but are (provably) limited in their utility. Centrally differentially private algorithms can allow significantly better utility but require a trusted curator. This gap has led to significant interest in the design and implementation of simple cryptographic primitives, that can allow central-like utility guarantees without having to trust a central server. Our first contribution is to propose a new primitive that allows for efficient implementation of several commonly used algorithms, and allows for privacy accounting that is close to that in the central setting without requiring the strong trust assumptions it entails. Shuffling and aggregation primitives that have been proposed in earlier works enable this for some algorithms, but have significant limitations as primitives. We propose a Samplable Anonymous Aggregation primitive, which computes an aggregate over a random subset of the inputs and show that it leads to better privacy-utility trade-offs for various fundamental tasks. Secondly, we propose a system architecture that implements this primitive and perform a security analysis of the proposed system. Our design combines additive secret-sharing with anonymization and authentication infrastructures.

AB - We revisit the problem of designing scalable protocols for private statistics and private federated learning when each device holds its private data. Locally differentially private algorithms require little trust but are (provably) limited in their utility. Centrally differentially private algorithms can allow significantly better utility but require a trusted curator. This gap has led to significant interest in the design and implementation of simple cryptographic primitives, that can allow central-like utility guarantees without having to trust a central server. Our first contribution is to propose a new primitive that allows for efficient implementation of several commonly used algorithms, and allows for privacy accounting that is close to that in the central setting without requiring the strong trust assumptions it entails. Shuffling and aggregation primitives that have been proposed in earlier works enable this for some algorithms, but have significant limitations as primitives. We propose a Samplable Anonymous Aggregation primitive, which computes an aggregate over a random subset of the inputs and show that it leads to better privacy-utility trade-offs for various fundamental tasks. Secondly, we propose a system architecture that implements this primitive and perform a security analysis of the proposed system. Our design combines additive secret-sharing with anonymization and authentication infrastructures.

UR - http://www.scopus.com/inward/record.url?scp=85215459425&partnerID=8YFLogxK

U2 - 10.1145/3658644.3690224

DO - 10.1145/3658644.3690224

M3 - منشور من مؤتمر

T3 - CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security

SP - 2859

EP - 2873

BT - CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security

T2 - 31st ACM SIGSAC Conference on Computer and Communications Security, CCS 2024

Y2 - 9 December 2024

ER -

Talwar K, Wang S, McMillan A, Feldman V, Bansal P, Basile B et al. Samplable Anonymous Aggregation for Private Federated Data Analysis. In CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security. 2024. p. 2859-2873. (CCS 2024 - Proceedings of the 2024 ACM SIGSAC Conference on Computer and Communications Security). doi: 10.1145/3658644.3690224

Samplable Anonymous Aggregation for Private Federated Data Analysis

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this