Polynomial-time Attack on Output Perturbation Sanitizers for Real-valued Databases
Main Article Content
Abstract
We review the attack given by Dinur and Nissim [6] on the output perturbation sanitizer, and generalize it to a setting that includes, as particular cases, databases with values in {0,1}---with the metric considered in [6]---and databases with real values, with other appropriate metrics (hence the binary case is not included in the real case). Previous works [12, 14] on the binary case gave results more efficient than ours. Those results could be used to extend the binary case to the real-valued case, hence implying our results. The contributions of this paper are: to make the implication explicit, and to give an alternative general proof. We state a property about the function dist that measures the error of the attacker's approximation of the database, which is satisfied in our cases of interest, and is sufficiently strong to prove the impossibility results regarding the privacy provided by the output-perturbation sanitizer, in both the real and binary cases. In this general context we establish an inequality (an upper bound to the probability of adversary's failure) that relates all the parameters of the problem---the size of the database, the relative error of the adversary, the number of queries made by the adversary (which determines its time complexity), its probability of failure, and the perturbation of the sanitizer---making explicit the trade-offs among them. From this inequality we deduce that for binary and real valued databases, the adversary described in [6] can defeat perturbation o(n1/2) with time complexity determined by o(n log n) number of queries (instead of O(n log2 n) as in [6]).
Article Details
Copyright is retained by the authors. By submitting to this journal, the author(s) license the article under the Creative Commons License – Attribution-NonCommercial-NoDerivatives 4.0 International (CC BY-NC-ND 4.0), unless choosing a more lenient license (for instance, public domain). For situations not allowed under CC BY-NC-ND, short sections of text, not to exceed two paragraphs, may be quoted without explicit permission provided that full credit, including © notice, is given to the source.
Authors of articles published by the journal grant the journal the right to store the articles in its databases for an unlimited period of time and to distribute and reproduce the articles electronically.