Distributed Differential Privacy via Shuffling vs Aggregation: a Curious Study

Yu Wei; Jingyu Jia; Yuduo Wu; Changhui Hu; Changyu Dong; Zheli Liu; Xiaofeng Chen; Yun Peng; Shaowei Wang

Paper 2023/1764

Distributed Differential Privacy via Shuffling vs Aggregation: a Curious Study

Yu Wei, Purdue University West Lafayette

Jingyu Jia, Nankai University

Yuduo Wu, Nankai University

Changhui Hu, Hainan University

Changyu Dong, Guangzhou University

Zheli Liu, Nankai University

Xiaofeng Chen, Xidian University

Yun Peng, Guangzhou University

Shaowei Wang, Guangzhou University

Abstract

How to achieve distributed differential privacy (DP) without a trusted central party is of great interest in both theory and practice. Recently, the shuffle model has attracted much attention. Unlike the local DP model in which the users send randomized data directly to the data collector/analyzer, in the shuffle model an intermediate untrusted shuffler is introduced to randomly permute the data, which have already been randomized by the users, before they reach the analyzer. The most appealing aspect is that while shuffling does not explicitly add more noise to the data, it can make privacy better. The privacy amplification effect in consequence means the users need to add less noise to the data than in the local DP model, but can achieve the same level of differential privacy. Thus, protocols in the shuffle model can provide better accuracy than those in the local DP model. What looks interesting to us is that the architecture of the shuffle model is similar to private aggregation, which has been studied for more than a decade. In private aggregation, locally randomized user data are aggregated by an intermediate untrusted aggregator. Thus, our question is whether aggregation also exhibits some sort of privacy amplification effect? And if so, how good is this ``aggregation model'' in comparison with the shuffle model. We conducted the first comparative study between the two, covering privacy amplification, functionalities, protocol accuracy, and practicality. The results as yet suggest that the new shuffle model does not have obvious advantages over the old aggregation model. On the contrary, protocols in the aggregation model outperform those in the shuffle model, sometimes significantly, in many aspects.

Metadata

Available format(s): PDF
Category: Applications
Publication info: Published elsewhere. Minor revision. IEEE Transactions on Information Forensics and Security
DOI: 10.1109/TIFS.2024.3351474
Keywords: Differential privacy shuffle model aggregation model
Contact author(s): yuwei @ purdue edu
jiajingyu @ mail nankai edu cn
doria @ mail nankai edu cn
hu @ hainanu edu cn
changyu dong @ gzhu edu cn
liuzheli @ nankai edu cn
xfchen @ xidian edu cn
yun-peng @ gzhu edu cn
wangsw @ gzhu edu cn
History: 2024-11-16: revised; 2023-11-15: received; See all versions
Short URL: https://ia.cr/2023/1764
License: CC BY

BibTeX

@misc{cryptoeprint:2023/1764,
      author = {Yu Wei and Jingyu Jia and Yuduo Wu and Changhui Hu and Changyu Dong and Zheli Liu and Xiaofeng Chen and Yun Peng and Shaowei Wang},
      title = {Distributed Differential Privacy via Shuffling vs Aggregation: a Curious Study},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1764},
      year = {2023},
      doi = {10.1109/TIFS.2024.3351474},
      url = {https://eprint.iacr.org/2023/1764}
}