Crypt$\epsilon$: Crypto-Assisted Differential Privacy on Untrusted Servers

TL;DR

Crypt$5$ introduces a system enabling privacy-preserving data analysis that combines the accuracy of the central differential privacy model with the security of untrusted servers, using encryption and secure computation.

Contribution

It presents Crypt$5$, a framework that allows complex differentially private programs to run securely on encrypted data without trusted servers, improving practicality and utility.

Findings

Achieves high utility comparable to the central DP model

Ensures security against computationally bounded adversaries

Demonstrates practical feasibility through empirical evaluations

Abstract

Differential privacy (DP) has steadily become the de-facto standard for achieving privacy in data analysis, which is typically implemented either in the "central" or "local" model. The local model has been more popular for commercial deployments as it does not require a trusted data collector. This increased privacy, however, comes at a cost of utility and algorithmic expressibility as compared to the central model. In this work, we propose, Crypt$\epsilon$, a system and programming framework that (1) achieves the accuracy guarantees and algorithmic expressibility of the central model (2) without any trusted data collector like in the local model. Crypt$\epsilon$ achieves the "best of both worlds" by employing two non-colluding untrusted servers that run DP programs on encrypted data from the data owners. Although straightforward implementations of DP programs using secure computation tools can achieve the above goal theoretically, in practice they are beset with many challenges such as poor performance and tricky security proofs. To this end, Crypt$\epsilon$ allows data analysts to author logical DP programs that are automatically translated to secure protocols that work on encrypted data. These protocols ensure that the untrusted servers learn nothing more than the noisy outputs, thereby guaranteeing DP (for computationally bounded adversaries) for all Crypt$\epsilon$ programs. Crypt$\epsilon$ supports a rich class of DP programs that can be expressed via a small set of transformation and measurement operators followed by arbitrary post-processing. Further, we propose performance optimizations leveraging the fact that the output is noisy. We demonstrate Crypt$\epsilon$'s feasibility for practical DP analysis with extensive empirical evaluations on real datasets.