Privacy Enhancement via Dummy Points in the Shuffle Model

TL;DR

This paper introduces DUMP, a novel framework using dummy points in the shuffle model to improve privacy and utility in histogram estimation, achieving significant communication efficiency gains over existing methods.

Contribution

The paper proposes DUMP, a new dummy-point-based framework for privacy-preserving histogram estimation that enhances privacy and utility in the shuffle model.

Findings

Significant reduction in communication costs, at least 1000x lower than existing protocols.

Competitive utility performance compared to the best known protocol.

Robustness against floating-point attacks due to the use of easier-to-sample distributions.

Abstract

The shuffle model is recently proposed to address the issue of severe utility loss in Local Differential Privacy (LDP) due to distributed data randomization.In the shuffle model, a shuffler is utilized to break the link between the user identity and the message uploaded to the data analyst. Since less noise needs to be introduced to achieve the same privacy guarantee, following this paradigm, the utility of privacy-preserving data collection is improved. We propose DUMP (\underline{DUM}my-\underline{P}oint-based), a framework for privacy-preserving histogram estimation in the shuffle model. The core of DUMP is a new concept of \emph{dummy blanket}, which enables enhancing privacy by just introducing \textit{points }on the user side and further improving the utility of the shuffle model.We instantiate DUMP by proposing two protocols: pureDUMP and mixDUMP, and conduct a comprehensive experimental evaluation to compare them with existing protocols. The experimental results show that, under the same privacy guarantee, (1) the proposed protocols have significant improvements in communication efficiency over all existing multi-message protocols, by at least 3 orders of magnitude; (2) they achieve competitive utility, while the only known protocol (Ghazi \textit{et al.}, PMLR 2020) having better utility than ours employs hard-to-exactly-sample distributions which are vulnerable to floating-point attacks (CCS 2012).