research-article

Understanding Information Disclosure from Secure Computation Output: A Study of Average Salary Computation

Authors:

Alessandro Baccarini,

Marina Blanton,

Shaofeng ZouAuthors Info & Claims

CODASPY '24: Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy

Pages 187 - 198

https://doi.org/10.1145/3626232.3653280

Published: 19 June 2024 Publication History

Abstract

Secure multi-party computation has seen substantial performance improvements in recent years and is being increasingly used in commercial products. While a significant amount of work was dedicated to improving its efficiency under standard security models, the threat models do not account for information leakage from the output of secure function evaluation. Quantifying information disclosure about private inputs from observing the function outcome is the subject of this work. Motivated by the City of Boston gender pay gap studies, in this work we focus on the computation of the average of salaries and quantify information disclosure about private inputs of one or more participants (the target) to an adversary via information-theoretic techniques. We study a number of distributions including log-normal, which is typically used for modeling salaries. We consequently evaluate information disclosure after repeated evaluation of the average function on overlapping inputs, as was done in the Boston gender pay study that ran multiple times, and provide recommendations for using the sum and average functions in secure computation applications. Our goal is to develop mechanisms that lower information disclosure about participants' inputs to a desired level and provide guidelines for setting up real-world secure evaluation of this function.

References

[1]

P. Ah-Fat and M. Huth. 2017. Secure Multi-party Computation: Information Flow of Outputs and Game Theory. In POST. 71--92.

[2]

P. Ah-Fat and M. Huth. 2019. Optimal Accuracy-privacy Trade-off for Secure Computations. IEEE Transactions on Information Theory, Vol. 65, 5 (2019), 3165--3182.

[3]

P. Ah-Fat and M. Huth. 2020a. Protecting Private Inputs: Bounded Distortion Guarantees With Randomised Approximations. PoPETS, Vol. 2020, 3 (2020), 284--303.

[4]

P. Ah-Fat and M. Huth. 2020b. Two and Three-Party Digital Goods Auctions: Scalable Privacy Analysis. arXiv preprint arXiv:2009.09524.

[5]

M. Alvim, K. Chatzikokolakis, A. McIver, C. Morgan, C. Palamidessi, and G. Smith. 2014a. Additive and multiplicative notions of leakage, and their capacities. In IEEE Computer Security Foundations Symposium. 308--322.

[6]

M. Alvim, K. Chatzikokolakis, C. Palamidessi, and G. Smith. 2012. Measuring information leakage using generalized gain functions. In IEEE Computer Security Foundations Symposium. 265--279.

[7]

M. Alvim, A. Scedrov, and F. Schneider. 2014b. When Not All Bits Are Equal: Worth-Based Information Flow. In POST. 120--139.

[8]

A. Baccarini, M. Blanton, and S. Zou. 2022. Understanding Information Disclosure from Secure Computation Output: A Study of Average Salary Computation. arXiv preprint arXiv:2209.10457.

[9]

R. Barakat. 1976. Sums of Independent Lognormally Distributed Random Variables. Journal of the Optical Society of America, Vol. 66, 3 (1976), 211--216.

[10]

N. Beaulieu, A. Abu-Dayya, and P. McLane. 1995. Estimating the Distribution of a Sum of Independent Lognormal Random Variables. IEEE Transactions on Communications, Vol. 43, 12 (1995), 2869--2873.

[11]

N. Beaulieu and Q. Xie. 2004. An Optimal Lognormal Approximation to Lognormal Sum Distributions. IEEE Transactions on Vehicular Technology, Vol. 53, 2 (2004), 479--489.

[12]

A. Bhowmick, D. Boneh, S. Myers, and K. Tarbe. 2021. The Apple PSI system. https://www.apple.com/child-safety/pdf/Apple_PSI_System_Security_Protocol_and_Analysis.pdf.

[13]

S. Bu, L. Lakshmanan, R. Ng, and G. Ramesh. 2006. Preservation of patterns and input-output privacy. In IEEE International Conference on Data Engineering. 696--705.

[14]

, C. Caiado and P. Rathie. 2007. Polynomial Coefficients and Distribution of the Sum of Discrete Uniform Variables. In SSFA.

[15]

022)]% cao2022priori, L. Cao, T. Tong, D. Trafimow, T. Wang, and X. Chen. 2022. The A Priori Procedure for estimating the mean in both log-normal and gamma populations and robustness for assumption violations. Methodology, Vol. 18, 1 (2022), 24--43.

[16]

M. Cheraghchi. 2019. Expressions for the Entropy of Basic Discrete Distributions. IEEE Transactions on Information Theory, Vol. 65, 7 (2019), 3999--4009.

Digital Library

[17]

D. Clark, S. Hunt, and P. Malacaria. 2002. Quantitative analysis of the leakage of confidential data. Electronic Notes in Theoretical Computer Science, Vol. 59, 3 (2002), 238--251.

[18]

F. Clementi and M. Gallegati. 2005. Pareto's law of income distribution: Evidence for Germany, the United Kingdom, and the United States. In Econophysics of Wealth Distributions. Springer, 3--14. https://doi.org/10.1007/88--470-0389-X_1

[19]

B. Cobb, R. Rumí, and A. Salmerón. 2012. Approximating the Distribution of a Sum of Log-normal Random Variables. Statistics and Computing, Vol. 16, 3 (2012), 293--308.

Digital Library

[20]

T. Cover and J. Thomas. 2006. Elements of Information Theory. Wiley-Interscience.

[21]

D. Denning. 1982. Cryptography and data security. Addison-Wesley Reading.

Digital Library

[22]

V. Deshpande, L. Schwarz, M. Atallah, M. Blanton, and K. Frikken. 2011. Outsourcing manufacturing: Secure price-masking mechanisms for purchasing component parts. Production and Operations Management, Vol. 20, 2 (2011), 165--180.

[23]

V. Deshpande, L. Schwarz, M. Atallah, M. Blanton, K. Frikken, and J. Li. 2005. Secure Collaborative Planning, Forecasting and Replenishment (SCPFR). CERIAS Tech Report 2006--65.

[24]

V. Deshpande, L. Schwarz, M. Atallah, M. Blanton, K. Frikken, and J. Li. 2006. Secure Collaborative Planning, Forecasting and Replenishment (SCPFR). In Multi-Echelon/Public Applications of Supply Chain Management Conference. 165--180.

[25]

C. Dwork. 2008. Differential privacy: A survey of results. In International Conference on Theory and Applications of Models of Computation. 1--19.

[26]

C. Dwork and A. Roth. 2014. The algorithmic foundations of differential privacy. Foundations and Trends in Theoretical Computer Science, Vol. 9, 3--4 (2014), 211--407.

Digital Library

[27]

R. Evans and J. Boersma. 1988. The Entropy of a Poisson Distribution (C. Robert Appledorn). SIAM Rev., Vol. 30, 2 (1988), 314--317. https://doi.org/10.1137/1030059

Digital Library

[28]

L. Fenton. 1960. The sum of log-normal probability distributions in scatter transmission systems. IRE Transactions on Communications Systems, Vol. 8, 1 (1960), 57--67.

[29]

M. Ion, B. Kreuter, A. Nergiz, S. Patel, S. Saxena, K. Seth, M. Raykova, D. Shanahan, and M. Yung. 2020. On deploying secure computing: Private intersection-sum-with-cardinality. In IEEE EuroS&P. 370--389.

[30]

M. Iwamoto and J. Shikata. 2013. Information theoretic security for encryption based on conditional Rényi entropies. In International Conference on Information Theoretic Security. 103--121.

[31]

B. Köpf and D. Basin. 2011. Automatically deriving information-theoretic bounds for adaptive side-channel attacks. Journal of Computer Security, Vol. 19, 1 (2011), 1--31.

Digital Library

[32]

R. Kotecha and S. Garg. 2017. Preserving output-privacy in data stream classification. Progress in Artificial Intelligence, Vol. 6 (2017), 87--104.

[33]

B. Kreuter. 2017. Secure Multiparty Computation at Google. Real World Crypto. Available from https://www.youtube.com/watch?v=ee7oRsDnNNc.

[34]

A. Lapets, F. Jansen, K. Albab, R. Issa, L. Qin, M. Varia, and A. Bestavros. 2018. Accessible Privacy-Preserving Web-Based Data Analysis for Assessing and Addressing Economic Inequalities. In ACM COMPASS. 48:1--48:5.

[35]

A. Lapets, N. Volgushev, A. Bestavros, F. Jansen, and M. Varia. 2016a. Secure MPC for Analytics as a Web Application. In SecDev. 73--74.

[36]

A. Lapets, N. Volgushev, A. Bestavros, F. Jansen, and M. Varia. 2016b. Secure Multi-Party Computation for Analytics Deployed as a Lightweight Web Application. Technical Report BUCS-TR-2016-008. Boston University.

[37]

P. Mardziel, M. Hicks, J. Katz, and M. Srivatsa. 2012. Knowledge-oriented secure multiparty computation. In Workshop on Programming Languages and Analysis for Security. 1--12.

[38]

J. Massey. 1994. Guessing and entropy. In IEEE International Symposium on Information Theory. 204.

[39]

R. Mendes and J. Vilela. 2017. Privacy-preserving data mining: methods, metrics, and applications. IEEE Access, Vol. 5 (2017), 10562--10582.

[40]

A. Monreale and W. Wang. 2016. Privacy-preserving outsourcing of data mining. In IEEE COMPSAC, Vol. 2. 583--588.

[41]

A. Rastogi, P. Mardziel, M. Hicks, and M. Hammer. 2013. Knowledge inference for optimizing secure multi-party computation. In SIGPLAN Workshop on Programming Languages and Analysis for Security. 3--14.

[42]

, S. Schwartz and Y. Yeh. 1982. On the distribution function and moments of power sums with log-normal components. Bell System Technical Journal, Vol. 61, 7 (1982), 1441--1462.

[43]

D. Senaratne and C. Tellambura. 2009. Numerical Computation of the Lognormal Sum Distribution. In IEEE GLOBECOM. 1--6.

[44]

R. Shokri, M. Stronati, C. Song, and V. Shmatikov. 2017. Membership Inference Attacks Against Machine Learning Models. In IEEE S&P. 3--18.

[45]

M. Skórski. 2019. Strong chain rules for min-entropy under few bits spoiled. In IEEE International Symposium on Information Theory. 1122--1126.

Digital Library

[46]

G. Smith. 2009. On the foundations of quantitative information flow. In FoSSaCS. 288--302.

[47]

L. Song and P. Mittal. 2021. Systematic Evaluation of Privacy Risks of Machine Learning Models. In USENIX Security Symposium. 2615--2632.

[48]

W. Souma. 2002. Physics of personal income. In Empirical Science of Financial Fluctuations. 343--352.

[49]

A. Walker, S. Patel, and M. Yung. 2019. Helping organizations do more without collecting more data. Google Security Blog (jun 2019). https://security.googleblog.com/2019/06/helping-organizations-do-more-without-collecting-more-data.html Last accessed: 2022-08--16.

[50]

T. Wang and L. Liu. 2011. Output privacy in data mining. ACM Transactions on Database Systems (TODS), Vol. 36, 1 (2011), 1--34.

Digital Library

[51]

J. Wu, N. Mehta, and J. Zhang. 2005. Flexible Lognormal Sum Approximation Method. In IEEE GLOBECOM. 3413--3417.

Cited By

Baccarini ABlanton MZou S(2024)Understanding Information Disclosure from Secure Computation Output: A Comprehensive Study of Average Salary ComputationACM Transactions on Privacy and Security10.1145/3705004Online publication date: 23-Nov-2024
https://doi.org/10.1145/3705004
Ehrmanntraut VMeyer UAyday EVaidya J(2024)Privacy-Preserving Breadth-First-Search and Maximal FlowProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695041(73-97)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695041

Index Terms

Understanding Information Disclosure from Secure Computation Output: A Study of Average Salary Computation
1. Mathematics of computing
  1. Information theory
2. Security and privacy
  1. Cryptography
    1. Information-theoretic techniques
  2. Systems security
    1. Information flow control

Recommendations

Understanding Information Disclosure from Secure Computation Output: A Comprehensive Study of Average Salary Computation
Secure multi-party computation has seen substantial performance improvements in recent years and is being increasingly used in commercial products. While a significant amount of work was dedicated to improving its efficiency under standard security models,...
Information Disclosure and Privacy Paradox: The Role of Impulsivity

Self-disclosure of personal information is generally accepted as a security risk. Nonetheless, many individuals who are concerned about their privacy will often voluntarily reveal information to others. This inconsistency between individuals' expressed ...
Information disclosure under realistic assumptions: privacy versus optimality
CCS '07: Proceedings of the 14th ACM conference on Computer and communications security

The problem of information disclosure has attracted much interest from the research community in recent years. When disclosing information, the challenge is to provide as much information as possible (optimality) while guaranteeing a desired safety ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '24: Proceedings of the Fourteenth ACM Conference on Data and Application Security and Privacy

June 2024

429 pages

ISBN:9798400704215

DOI:10.1145/3626232

General Chair:
João P. Vilela
University of Porto, Portugal
,
Program Chairs:
Haya Schulmann
Goethe-Universität Frankfurt | National Research Center for Applied Cybersecurity ATHENE, Germany
,
Ninghui Li
Purdue University, USA

Copyright © 2024 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 19 June 2024

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF (National Science Foundation)

Conference

CODASPY '24

Sponsor:

SIGSAC

CODASPY '24: Fourteenth ACM Conference on Data and Application Security and Privacy

June 19 - 21, 2024

Porto, Portugal

Acceptance Rates

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
45
Total Downloads

Downloads (Last 12 months)45
Downloads (Last 6 weeks)12

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Baccarini ABlanton MZou S(2024)Understanding Information Disclosure from Secure Computation Output: A Comprehensive Study of Average Salary ComputationACM Transactions on Privacy and Security10.1145/3705004Online publication date: 23-Nov-2024
https://doi.org/10.1145/3705004
Ehrmanntraut VMeyer UAyday EVaidya J(2024)Privacy-Preserving Breadth-First-Search and Maximal FlowProceedings of the 23rd Workshop on Privacy in the Electronic Society10.1145/3689943.3695041(73-97)Online publication date: 20-Nov-2024
https://dl.acm.org/doi/10.1145/3689943.3695041

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents