The Complexity of Differential Privacy
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
A Traitor Tracing Scheme Based on RSA for Fast Decryption
A Traitor Tracing Scheme Based on RSA for Fast Decryption John Patrick McGregor, Yiqun Lisa Yin, and Ruby B. Lee Princeton Architecture Laboratory for Multimedia and Security (PALMS) Department of Electrical Engineering Princeton University {mcgregor,yyin,rblee}@princeton.edu Abstract. We describe a fully k-resilient traitor tracing scheme that uti- lizes RSA as a secret-key rather than public-key cryptosystem. Traitor tracing schemes deter piracy in broadcast encryption systems by enabling the identification of authorized users known as traitors that contribute to unauthorized pirate decoders. In the proposed scheme, upon the confis- cation of a pirate decoder created by a collusion of k or fewer authorized users, contributing traitors can be identified with certainty. Also, the scheme prevents innocent users from being framed as traitors. The pro- posed scheme improves upon the decryption efficiency of past traitor tracing proposals. Each authorized user needs to store only a single de- cryption key, and decryption primarily consists of a single modular expo- nentiation operation. In addition, unlike previous traitor tracing schemes, the proposed scheme employs the widely deployed RSA algorithm. 1 Introduction Broadcast encryption is beneficial in scenarios where a content provider wishes to securely distribute the same information to many users or subscribers. The broadcast content is protected with encryption, and only legitimate users should possess the information (e.g., decryption keys) necessary to access the content. These keys can be embedded in software or in tamper-resistant hardware devices such as smart cards. Current tamper-resistant hardware is vulnerable to a variety of attacks [1], however. Furthermore, truly tamper-resistant software, which includes programs that resist unauthorized tampering or inspection of code and data, has yet to be developed. -
Going Beyond Dual Execution: MPC for Functions with Efficient Verification
Going Beyond Dual Execution: MPC for Functions with Efficient Verification Carmit Hazay abhi shelat ∗ Bar-Ilan University Northeastern Universityy Muthuramakrishnan Venkitasubramaniamz University of Rochester Abstract The dual execution paradigm of Mohassel and Franklin (PKC’06) and Huang, Katz and Evans (IEEE ’12) shows how to achieve the notion of 1-bit leakage security at roughly twice the cost of semi-honest security for the special case of two-party secure computation. To date, there are no multi-party compu- tation (MPC) protocols that offer such a strong trade-off between security and semi-honest performance. Our main result is to address this shortcoming by designing 1-bit leakage protocols for the multi- party setting, albeit for a special class of functions. We say that function f (x, y) is efficiently verifiable by g if the running time of g is always smaller than f and g(x, y, z) = 1 if and only if f (x, y) = z. In the two-party setting, we first improve dual execution by observing that the “second execution” can be an evaluation of g instead of f , and that by definition, the evaluation of g is asymptotically more efficient. Our main MPC result is to construct a 1-bit leakage protocol for such functions from any passive protocol for f that is secure up to additive errors and any active protocol for g. An important result by Genkin et al. (STOC ’14) shows how the classic protocols by Goldreich et al. (STOC ’87) and Ben-Or et al. (STOC ’88) naturally support this property, which allows to instantiate our compiler with two-party and multi-party protocols. -
On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs*
On the Randomness Complexity of Interactive Proofs and Statistical Zero-Knowledge Proofs* Benny Applebaum† Eyal Golombek* Abstract We study the randomness complexity of interactive proofs and zero-knowledge proofs. In particular, we ask whether it is possible to reduce the randomness complexity, R, of the verifier to be comparable with the number of bits, CV , that the verifier sends during the interaction. We show that such randomness sparsification is possible in several settings. Specifically, unconditional sparsification can be obtained in the non-uniform setting (where the verifier is modelled as a circuit), and in the uniform setting where the parties have access to a (reusable) common-random-string (CRS). We further show that constant-round uniform protocols can be sparsified without a CRS under a plausible worst-case complexity-theoretic assumption that was used previously in the context of derandomization. All the above sparsification results preserve statistical-zero knowledge provided that this property holds against a cheating verifier. We further show that randomness sparsification can be applied to honest-verifier statistical zero-knowledge (HVSZK) proofs at the expense of increasing the communica- tion from the prover by R−F bits, or, in the case of honest-verifier perfect zero-knowledge (HVPZK) by slowing down the simulation by a factor of 2R−F . Here F is a new measure of accessible bit complexity of an HVZK proof system that ranges from 0 to R, where a maximal grade of R is achieved when zero- knowledge holds against a “semi-malicious” verifier that maliciously selects its random tape and then plays honestly. -
LINEAR ALGEBRA METHODS in COMBINATORICS László Babai
LINEAR ALGEBRA METHODS IN COMBINATORICS L´aszl´oBabai and P´eterFrankl Version 2.1∗ March 2020 ||||| ∗ Slight update of Version 2, 1992. ||||||||||||||||||||||| 1 c L´aszl´oBabai and P´eterFrankl. 1988, 1992, 2020. Preface Due perhaps to a recognition of the wide applicability of their elementary concepts and techniques, both combinatorics and linear algebra have gained increased representation in college mathematics curricula in recent decades. The combinatorial nature of the determinant expansion (and the related difficulty in teaching it) may hint at the plausibility of some link between the two areas. A more profound connection, the use of determinants in combinatorial enumeration goes back at least to the work of Kirchhoff in the middle of the 19th century on counting spanning trees in an electrical network. It is much less known, however, that quite apart from the theory of determinants, the elements of the theory of linear spaces has found striking applications to the theory of families of finite sets. With a mere knowledge of the concept of linear independence, unexpected connections can be made between algebra and combinatorics, thus greatly enhancing the impact of each subject on the student's perception of beauty and sense of coherence in mathematics. If these adjectives seem inflated, the reader is kindly invited to open the first chapter of the book, read the first page to the point where the first result is stated (\No more than 32 clubs can be formed in Oddtown"), and try to prove it before reading on. (The effect would, of course, be magnified if the title of this volume did not give away where to look for clues.) What we have said so far may suggest that the best place to present this material is a mathematics enhancement program for motivated high school students. -
Investigating Statistical Privacy Frameworks from the Perspective of Hypothesis Testing 234 Able Quantity
Investigating Statistical Privacy Frameworks from the Perspective of Hypothesis Testing 234 able quantity. Only a limited number of previous works which can provide a natural and interpretable guide- [29, 34, 35] have investigated the question of how to line for selecting proper privacy parameters by system select a proper value of ǫ, but these approaches ei- designers and researchers. Furthermore, we extend our ther require complicated economic models or lack the analysis on unbounded DP to bounded DP and the ap- analysis of adversaries with arbitrary auxiliary informa- proximate (ǫ, δ)-DP. tion (see Section 2.3 for more details). Our work is in- Impact of Auxiliary Information. The conjecture spired by the interpretation of differential privacy via that auxiliary information can influence the design of hypothesis testing, initially introduced by Wasserman DP mechanisms has been made in prior work [8, 28, 32, and Zhou [27, 30, 60]. However, this interpretation has 33, 39, 65]. We therefore investigate the adversary’s ca- not been systematically investigated before in the con- pability based on hypothesis testing under three types text of our research objective, i.e., reasoning about the of auxiliary information: the prior distribution of the in- choice of the privacy parameter ǫ (see Section 2.4 for put record, the correlation across records, and the corre- more details). lation across time. Our analysis demonstrates that the We consider hypothesis testing [2, 45, 61] as the tool auxiliary information indeed influences the appropriate used by the adversary to infer sensitive information of selection of ǫ. The results suggest that, when possible an individual record (e.g., the presence or absence of and available, the practitioners of DP should explicitly a record in the database for unbounded DP) from the incorporate adversary’s auxiliary information into the outputs of privacy mechanisms. -
2008 Annual Report
2008 Annual Report NATIONAL ACADEMY OF ENGINEERING ENGINEERING THE FUTURE 1 Letter from the President 3 In Service to the Nation 3 Mission Statement 4 Program Reports 4 Engineering Education 4 Center for the Advancement of Scholarship on Engineering Education 6 Technological Literacy 6 Public Understanding of Engineering Developing Effective Messages Media Relations Public Relations Grand Challenges for Engineering 8 Center for Engineering, Ethics, and Society 9 Diversity in the Engineering Workforce Engineer Girl! Website Engineer Your Life Project Engineering Equity Extension Service 10 Frontiers of Engineering Armstrong Endowment for Young Engineers-Gilbreth Lectures 12 Engineering and Health Care 14 Technology and Peace Building 14 Technology for a Quieter America 15 America’s Energy Future 16 Terrorism and the Electric Power-Delivery System 16 U.S.-China Cooperation on Electricity from Renewables 17 U.S.-China Symposium on Science and Technology Strategic Policy 17 Offshoring of Engineering 18 Gathering Storm Still Frames the Policy Debate 20 2008 NAE Awards Recipients 22 2008 New Members and Foreign Associates 24 2008 NAE Anniversary Members 28 2008 Private Contributions 28 Einstein Society 28 Heritage Society 29 Golden Bridge Society 29 Catalyst Society 30 Rosette Society 30 Challenge Society 30 Charter Society 31 Other Individual Donors 34 The Presidents’ Circle 34 Corporations, Foundations, and Other Organizations 35 National Academy of Engineering Fund Financial Report 37 Report of Independent Certified Public Accountants 41 Notes to Financial Statements 53 Officers 53 Councillors 54 Staff 54 NAE Publications Letter from the President Engineering is critical to meeting the fundamental challenges facing the U.S. economy in the 21st century. -
Foundations of Cryptography – a Primer Oded Goldreich
Foundations of Cryptography –APrimer Foundations of Cryptography –APrimer Oded Goldreich Department of Computer Science Weizmann Institute of Science Rehovot Israel [email protected] Boston – Delft Foundations and TrendsR in Theoretical Computer Science Published, sold and distributed by: now Publishers Inc. PO Box 1024 Hanover, MA 02339 USA Tel. +1 781 871 0245 www.nowpublishers.com [email protected] Outside North America: now Publishers Inc. PO Box 179 2600 AD Delft The Netherlands Tel. +31-6-51115274 A Cataloging-in-Publication record is available from the Library of Congress Printed on acid-free paper ISBN: 1-933019-02-6; ISSNs: Paper version 1551-305X; Electronic version 1551-3068 c 2005 O. Goldreich All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, mechanical, photocopying, recording or otherwise, without prior written permission of the publishers. now Publishers Inc. has an exclusive license to publish this mate- rial worldwide. Permission to use this content must be obtained from the copyright license holder. Please apply to now Publishers, PO Box 179, 2600 AD Delft, The Netherlands, www.nowpublishers.com; e-mail: [email protected] Contents 1 Introduction and Preliminaries 1 1.1 Introduction 1 1.2 Preliminaries 7 IBasicTools 10 2 Computational Difficulty and One-way Functions 13 2.1 One-way functions 14 2.2 Hard-core predicates 18 3 Pseudorandomness 23 3.1 Computational indistinguishability 24 3.2 Pseudorandom generators -
Digital Communication Systems 2.2 Optimal Source Coding
Digital Communication Systems EES 452 Asst. Prof. Dr. Prapun Suksompong [email protected] 2. Source Coding 2.2 Optimal Source Coding: Huffman Coding: Origin, Recipe, MATLAB Implementation 1 Examples of Prefix Codes Nonsingular Fixed-Length Code Shannon–Fano code Huffman Code 2 Prof. Robert Fano (1917-2016) Shannon Award (1976 ) Shannon–Fano Code Proposed in Shannon’s “A Mathematical Theory of Communication” in 1948 The method was attributed to Fano, who later published it as a technical report. Fano, R.M. (1949). “The transmission of information”. Technical Report No. 65. Cambridge (Mass.), USA: Research Laboratory of Electronics at MIT. Should not be confused with Shannon coding, the coding method used to prove Shannon's noiseless coding theorem, or with Shannon–Fano–Elias coding (also known as Elias coding), the precursor to arithmetic coding. 3 Claude E. Shannon Award Claude E. Shannon (1972) Elwyn R. Berlekamp (1993) Sergio Verdu (2007) David S. Slepian (1974) Aaron D. Wyner (1994) Robert M. Gray (2008) Robert M. Fano (1976) G. David Forney, Jr. (1995) Jorma Rissanen (2009) Peter Elias (1977) Imre Csiszár (1996) Te Sun Han (2010) Mark S. Pinsker (1978) Jacob Ziv (1997) Shlomo Shamai (Shitz) (2011) Jacob Wolfowitz (1979) Neil J. A. Sloane (1998) Abbas El Gamal (2012) W. Wesley Peterson (1981) Tadao Kasami (1999) Katalin Marton (2013) Irving S. Reed (1982) Thomas Kailath (2000) János Körner (2014) Robert G. Gallager (1983) Jack KeilWolf (2001) Arthur Robert Calderbank (2015) Solomon W. Golomb (1985) Toby Berger (2002) Alexander S. Holevo (2016) William L. Root (1986) Lloyd R. Welch (2003) David Tse (2017) James L. -
FOCS 2005 Program SUNDAY October 23, 2005
FOCS 2005 Program SUNDAY October 23, 2005 Talks in Grand Ballroom, 17th floor Session 1: 8:50am – 10:10am Chair: Eva´ Tardos 8:50 Agnostically Learning Halfspaces Adam Kalai, Adam Klivans, Yishay Mansour and Rocco Servedio 9:10 Noise stability of functions with low influences: invari- ance and optimality The 46th Annual IEEE Symposium on Elchanan Mossel, Ryan O’Donnell and Krzysztof Foundations of Computer Science Oleszkiewicz October 22-25, 2005 Omni William Penn Hotel, 9:30 Every decision tree has an influential variable Pittsburgh, PA Ryan O’Donnell, Michael Saks, Oded Schramm and Rocco Servedio Sponsored by the IEEE Computer Society Technical Committee on Mathematical Foundations of Computing 9:50 Lower Bounds for the Noisy Broadcast Problem In cooperation with ACM SIGACT Navin Goyal, Guy Kindler and Michael Saks Break 10:10am – 10:30am FOCS ’05 gratefully acknowledges financial support from Microsoft Research, Yahoo! Research, and the CMU Aladdin center Session 2: 10:30am – 12:10pm Chair: Satish Rao SATURDAY October 22, 2005 10:30 The Unique Games Conjecture, Integrality Gap for Cut Problems and Embeddability of Negative Type Metrics Tutorials held at CMU University Center into `1 [Best paper award] Reception at Omni William Penn Hotel, Monongahela Room, Subhash Khot and Nisheeth Vishnoi 17th floor 10:50 The Closest Substring problem with small distances Tutorial 1: 1:30pm – 3:30pm Daniel Marx (McConomy Auditorium) Chair: Irit Dinur 11:10 Fitting tree metrics: Hierarchical clustering and Phy- logeny Subhash Khot Nir Ailon and Moses Charikar On the Unique Games Conjecture 11:30 Metric Embeddings with Relaxed Guarantees Break 3:30pm – 4:00pm Ittai Abraham, Yair Bartal, T-H. -
Telecommunikation Satellites: the Actual Situation and Potential Future Developments
Telecommunikation Satellites: The Actual Situation and Potential Future Developments Dr. Manfred Wittig Head of Multimedia Systems Section D-APP/TSM ESTEC NL 2200 AG Noordwijk [email protected] March 2003 Commercial Satellite Contracts 25 20 15 Europe US 10 5 0 1995 1996 1997 1998 1999 2000 2001 2002 2003 European Average 5 Satellites/Year US Average 18 Satellites/Year Estimation of cumulative value chain for the Global commercial market 1998-2007 in BEuro 35 27 100% 135 90% 80% 225 Spacecraft Manufacturing 70% Launch 60% Operations Ground Segment 50% Services 40% 365 30% 20% 10% 0% 1 Consolidated Turnover of European Industry Commercial Telecom Satellite Orders 2000 30 2001 25 2002 3 (7) Firm Commercial Telecom Satellite Orders in 2002 Manufacturer Customer Satellite Astrium Hispasat SA Amazonas (Spain) Boeing Thuraya Satellite Thuraya 3 Telecommunications Co (U.A.E.) Orbital Science PT Telekommunikasi Telkom-2 Indonesia Hangar Queens or White Tails Orders in 2002 for Bargain Prices of already contracted Satellites Manufacturer Customer Satellite Alcatel Space New Indian Operator Agrani (India) Alcatel Space Eutelsat W5 (France) (1998 completed) Astrium Hellas-Sat Hellas Sat Consortium Ltd. (Greece-Cyprus) Commercial Telecom Satellite Orders in 2003 Manufacturer Customer Satellite Astrium Telesat Anik F1R 4.2.2003 (Canada) Planned Commercial Telecom Satellite Orders in 2003 SES GLOBAL Three RFQ’s: SES Americom ASTRA 1L ASTRA 1K cancelled four orders with Alcatel Space in 2001 INTELSAT Launched five satellites in the last 13 month average fleet age: 11 Years of remaining life PanAmSat No orders expected Concentration on cash flow generation Eutelsat HB 7A HB 8 expected at the end of 2003 Telesat Ordered Anik F1R from Astrium Planned Commercial Telecom Satellite Orders in 2003 Arabsat & are expected to replace Spacebus 300 Shin Satellite (solar-array steering problems) Korea Telecom Negotiation with Alcatel Space for Koreasat Binariang Sat. -
László Lovász Avi Wigderson De L’Université Eötvös Loránd À De L’Institute for Advanced Study De Budapest, En Hongrie Et À Princeton, Aux États-Unis
2021 L’Académie des sciences et des lettres de Norvège a décidé de décerner le prix Abel 2021 à László Lovász Avi Wigderson de l’université Eötvös Loránd à de l’Institute for Advanced Study de Budapest, en Hongrie et à Princeton, aux États-Unis, « pour leurs contributions fondamentales à l’informatique théorique et aux mathématiques discrètes, et pour leur rôle de premier plan dans leur transformation en domaines centraux des mathématiques contemporaines ». L’informatique théorique est l’étude de la puissance croissante sur plusieurs autres sciences, ce et des limites du calcul. Elle trouve son origine qui permet de faire de nouvelles découvertes dans les travaux fondateurs de Kurt Gödel, Alonzo en « chaussant des lunettes d’informaticien ». Church, Alan Turing et John von Neumann, qui ont Les structures discrètes telles que les graphes, conduit au développement de véritables ordinateurs les chaînes de caractères et les permutations physiques. L’informatique théorique comprend deux sont au cœur de l’informatique théorique, et les sous-disciplines complémentaires : l’algorithmique mathématiques discrètes et l’informatique théorique qui développe des méthodes efficaces pour une ont naturellement été des domaines étroitement multitude de problèmes de calcul ; et la complexité, liés. Certes, ces deux domaines ont énormément qui montre les limites inhérentes à l’efficacité des bénéficié des champs de recherche plus traditionnels algorithmes. La notion d’algorithmes en temps des mathématiques, mais on constate également polynomial mise en avant dans les années 1960 par une influence croissante dans le sens inverse. Alan Cobham, Jack Edmonds et d’autres, ainsi que Les applications, concepts et techniques de la célèbre conjecture P≠NP de Stephen Cook, Leonid l’informatique théorique ont généré de nouveaux Levin et Richard Karp ont eu un fort impact sur le défis, ouvert de nouvelles directions de recherche domaine et sur les travaux de Lovász et Wigderson. -
The Limits of Post-Selection Generalization
The Limits of Post-Selection Generalization Kobbi Nissim∗ Adam Smithy Thomas Steinke Georgetown University Boston University IBM Research – Almaden [email protected] [email protected] [email protected] Uri Stemmerz Jonathan Ullmanx Ben-Gurion University Northeastern University [email protected] [email protected] Abstract While statistics and machine learning offers numerous methods for ensuring gener- alization, these methods often fail in the presence of post selection—the common practice in which the choice of analysis depends on previous interactions with the same dataset. A recent line of work has introduced powerful, general purpose algorithms that ensure a property called post hoc generalization (Cummings et al., COLT’16), which says that no person when given the output of the algorithm should be able to find any statistic for which the data differs significantly from the population it came from. In this work we show several limitations on the power of algorithms satisfying post hoc generalization. First, we show a tight lower bound on the error of any algorithm that satisfies post hoc generalization and answers adaptively chosen statistical queries, showing a strong barrier to progress in post selection data analysis. Second, we show that post hoc generalization is not closed under composition, despite many examples of such algorithms exhibiting strong composition properties. 1 Introduction Consider a dataset X consisting of n independent samples from some unknown population P. How can we ensure that the conclusions drawn from X generalize to the population P? Despite decades of research in statistics and machine learning on methods for ensuring generalization, there is an increased recognition that many scientific findings do not generalize, with some even declaring this to be a “statistical crisis in science” [14].