Skip to Main content Skip to Navigation
New interface
Journal articles

On the information leakage of differentially-private mechanisms

Abstract : Differential privacy aims at protecting the privacy of participants in statistical databases. Roughly, a mechanism satisfies differential privacy if the presence or value of a single individual in the database does not significantly change the likelihood of obtaining a certain answer to any statistical query posed by a data analyst. Differentially-private mechanisms are often oblivious: first the query is processed on the database to produce a true answer, and then this answer is adequately randomized before being reported to the data analyst. Ideally, a mechanism should minimize leakage, i.e., obfuscate as much as possible the link between reported answers and individuals' data, while maximizing utility, i.e., report answers as similar as possible to the true ones. These two goals, however, are in conflict with each other, thus imposing a trade-off between privacy and utility. In this paper we use quantitative information flow principles to analyze leakage and utility in oblivious differentially-private mechanisms. We introduce a technique that exploits graph symmetries of the adjacency relation on databases to derive bounds on the min-entropy leakage of the mechanism. We consider a notion of utility based on identity gain functions, which is closely related to min-entropy leakage, and we derive bounds for it. Finally, given some graph symmetries, we provide a mechanism that maximizes utility while preserving the required level of differential privacy.
Complete list of metadata

Cited literature [28 references]  Display  Hide  Download
Contributor : Konstantinos Chatzikokolakis Connect in order to contact the contributor
Submitted on : Tuesday, December 22, 2015 - 6:38:23 PM
Last modification on : Friday, November 18, 2022 - 9:27:36 AM
Long-term archiving on: : Wednesday, March 23, 2016 - 2:12:22 PM


Files produced by the author(s)



Mário Sérgio Alvim, Miguel E. Andrés, Konstantinos Chatzikokolakis, Pierpaolo Degano, Catuscia Palamidessi. On the information leakage of differentially-private mechanisms. Journal of Computer Security, 2015, 23 (4), pp.427-469. ⟨10.3233/JCS-150528⟩. ⟨hal-00940425v2⟩



Record views


Files downloads