Damien Desfontaines and Samuel Haney, Tumult Labs
Differential privacy is, in many ways, like cryptography: even though its basic building blocks are conceptually simple, their implementation can be surprisingly tricky. This talk presents the result of our applied research about floating-point vulnerabilities on differential privacy implementations. First, we explain what it means for differential privacy software to be vulnerable to attacks, and how to reason about the severity of such vulnerabilities. Second, we present precision-based attacks, a new class of vulnerabilities which affects several open-source libraries. Finally, we outline a new technique to address this vulnerability, and all other possible attack vectors based on floating-point behavior.
Damien Desfontaines, Tumult Labs
Damien works as a Scientist at Tumult Labs, a startup focusing on making it easier to share or publish insights from sensitive data, using differential privacy. He previously led the anonymization consulting team at Google, and got his PhD in Computer Science from ETH Zurich.
Samuel Haney, Tumult Labs
Sam works as a Scientist at Tumult Labs. Before that, he got his PhD in Computer Science from Duke University.
author = {Damien Desfontaines and Samuel Haney},
title = {How to Break, Then Fix, Differential Privacy on Finite Computers},
year = {2023},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = sep
}
