Paper Info
Title
Using Differential Privacy to Efficiently Mitigate Side Channels in Distributed Analytics
Abstract
Distributed analytics systems enable users to efficiently perform computations over large distributed data sets. Recently, systems have been proposed that can additionally protect the data's privacy by keeping it encrypted even in memory and by performing the computations using trusted execution environments (TEEs). This approach has the potential to make it much safer to outsource analytics jobs to an untrusted cloud platform or to distribute it across multiple parties. TEEs, however, suffer from side channels, such as timing, memory access patterns, and message sizes that weaken their privacy guarantees. Existing privacy-preserving analytics systems only address a subset of these channels, such as memory access patterns, while largely neglecting size and timing. Moreover, previous attempts to close size and timing channels suffer from high performance costs, impracticality, or a lack of rigorous privacy guarantees. In this paper, we present an approach to mitigating timing and size side channels in analytics based on differential privacy that is both dramatically more efficient than the state-of-the-art while offering principled privacy assurances. We also sketch a design for a new analytics system we are developing called Hermetic that aims to be the first to mitigate the four most critical digital side channels simultaneously. Our preliminary evaluation demonstrates the potential benefits of our method.
Year
DOI
Venue
2018
10.1145/3193111.3193115
EuroSys '18: Thirteenth EuroSys Conference 2018 Porto Portugal April, 2018
Field
DocType
ISBN
Differential privacy,Computer science,Reverse engineering,Communication channel,SAFER,Outsourcing,Encryption,Analytics,Distributed computing,Cloud computing
Conference
978-1-4503-5652-7
Citations 
PageRank 
References 
0
0.34
17
Authors
4
Name
Order
Citations
PageRank
Min Xu1171.68
Antonis Papadimitriou2253.52
Ariel J. Feldman361336.42
Andreas Haeberlen4475.75