%0 Conference Proceedings
%T Preventing Manipulation Attack in Local Differential Privacy Using Verifiable Randomization Mechanism
%+ Department of Social Informatics [Kyoto]
%A Kato, Fumiyuki
%A Cao, Yang
%A Yoshikawa, Masatoshi
%Z Part 1: Differential Privacy
%< avec comité de lecture
%( Lecture Notes in Computer Science
%B 35th IFIP Annual Conference on Data and Applications Security and Privacy (DBSec)
%C Calgary, AB, Canada
%Y Ken Barker
%Y Kambiz Ghazinour
%I Springer International Publishing
%3 Data and Applications Security and Privacy XXXV
%V LNCS-12840
%P 43-60
%8 2021-07-19
%D 2021
%R 10.1007/978-3-030-81242-3_3
%K Local differential privacy
%K Manipulation attack
%K Data poisoning
%K Verifiable computation
%K Oblivious transfer
%Z Computer Science [cs]Conference papers
%X Local differential privacy (LDP) has been received increasing attention as a formal privacy definition without a trusted server. In a typical LDP protocol, the clients perturb their data locally with a randomized mechanism before sending it to the server for analysis. Many studies in the literature of LDP implicitly assume that the clients honestly follow the protocol; however, two recent studies show that LDP is generally vulnerable under malicious clients. Cao et al. (USENIX Security ’21) and Cheu et al. (IEEE S&P ’21) demonstrated that the malicious clients could effectively skew the analysis (such as frequency estimation) by sending fake data to the server, which is called data poisoning attack or manipulation attack against LDP. In this paper, we propose secure and efficient verifiable LDP protocols to prevent manipulation attacks. Specifically, we leverage Cryptographic Randomized Response Technique (CRRT) as a building block to convert existing LDP mechanisms into a verifiable version. In this way, the server can verify the completeness of executing an agreed randomization mechanism on the client side without sacrificing local privacy. Our proposed method can completely protect the LDP protocol from output manipulation attacks, and significantly mitigates unexpected damage from malicious clients with acceptable computational overhead.
%G English
%Z TC 11
%Z WG 11.3
%2 https://inria.hal.science/hal-03677038/document
%2 https://inria.hal.science/hal-03677038/file/513274_1_En_3_Chapter.pdf
%L hal-03677038
%U https://inria.hal.science/hal-03677038
%~ IFIP-LNCS
%~ IFIP
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-3
%~ IFIP-DBSEC
%~ IFIP-LNCS-12840