Floating-point privacy vulnerabilities #19
Comments
|
Hi @naoise-h. I implemented the Mironov paper (at https://github.com/danrr/Snapping-mechanism) to get a better understanding of it. The attack code I wrote seems to work against diffprivlib's Laplace mechanism and can differentiate between 0 and 1 with a high probability. I have implemented the snapping mechanism as described in the paper (https://github.com/danrr/Snapping-mechanism/blob/main/SnappingMechanism/SnappingMechanism.py) so I've started adapting the code to integrate with diffprivlib on my fork and I've opened a draft PR (#46). Please let me know if this is something you would be happy to merge if it was complete. Also, any feedback on the implementation would be greately appreciated |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Vulnerabilities of the Laplace mechanism to floating-point attacks have been flagged in the past. Fixing this vulnerability and investigating similar vulnerabilities for other mechanisms is highly desirable.
The text was updated successfully, but these errors were encountered: