Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

DP: Bound contribution from a single client #210

Closed
martinthomson opened this issue Mar 25, 2022 · 5 comments · Fixed by #579
Closed

DP: Bound contribution from a single client #210

martinthomson opened this issue Mar 25, 2022 · 5 comments · Fixed by #579
Assignees
Labels
draft-12 editorial The issue raised is purely editorial (i.e., doesn't impact implementations).

Comments

@martinthomson
Copy link
Contributor

Seeing @chris-wood present on this made it clear that there are no mechanisms that might prevent a single client from contributing to aggregates multiple times. This is problematic for the application of DP, as the contribution of any client needs to be bounded in order to place a finite bound on the DP noise.

There is currently a fixation on having fixed-sized duration for tasks and batch limits, but neither of these help.

@simon-friedberger
Copy link
Contributor

Given that clients don't want to break their own privacy, how is this different from the Sybil attacks discussed in #211 ?

@martinthomson
Copy link
Contributor Author

The measures that prevent spoiling of results are incomplete without some protection against these attacks. This isn't a privacy issue as much as it is a correctness one. So maybe strike my original comments about DP protections.

@cjpatton
Copy link
Collaborator

We do acknowledge already the possibility of a Sybil attack resulting in a "poisoned" aggregate result: https://datatracker.ietf.org/doc/html/draft-ietf-ppm-dap-07#section-7.2

@martinthomson does this text cover the attack? Do you think we should do more than acknowledge the attack? For a general approach to mitigating Sybil attacks see https://github.com/cpriebe/draft-priebe-ppm-dap-reportauth

@martinthomson
Copy link
Contributor Author

I think that what you have there in S7.2 is OK. Like in the paper you cite, I don't think that you can put meaningful protections in place for Sybil attacks. That's not to say that some cases can't benefit from protections, so maybe an informative note about some potential approaches would be how to strike the balance.

@cjpatton cjpatton added editorial The issue raised is purely editorial (i.e., doesn't impact implementations). and removed differential privacy labels Oct 24, 2023
@cjpatton cjpatton self-assigned this Sep 17, 2024
@cjpatton
Copy link
Collaborator

We already have a section about Sybil attacks and how they can be mitigated. DP is suggested, but of course this only applies to privacy. This PR clarifies this: #579

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
draft-12 editorial The issue raised is purely editorial (i.e., doesn't impact implementations).
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants