Lower Bounds for Rényi Differential Privacy in a Black-Box Setting
Tim Kutta, Önder Askin, Martin Dunsche
IEEE Symposium on Security and Privacy 2024 · Day 1 · Continental Ballroom 6
This talk, presented by Tim Kutta alongside collaborators Martin Dunsche and Önder Askin, introduces a novel method for statistically assessing **Rényi Differential Privacy (RDP)** in a black-box setting. Differential privacy (DP) is a crucial concept in data privacy, aiming to protect individual user data while still allowing for meaningful statistical analysis. The challenge lies in verifying whether an algorithm truly adheres to its claimed privacy guarantees, especially when only its outputs are observable without access to its internal code or design – a "black-box" scenario.
AI review
This talk presents a statistically rigorous black-box methodology for assessing Rényi Differential Privacy (RDP), addressing a critical gap in verifying privacy guarantees for practical algorithms like the Gaussian mechanism. The novel D_Smooth estimator, which leverages a smooth maximum approximation, provides robust confidence intervals for RDP parameters, enabling the auditing and debunking of false privacy claims. This is a crucial advancement for real-world deployment and verification of privacy-preserving systems.