Differentially Private Linear Optimization for Multi-Party Resource Sharing

This study examines a resource-sharing problem involving multiple parties that agree to use a set of capacities together. We start with modeling the whole problem as a mathematical program, where all parties are required to exchange information to obtain the optimal objective function value. This information bears private data from each party in terms of coefficients used in the mathematical program. Moreover, the parties also consider the individual optimal solutions as private. In this setting, the concern for the parties is the privacy of their data and their optimal allocations. We propose a two-step approach to meet the privacy requirements of the parties. In the first step, we obtain a reformulated model that is amenable to a decomposition scheme. Although this scheme eliminates almost all data exchanges, it does not provide a formal privacy guarantee. In the second step, we provide this guarantee with a locally differentially private algorithm, which does not need a trusted aggregator, at the expense of deviating slightly from the optimality. We provide bounds on this deviation and discuss the consequences of these theoretical results. We also propose a novel modification to increase the efficiency of the algorithm in terms of reducing the theoretical optimality gap. The study ends with a numerical experiment on a planning problem that demonstrates an application of the proposed approach. As we work with a general linear optimization model, our analysis and discussion can be used in different application areas including production planning, logistics, and revenue management

New Attacks against Transformation-Based Privacy-Preserving Linear Programming

In this paper we demonstrate a number of attacks against proposed protocols for privacy-preserving linear programming, based on publishing and solving a transformed version of the problem instance. Our attacks exploit the geometric structure of the problem, which has mostly been overlooked in the previous analyses and is largely preserved by the proposed transformations. The attacks are efficient in practice and cast serious doubt to the viability of transformation-based approaches in general

Insecurity of Transformation-Based Privacy-Preserving Linear Programming

Rakendusmatemaatikat kasutatakse paljudes reaalse maailma probleemides. Nende probleemide lahendamine võib olla seotud tundlike andmetega. Sellisel juhul läheb tarvis krüptograafilisi meetodeid. Kuigi on tõestatud, et iga funktsiooni saab arvutada turvaliselt, on küsimus selles, kuidas teha seda efektiivselt. Üldiselt võib olla keeruline lahendada optimeerimisülesandeid nii turvaliselt kui ka efektiivselt, kuid häid lahendeid saab leida kitsamatele ülesannete klassidele, näiteks lineaarse planeerimise ülesannetele. Käesolev töö annab ülevaate teisenduspõhisest privaatsust säilitavast lineaarsest planeerimisest, tutvustades mõningaid probleeme eelmistes töödes ja näidates teisenduspõhise meetodi ebaturvalisust. Töö esitab konkreetseid ründeid olemasolevate teisendusmeetodite vastu. Töös pakutakse välja võimalikud viisid nende rünnete eest kaitsmiseks ja seejärel näidatakse, et mõned teisenduspõhise meetodi puudused ei ole üldse ületatavad, vähemalt eelmistes töödes kasutatud teatud teisenduste klassi raamesse jäädes.Applied mathematics is used in many real-world problems. Solving some of these problems may involve sensitive data. In this case, cryptographic techniques become necessary. Although it has been proven that any function can be computed securely, it is still a question how to do it efficiently. While it may be difficult to solve optimization tasks securely and efficiently in general, there may still be solutions for some particular classes of tasks, such as linear programming. This thesis gives an overview of the transformation-based privacy-preserving linear programming. The thesis introduces some problems of this approach that have been present in the previous works and demonstrates its insecurity. It presents concrete attacks against published methods following this approach. Possible methods of protection against these attacks are proposed. It has been proven that there are issues that cannot be resolved at all using the particular known class of efficient transformations that has been used before

Secure Optimization Computation Outsourcing in Cloud Computing: A Case Study of Linear Programming

Abstract-Cloud computing enables an economically promising paradigm of computation outsourcing. However, how to protect customers confidential data processed and generated during the computation is becoming the major security concern. Focusing on engineering computing and optimization tasks, this paper investigates secure outsourcing of widely applicable linear programming (LP) computations. Our mechanism design explicitly decomposes LP computation outsourcing into public LP solvers running on the cloud and private LP parameters owned by the customer. The resulting flexibility allows us to explore appropriate security/efficiency tradeoff via higher-level abstraction of LP computation than the general circuit representation. Specifically, by formulating private LP problem as a set of matrices/vectors, we develop efficient privacy-preserving problem transformation techniques, which allow customers to transform the original LP into some random one while protecting sensitive input/output information. To validate the computation result, we further explore the fundamental duality theorem of LP and derive the necessary and sufficient conditions that correct results must satisfy. Such result verification mechanism is very efficient and incurs close-to-zero additional cost on both cloud server and customers. Extensive security analysis and experiment results show the immediate practicability of our mechanism design

Transformation-Based Outsourcing of Linear Equation Systems over Real Numbers

This paper studies the possibility of achieving indistinguishability-based security in privately outsourcing linear equation systems over real numbers. The particular task is to solve a full-rank (n x n) system Ax = b. Since the most complex part of this task is inverting A, the problem can be reduced to outsourcing of a square matrix inverse computation. Although outsourcing matrix inverse is trivial for matrices over finite fields, it is not so easy for matrices over real numbers. We study the class of affine transformations for matrices over real numbers, find out which forms are possible at all, and state some properties that the transformation and the initial matrices must satisfy in order to make the initial matrices perfectly (or statistically) indistinguishable after applying the transformation. This paper provides both possibility and impossibility results

Distributed Constraint Optimization:Privacy Guarantees and Stochastic Uncertainty

Distributed Constraint Satisfaction (DisCSP) and Distributed Constraint Optimization (DCOP) are formal frameworks that can be used to model a variety of problems in which multiple decision-makers cooperate towards a common goal: from computing an equilibrium of a game, to vehicle routing problems, to combinatorial auctions. In this thesis, we independently address two important issues in such multi-agent problems: 1) how to provide strong guarantees on the protection of the privacy of the participants, and 2) how to anticipate future, uncontrollable events. On the privacy front, our contributions depart from previous work in two ways. First, we consider not only constraint privacy (the agents' private costs) and decision privacy (keeping the complete solution secret), but also two other types of privacy that have been largely overlooked in the literature: agent privacy, which has to do with protecting the identities of the participants, and topology privacy, which covers information about the agents' co-dependencies. Second, while previous work focused mainly on quantitatively measuring and reducing privacy loss, our algorithms provide stronger, qualitative guarantees on what information will remain secret. Our experiments show that it is possible to provide such privacy guarantees, while still scaling to much larger problems than the previous state of the art. When it comes to reasoning under uncertainty, we propose an extension to the DCOP framework, called DCOP under Stochastic Uncertainty (StochDCOP), which includes uncontrollable, random variables with known probability distributions that model uncertain, future events. The problem becomes one of making "optimal" offline decisions, before the true values of the random variables can be observed. We consider three possible concepts of optimality: minimizing the expected cost, minimizing the worst-case cost, or maximizing the probability of a-posteriori optimality. We propose a new family of StochDCOP algorithms, exploring the tradeoffs between solution quality, computational and message complexity, and privacy. In particular, we show how discovering and reasoning about co-dependencies on common random variables can yield higher-quality solutions

Design of large scale applications of secure multiparty computation : secure linear programming

Secure multiparty computation is a basic concept of growing interest in modern cryptography. It allows a set of mutually distrusting parties to perform a computation on their private information in such a way that as little as possible is revealed about each private input. The early results of multiparty computation have only theoretical signi??cance since they are not able to solve computationally complex functions in a reasonable amount of time. Nowadays, e??ciency of secure multiparty computation is an important topic of cryptographic research. As a case study we apply multiparty computation to solve the problem of secure linear programming. The results enable, for example in the context of the EU-FP7 project SecureSCM, collaborative supply chain management. Collaborative supply chain management is about the optimization of the supply and demand con??guration of a supply chain. In order to optimize the total bene??t of the entire chain, parties should collaborate by pooling their sensitive data. With the focus on e??ciency we design protocols that securely solve any linear program using the simplex algorithm. The simplex algorithm is well studied and there are many variants of the simplex algorithm providing a simple and e??cient solution to solving linear programs in practice. However, the cryptographic layer on top of any variant of the simplex algorithm imposes restrictions and new complexity measures. For example, hiding the number of iterations of the simplex algorithm has the consequence that the secure implementations have a worst case number of iterations. Then, since the simplex algorithm has exponentially many iterations in the worst case, the secure implementations have exponentially many iterations in all cases. To give a basis for understanding the restrictions, we review the basic theory behind the simplex algorithm and we provide a set of cryptographic building blocks used to implement secure protocols evaluating basic variants of the simplex algorithm. We show how to balance between privacy and e??ciency; some protocols reveal data about the internal state of the simplex algorithm, such as the number of iterations, in order to improve the expected running times. For the sake of simplicity and e??ciency, the protocols are based on Shamir's secret sharing scheme. We combine and use the results from the literature on secure random number generation, secure circuit evaluation, secure comparison, and secret indexing to construct e??cient building blocks for secure simplex. The solutions for secure linear programming in this thesis can be split into two categories. On the one hand, some protocols evaluate the classical variants of the simplex algorithm in which numbers are truncated, while the other protocols evaluate the variants of the simplex algorithms in which truncation is avoided. On the other hand, the protocols can be separated by the size of the tableaus. Theoretically there is no clear winner that has both the best security properties and the best performance