-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/12/14 15:37, A. Johnson wrote: >> But I don't see the value of binning the result once more. In a >> sense, we're already binning signal + noise by cutting off the >> float part. I don't see what we gain by reducing resolution >> even more. It seems just unnecessary. > > In principle releasing the number could result in different > differential-privacy guarantees than releasing the bin. However, > the way I had in mind to set the Laplace parameters this wouldn’t > be an issue, because the Laplace distributions themselves would > satisfy the desired differential privacy guarantee (and not just > the resulting distribution on bins). > > So I guess this could be viewed as a post-processing step that is > useful for clarity rather than privacy: namely, that the output > should be interpreted as a range. But we could leave this to the > data consumer to apply without a privacy issue.
Can you be more explicit with regard to privacy guarantees of the obfuscation schema that is currently implemented: 1) binning, 2) add Laplace noise, 3) no second binning. If you think 3) should be changed, can you explain why that leads to better privacy guarantees? > Also, I believe that the parameters we had discussed should > change. To see why, observe that the Laplace distributions for two > adjacent values that cross a bin barrier are now very far apart > after being recentered within the appropriate bins. Thus, \delta_f > should increase if it is smaller than the maximum number of bins > that can be crossed within that \delta_f multiplied by the bin > size. With our previous numbers, the new \delta_f for rendezvous > cell counts doesn’t change (still 2048), but the new \delta_f for > HS descriptors counts is 8. The current parameters are: * delta_f = 2048 * epsilon = 0.3 * bin_size = 1024 and * delta_f = 1 * epsilon = 0.3 * bin_size = 8 I can see how the Laplace distribution doesn't add much noise to the second case. And your suggestion is to change the second delta_f to 8? Thanks! All the best, Karsten -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJUiZFPAAoJEJd5OEYhk8hIJU8IAJNTNMuElPh96vTVWrEn9Sjt 811c2uF3I4jJIpcXGdGPfWNLuTAufXCVl+WBricccte04zYRCVzLy6Ww1JPDcQIr y7NkOwwZ2bbww2SMeHXllW1XKZcCVf72Oqt3YFLuUInPs68X3/20YzNKY+e7tVnJ 8EsH3zhgnHAMsEPBAZjG21gopfNJySPGgx2OAgLfur5WVu3VmiKUkEpqSreGyu8c MUsP8SFWWP9/Ninwq3MDZJmEDt+sux7dRn69Q6A8CDKnmVuJu/ilELOaioQ9bkZy 27N0/PQ8pE+dQBUIF89XyoedJ93/GptiNjRNwE1Wbjy53rnkpPeG7GdsusgO5yI= =MTG2 -----END PGP SIGNATURE----- _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev