> Can you be more explicit with regard to privacy guarantees of the > obfuscation schema that is currently implemented: 1) binning, 2) add > Laplace noise, 3) no second binning.
I’ll discuss this in terms of attacks on the stats of the number of HS descriptors. Binning: Suppose an adversary knows that the number of HS descriptors stays constant over a week. He knows when all descriptors are being published except for one. By binning he won’t know when that one is published unless the number of other descriptors exactly fills a bin. Laplace noise: To provide cover in the case that all other descriptors exactly fill a bin, we add some noise so that sometimes an adjacent bin is reported instead, or (less likely) a bin two distant, etc. Then the adversary can’t immediately know whether an unknown descriptor is indeed published in any given period. However, he can eventually figure this out by making enough observations and looking at the resulting empirical distribution. But it’s better than not protecting it at all. > If you think 3) should be changed, can you explain why that leads to > better privacy guarantees? I don’t think that 3 should be changed, but if you removed it, it wouldn't affect the privacy argument. > I can see how the Laplace distribution doesn't add much noise to the > second case. And your suggestion is to change the second delta_f to 8? Yes. Best, Aaron _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
