> Can you be more explicit with regard to privacy guarantees of the
> obfuscation schema that is currently implemented: 1) binning, 2) add
> Laplace noise, 3) no second binning.

I’ll discuss this in terms of attacks on the stats of the number of HS 
descriptors.

Binning: Suppose an adversary knows that the number of HS descriptors stays 
constant over a week. He knows when all descriptors are being published except 
for one. By binning he won’t know when that one is published unless the number 
of other descriptors exactly fills a bin.

Laplace noise: To provide cover in the case that all other descriptors exactly 
fill a bin, we add some noise so that sometimes an adjacent bin is reported 
instead, or (less likely) a bin two distant, etc. Then the adversary can’t 
immediately know whether an unknown descriptor is indeed published in any given 
period. However, he can eventually figure this out by making enough 
observations and looking at the resulting empirical distribution. But it’s 
better than not protecting it at all.


> If you think 3) should be changed, can you explain why that leads to
> better privacy guarantees?

I don’t think that 3 should be changed, but if you removed it, it wouldn't 
affect the privacy argument.

> I can see how the Laplace distribution doesn't add much noise to the
> second case.  And your suggestion is to change the second delta_f to 8?

Yes.

Best,
Aaron
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Reply via email to