DEV Community: TikTok Privacy Innovation

Evaluating anonymity limitations with AnonPSI

TikTok Privacy Innovation — Tue, 20 Feb 2024 00:43:03 +0000

Last year, we announced PrivacyGo, one of the initiatives undertaken by Privacy Innovation at TikTok to research innovative ways of safeguarding the privacy and security of our users and protecting sensitive information for our partner organizations. PrivacyGo is the synergetic fusion of Privacy Enhancing Technologies (PETs), namely Private Set Intersection (PSI) and Differential Privacy (DP).
_

Introducing AnonPSI

Within the PrivacyGo ecosystem, we recently introduced AnonPSI, an anonymity assessment framework for Private Set Intersection (PSI). AnonPSI shows that solely using PSI is not secure, therefore, motivating the PET fusion introduced by PrivacyGo.

PSI is a widely used protocol that enables two parties to securely compute a function over the intersected part of their shared datasets and has been a significant research focus over the years. However, recent studies have highlighted its vulnerability to Set Membership Inference Attacks (SMIA), where an adversary might deduce an individual's membership by invoking multiple PSI protocols. This presents a considerable risk, even in the most stringent versions of PSI, which only return the cardinality of the intersection.

We recently published a research paper that explores the evaluation of anonymity within the PSI context.

Initially, we highlight the reasons why existing works fall short in measuring privacy leakage, and subsequently propose two attack strategies that address these deficiencies. Furthermore, we provide theoretical guarantees on the performance of our proposed methods. In addition to these, we illustrate how the integration of auxiliary information, such as the sum of payloads associated with members of the intersection (PSI-SUM), can enhance attack efficiency. We conducted a comprehensive performance evaluation of various attack strategies proposed utilizing two real datasets.

Our findings indicate that the methods we propose markedly enhance attack efficiency when contrasted with previous research endeavors. The effective attacking implies that depending solely on existing PSI protocols may not provide an adequate level of privacy assurance. It is recommended to combine privacy-enhancing technologies synergistically to enhance privacy protection even further.

Learn more about AnonPSI

For more information, check out the AnonPSI research paper and follow us on GitHub.

PETAce in Action: Enhancing Privacy During Friends Matching in TikTok

TikTok Privacy Innovation — Tue, 09 Jan 2024 22:26:56 +0000

I. Recap: PETAce and the Role of Cryptography in Privacy

Cryptography-related techniques play a crucial role in various Privacy-Enhancing Technologies (PETs). It provides precise and provable privacy guarantees while maintaining the ability to gain insights from sensitive datasets. Moreover, cryptographic techniques are often used together with other PETs like differential privacy and federated learning to build a holistic and comprehensive solution to provide sufficient privacy protection throughout the data pipeline lifecycle. PETAce (Privacy-Enhancing Technologies via Applied Cryptography Engineering) is TikTok’s PET framework, which is based on state-of-the-art cryptographic research results. It provides various privacy-enhancing computing capabilities such as secure multi-party computation, private set intersection, private information retrieval, and homomorphic encryption, allowing parties to work together on data processing tasks while protecting their private data.

II. Contact Book Matching: A Concrete Example of PETs using PETAce

To understand how PETAce preserves data privacy, let’s dive into its application at TikTok for matching friends in TikTok using user private phone contacts. Our approach is based on private set intersection (PSI) with advanced cryptographic techniques, which ensure minimal data collection and set a new standard for safeguarding user sensitive data, enhancing trust and security.

With this new solution, we encourage users to share their contacts, facilitating the discovery of potential friends using the TikTok apps, with the assurance that we will minimize the information exposed to the other parties throughout the process. TikTok users can not only embark on a journey to connect with those they know, but are also more likely to engage with and enjoy the enhanced social functionalities provided by the platform, fostering a vibrant and connected community.

Contact Book Matching for Social Interaction

Contact book matching, often referred to as contact synchronization, is a process of identifying and connecting the user with individuals who are also using TikTok and have matching contact information, typically phone numbers. When a user authorizes access to their contact book, the server can diligently identify potential users who have registered TikTok account and share the phone numbers within the contacts. If there is a match, it allows users to discover and connect with people who they may know. This feature facilitates easier and more personalized connection-building, enhancing the user experience by leveraging existing relationships and making it convenient to find friends or acquaintances on the platform with more friend interaction.

To prioritize data privacy and ensure the confidentiality of user phone contacts throughout the matching process, our initial attempt is to employ the SHA-256 hashing mechanism [1], which is a process of data anonymization to mask sensitive information and ensure no single original item can be identified by other parties, including TikTok. This approach transforms the original data into a fixed-length hash value, making it computationally infeasible for attackers to solve for the original information. However, in case of contact book matching, the hashing method is not strong enough to prevent plain email or mobile recovery due to the nature of their low entropy [2]. The malicious party can take advantage of brute force attacks and reveal the full list of contacts from users without their consent.

To address this potential risk of information leakage, we implement our new privacy-preserving techniques as a proactive measure, offering a more secure approach to ensure a robust and confidential data-sharing experience for our users. Specifically, this new solution provides an additional layer of protection against the vulnerabilities associated with low-entropy information encodings. Our goal is to allow users to seamlessly authorize their phone contacts without revealing any sensitive information.

2. What is PSI

Private set intersection is a secure multiparty computation cryptographic technique where two parties hold sets of elements (hash value of phone contacts in this case), and allow one or both of them to discover the intersection between those sets by comparing encrypted versions of these sets. In this scenario:

Neither party (i.e., TikTok users) reveals anything to the counterparty except for the elements in the intersection
Neither party (i.e., TikTok users) reveals anything sensitive about their sets to an eavesdropper

The challenge in PSI is how two or more parties can compute the intersection of their private input sets, while the elements that are not in the intersection remain private. Our PSI protocol is based on the Elliptic-curve Diffie–Hellman, which is a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel. The overall protocol achieves outstanding computational complexity and bandwidth capacity compared to other kinds of PSI protocol such as private set intersection based on RSA blind signature.

3. Initial design of protocols

The following simplified algorithm indicated the basic idea of our protocols:

Suppose the server maintains a secret key b and a set of phone contacts {y}. The client owns a set of phone contacts {x}. Let H denote a cryptographic hash function, and E denote an elliptic curve that both the client and server agree on.

The protocol executes as follows:

The client generates a random secret key a.
The client iteratively applies the H function to compute hash values {H(x)} of each of the values in the original set of user phone contacts.
For each of these hashed values, the client applies “blind” operations and calculates the “blinded” hash value {H(x)^a} using secret key a.
The client sends the series of calculated points {H(x)^a} to the server.
Once receiving the request, the privacy server calculates the shared secrets corresponding to each element received from the client {H(x)^a} using a persistent secret key b. We denote the resulting series of points as {H(x)^ab} , which is a set of “double-blinded” hash values of the original phone contact from the client.
The server will apply the same hash function H and “blind” operation with the secret key b to all the phone contacts stored in the server, like the same way the client did. We denote the result list as {H(y)^b}, which is a set of blinded hash values of the original phone contact from the server.
The server then sends back the list of single-blinded hash values {H(y)^b}, as well as the corresponding double-blinded values {H(x)^ab} in the response to the client.
After receiving the response, the client performs an “unblind” operation to each of the double blinded values {H(x)^ab} using the secret key a . This will result in a reversed set of points {H(x)^b} which are only blinded by the secret key b.
For each of the single-blinded hash values {H(x)^b} derived from the last step, the client now can locally query {H(y)^b} received from the server to see if there is any element of {H(x)^b} is also an element in the set of {H(y)^b} . If the original phone contacts x from the client match any phone contacts y from the server, their corresponding blinded value H(x)^b and H(y)^b will be equivalent.
The matching set consists of the original phone contact present from the client, which is also present from the server. It will be further passed to the original flow of contact book matching to identify friend relations.

4. How to use PETAce?

In the contact book matching scenario, we use PSI based on the Elliptic Curve Diffie-Hellman (ECDH-PSI) [3] to enhance user privacy. PETAce provides multiple ways to support ECDH-PSI development. In the following, we will describe how to use PETAce to develop the ECDH-PSI protocol.

PETAce provides user-friendly Python APIs for the ECDH-PSI protocol. Below is an example illustrating how to use it in practice.

from petace.setops.psi import PSI
from petace.setops.pysetops import NetParams, NetScheme, PSIScheme

# Init network
net_params = NetParams()

# Init psi engine
psi = PSI(party, net_params, NetScheme.SOCKET, PSIScheme.ECDH_PSI)

# Compute set intersection.
ret = psi.process(data, obtain_result)

PETAce also offers a versatile C++ APIs for the ECDH-PSI protocol. The following example demonstrates how this API can be utilized in practice.

#include "nlohmann/json.hpp"

#include "network/net_factory.h"
#include "solo/prng.h"

#include "setops/psi/ecdh_psi.h"

void ecdh_psi_example() {
    // Read JSON config.
    nlohmann::json params = nlohmann::json::parse(in, nullptr, true);

    // Connect net io.
    auto net = petace::network::NetFactory::get_instance().build(petace::network::NetScheme::SOCKET, net_params);

    // Run ecdh-psi.
    petace::setops::EcdhPSI psi;
    psi.init(net, params);
    psi.process(net, input_keys, output_keys);
}

Furthermore, customized ECDH-PSI protocols can be developed based on PETAce-Solo, which can be more flexible to meet business requirements.

5. User Flow

The entire workflow for privacy-preserving contact book matching is illustrated in the following steps

User authorizes a contact book with list of phone contacts with prompts
The contact book is hashed and blinded locally before sending it to the server for contact matching
The privacy center invokes the server to get the response with server secret set
The client will then perform the local matching to exclude all user contacts that are not in the data breaches
The filtered contact lists would be further sent to server for friends matching

6. What level of privacy does PSI ensure

All social media apps face a challenge in balancing user privacy with features that rely on some degree of data sharing. PSI represents an important step forward in upholding TikTok’s responsibility to protect the privacy of our users. Our protocols effectively remove privacy barriers that traditionally hinder secure data sharing and users can confidently share their contact books, knowing that their data is shielded from the server and other users.

Privacy-Preserving Data Sharing: The cryptographic operations ensure that neither parties can identify original values of user data or data membership, in the counterpart’s non-intersecting dataset.
Server-Agnostic Operation with data minimization: The server remains entirely agnostic to user data, ensuring no storage or learning of information that doesn’t belong to it.
End-to-End Encryption: Every step of the process is fortified with end-to-end encryption, guaranteeing that user data is secure during transmission and inaccessible to any unauthorized entities, including the server. We implement well-established and widely trusted cryptographic techniques for secure secret exchange, which is guaranteed by provable security techniques in cryptography. We use NIST recommended 256-bit elliptic curve secp256r1, which supplies approximately 128-bit security, and it is computationally infeasible to attack secp256r1-based ECDH-PSI protocol. Therefore, based on the Diffie-Hellman Assumption, our system guarantees robustness against various attacks and ensures that only authorized parties can perform the intersection.

6. How efficient and robust is PSI in Practice?

It’s important to acknowledge that the incorporation of privacy protocols could lead to a negative impact on user experience due to additional data processing and escalated data transmission between the client and server in the phase of secret exchanging. To facilitate a seamless integration with PET, we offered the following significant optimizations to ensure secure and effective computation of intersection-related stats from private datasets, making it a practical product for various applications where data sharing is essential.

Pre-processing of phone contacts into cipher form on the server: Cryptographic operations during runtime could be expensive, especially considering the substantial data volume on the server. The practical issue arises concerning both latency and bandwidth capacity. Our approach is to asynchronously pre-process the contact data on the server, transform them into cipher format and store them into persistent storage, which allows them to be efficiently shared directly with the client.
Partitioning the set of phone contacts with shared indexing: Instead of processing the whole set of phone contacts from each party, we let the client generate a set of small sharding indexes from the initial bytes of the hashed prefix of contacts. This bucketization technique enables partitioning extensive datasets into smaller subsets of all necessary entries and reduces the amount of data that needs to be transmitted from the server to the client. The risk of potential phone contact leakage through the disclosure of the shared index is negligible, given that there might be billions of potential phone contacts sharing the same index. We choose the index size carefully to balance privacy and performance.
Using Bloom Filters to compress the blinded data set returned from the server: We are leveraging the inherent structure of Bloom filters to further reduce the bandwidth overhead of large volumes of data that need to be transferred. We dump all the data entries into a bloom filter on the server and return it back as a response to the client. This data structure is particularly well-suited for scenarios where there is a need to verify the presence of an element. It is important to note that the FPR of bloom filter is preserved by restricting the optimal size as threshold to avoid saturated bloom filter.

III. Get involved with the project

IV. References

[1] Secure Hash Algorithm 2

[2] AirDrop Is Leaking Email Addresses and Phone Numbers

[3] Elliptic Curve Diffie–Hellman Protocol

PETAce — Using Applied Cryptography to Enhance Privacy

TikTok Privacy Innovation — Mon, 11 Dec 2023 13:40:23 +0000

Background

In the era of digitalization and big data, there is a growing demand for privacy across diverse businesses. Various applications benefit from data collaboration on a large scale, while individuals are increasingly motivated to gain control of their personal data. Simultaneously, privacy regulations like the General Data Protection Regulation (GDPR) in the European Union, the California Consumer Privacy Act (CCPA) in the United States, the General Personal Data Protection Law (LGPD) in Brazil, and Singapore’s amendment to the Personal Data Protection Act (PDPA), reflect the global embrace of robust privacy regulations.

Privacy-enhancing technologies (PETs) have attracted considerable attention from both the research community and industry in response to the growing demand for privacy protection and data collaboration. PETs encompass a broad range of technologies utilized in collecting, storing, transferring, and analyzing data with the primary goal of safeguarding privacy. These techniques aim to provide innovative solutions that allow data utilization while preserving the users’ privacy.

Introduction

What is PETAce?

PETAce (Privacy-Enhancing Technologies via Applied Cryptography Engineering) is a privacy-enhancing protocol framework based on state-of-the-art research results. It provides data processing methods such as secret sharing [1], homomorphic encryption [2][3][4], and oblivious transfer [5][6], and can perform collaborative computation and analysis of two-party data while preserving data privacy. PETAce has the following characteristics:

PETAce provides various fundamental cryptographic protocols, such that it is flexible for users to build their own PET applications.
The core building blocks are implemented in C++ for best performance. Meanwhile, PETAce also provides user-friendly Python interfaces similar to the well-known Python library Numpy.
A variety of data analysis functions are available to fulfill common statistical and computational needs (e.g., maximum, minimum, percentiles, correlation, group-by, sigmoid, etc). These are the crucial building blocks for popular applications such as SQL query and ML training/inference.
PETAce provides a complete solution for secure two-party computation, enabling efficient development of end-to-end privacy-preserving applications. This guarantees the compliance of privacy regulations and ensures the privacy of user data.
State-of-the-art technologies and 10 million data processing capabilities. For specific protocols, our protocols are even more scalable (e.g., billion-size PSI).

Why use PETAce?

PETAce offers not just high security but also a user-friendly interface. Here are four primary reasons why people should consider using PETAce:

Fast prototyping and testing PET applications. Developing privacy-preserving computation with the familiar Python API.
Ensuring the privacy of user data throughout the computation process.
Building privacy-preserving machine learning (PPML) applications and business intelligence (BI) analysis efficiently.

How PETAce works?

The core functionalities of PETAce are implemented in C++. However, to enhance the ease of developing PETS programs, PETAce also offers user-friendly Python APIs. Below is an example illustrating how to construct your applications.

Consider a scenario where we have a linear regression model and a sample input, and the goal of data analysis is to obtain the model’s evaluation result given the input. The underlying computation is an inner product between two vectors. More formally, a linear model can be represented by a vector M. The sample input can also be represented as a vector X. The inference result can be computed through the inner product of M and X. Therefore, plaintext logic can be achieved by the code below through Numpy：

import numpy as np

def numpy_linear_regression(model, sample):
    return np.sum(model * sample)

Now let’s shift our setting to a distributed scenario where there are two parties: the Server and the Client. The Server holds a linear regression model, while the Client has a private sample input. They want to finish the same task while keeping their own inputs private. In this context, you can employ SecureNumpy as outlined below to establish your protocol. First, you need to input certain parameters (e.g., IP address, port number, party ID) so that PETAce can be properly instantiated, then you put the corresponding inputs into snp.Private(), which is the "private version" of numpy arrays. Note that each snp.Private() also has an "owner", such that only the owner has access to plaintext data. The inner product computation is supported by PETAce through elementwise multiplication followed by a sum.

import petace.duet.securenumpy as snp
from petace.duet.pyduet import NetParams, DuetVM, NetScheme

def securenumpy_linear_regression(model, sample):
    return snp.sum(model * sample)

# Init network
net_params = NetParams()

# Init mpc engine
duet = DuetVM(net_params, NetScheme.SOCKET, party)

# Set data
sample = snp.Private(sample_0, 0, duet)
model = snp.Private(model_1, 1, duet)

# Computation
ret = securenumpy_linear_regression(model, sample)

Key Technologies

Architecture

The core components of PETAce include secure multi-party computation (MPC), private set intersection (PSI), oblivious transfer (OT), homomorphic encryption (HE), and (Python) virtual machine. They collaborate with each other to provide efficient and user-friendly privacy computing capabilities.

1. PETAce-Solo implements primitive hashing, encryption, and randomness generation algorithms performed by a single party.

Hash functions: SHA-256, SHA3–256, and BLAKE2b
Psuedo-random number generators based on: SHAKE_128, BLAKE2Xb, and AES_ECB_CTR.
Prime field elliptic curve group arithmetics including hash-to-curve
Hashing tables: Cuckoo hashing and simple hashing
Partially homomorphic encryption: the Paillier cryptosystem

2. PETAce-Verse includes frequently used cryptographic subprotocols such as oblivious transfer and oblivious shuffling:

Naor-Pinkas oblivious transfer
IKNP 1-out-of-2 oblivious transfer extension
KKRT 1-out-of-n oblivious transfer extension

3. PETAce-Duet abstracts general-purpose two-party secure computing operator protocols.

Protocols from ABY
Secure comparison protocols from Cheetah
The secure random shuffling protocol from Secret-Shared Shuffle
Protocols that convert arithmetic shares to and from ciphertexts of the Paillier cryptosystem

4. PETAce-SetOps archives several protocols that perform private set operations.

An ECDH-PSI protocol based on Elliptic-Curve Diffie-Hellman
The KKRT-PSI protocol based on Oblivious Pseudorandom Functions (OPRF)
A private join and compute protocol based on Circuit-PSI

5. PETAce-Network provides a preliminary interface of network communication.

Network abstract interface
Socket network implementation

Key Designs

1. Virtual Machine

PETAce provides the architecture of the compiler, intermediate representation (IR), and virtual machine to support an interface similar to Numpy, reducing the cost of user code migration.

IR defines some MPC bytecodes used to describe MPC operations. In PETAce, we have three types of data: private, public, and share, which respectively represent private, public, and shared data. An IR typically looks like: {add, am, am, am}. This means that adding two arithmetic share matrices results in an arithmetic share matrix.
The interpreter converts Python code and SQL code into bytecode for the execution of the virtual machine.
The virtual machine executes the corresponding operations based on the bytecode it receives.
New compilers can also be developed based on PETAce’s IR to support other languages, such as Go and Java.

2. ABH Conversion

PETAce efficiently combines secure computation schemes based on Arithmetic sharing, Boolean sharing, and Homomorphic encryption, providing best-practice solutions for secure two-party computation.

Arithmetic sharing supports various standard operations such as addition, subtraction, multiplication, and division, etc.
Boolean sharing supports various standard bitwise operations such as AND, XOR, and OR, etc.
Homomorphic encryption can perform various classes of computations on encrypted data.
The conversion between Arithmetic sharing and Boolean sharing can be leveraged to perform efficient comparisons.
The conversion between Arithmetic sharing and Homomorphic encryption can perform efficient specific operations, such as oblivious shuffling, matrix-vector multiplication, and so on.

3. SQL Operators

PETAce optimizes specific SQL statements to provide efficient SQL query operators.

Pre-code the group by operation and use multiplication to achieve complex grouping operations, avoiding complex comparison and sorting operations.
Perform preprocessing for the permutation function, which can improve the performance of complex sorting operations.
Use filter vectors and multiplications to improve the performance of the where operations.
Provide different types of PSI, such as circuit-PSI, KKRT-PSI, and ECDH-PSI, to ensure the efficiency and security of join operations.

Long-term Vision and Conclusion

We live in a highly digitalized world where privacy concerns are emerging from hundreds if not thousands of new Internet applications created every day. The pace of privacy-enhancing technology development should catch up with the progress of new applications and also the increasing pressure of privacy protection demands from regulatory bodies.

The PETAce framework aims to be a one-stop solution for fast-prototyping PET innovations, for both academic researchers and industry developers. We will keep track of state-of-the-art cryptographic solutions and integrate them into PETAce in due time. PETAce will also publish and incorporate technical advancements made by TikTok Privacy Innovation.

We welcome everyone from the academy and industry to contribute to PETAce. We want to create a collection of easy-to-use tools for designing, prototyping, testing, and deploying PETs for the community. Together, we can further push the boundaries of PETs and build a more privacy-aware and secure digital world.

Get involved with the project.

References

PrivacyGo: TikTok's initiative in synergistic privacy-enhancing technologies

TikTok Privacy Innovation — Sun, 06 Aug 2023 18:39:12 +0000

I. Motivation of Synergistic PETs

Recognizing the limitations of relying solely on a single Privacy-Enhancing Technology (PET) in privacy-sensitive scenarios, TikTok led the initiative PrivacyGo that leverages synergistic PETs fusion to enhance privacy protection.

Privacy-enhancing technologies (PETs) play a crucial role in facilitating increased data sharing while minimizing the risks to privacy and security through innovative technological advancements. One example is secure multiparty computation (MPC), which enables entities to share insights about their data without revealing the actual data itself. Companies and researchers have embraced and relied upon MPC protocols to securely share sensitive information.

To illustrate how MPC works, consider a research institute that gathers data on the lifestyle of cancer survivors, and a health insurance company that possesses claims data of its customers, including hospitalization days and healthcare usage, among other details. Both entities want to share their private data to develop an algorithm to evaluate the correlation between lifestyle choices and cancer relapse rates. They can leverage MPC to collaborate on analyzing and deriving valuable insights from their separately encrypted datasets without exposing the individual-level data.

However, recent studies have uncovered potential privacy leakage within MPC protocols. While these protocols were designed to ensure that only aggregated statistics are revealed, they are vulnerable to rogue participants seeking to exploit the system. If one of the parties involved in the MPC protocol acts curiously, they can uncover more information than previously anticipated. This newfound privacy leakage results in the curious party knowing a portion of who in their dataset is also in the other party's dataset. To illustrate this point, consider the health data scenario mentioned earlier. This means that the health insurance company could know a portion of users in their system who are also cancer survivors. Such knowledge could be potentially utilized to make unfavorable decisions such as denying coverage or increasing premiums for those individuals.

Since the implications of such privacy leakage could be grave, it is important for practitioners to recognize the limitations of directly applying such MPC protocols in privacy-sensitive scenarios. To address these challenges and ensure robust privacy protection, TikTok launches a new privacy initiative named PrivacyGo, which mitigates privacy leakage risks through PETs fusion.

II. PrivacyGo: TikTok's Initiative in PETs Fusion

Each PET offers its own set of tradeoffs concerning privacy, utility, and efficiency.
PrivacyGo (https://github.com/tiktok-privacy-innnovation/PrivacyGo) strives to carefully design approaches that harness the strengths of each PET while mitigating their individual limitations.

PETs (Privacy-Enhancing Technologies) encompass a wide range of technologies, including DP, MPC, TEE, k-anonymity, zero-knowledge proof, and others that span various disciplines such as information theory, cryptography, secure hardware, etc. Each PET has its own set of tradeoffs concerning privacy, utility, and efficiency, thus forming a trilemma.

The integration of multiple PETs offers the potential to bring together the best of both worlds, but it is a rather complex endeavor. For instance, integrating DP and MPC would require DP to calibrate appropriate random noise within an encrypted MPC context. Simply combining PETs is insufficient to eliminate drawbacks and preserve their respective advantages.

PrivacyGo, TikTok's initiative in PETs fusion, strives to carefully design approaches that harness the strengths of each PET while mitigating their individual limitations. At TikTok, we proactively seek out cutting-edge solutions to address privacy pain points for billions of our users on a global scale. When we build products and features for our platform, we do so by keeping privacy in mind, building in privacy principles throughout the entire product development lifecycle. Through innovative and meticulous integration of PETs, we aim to achieve a synergistic outcome that effectively balances privacy, utility, and efficiency.

III. DPCA-PSI: A Concrete Example of PETs Fusion in PrivacyGo

DPCA-PSI, a concrete example of PETs fusion in PrivacyGo, elevates privacy protection by synergistic integration of MPC and DP and finds practical application in advertising campaign measurements.

What is DPCA-PSI?

We have developed the DPCA-PSI protocol to mitigate privacy leakage in scenarios such as the health data sharing example in Section I. Private Set Intersection (PSI) is one of the important and well-studied MPC protocols, which allows a set of parties, each holding a private input set, to compute their intersection.

DPCA-PSI organically integrates a PSI protocol with a two-party differentially private (DP) mechanism. We have carefully crafted DPCA-PSI to ensure secure and efficient computation of intersection-related statistics from private datasets while maintaining DP guarantees. Our DPCA-PSI offers three significant contributions to the state-of-the-art in this field:

Figure 1. Illustration of our DPCA-PSI protocol.

Less-revealing PSI: In practical scenarios, each party's data records often contain multiple keys that need to be matched, leading to an exponential increase in the number of revealed intersection sizes. Our new PSI protocol reduces the number of revealed intersection sizes from exponential to linear growth, which in turn reduces the inference or linkability that can be made on the membership.
IntersectMask DP: We complemented our less-revealing PSI with a novel distributed DP mechanism where two parties perform analysis of their intersection size while preserving privacy for both datasets. We name this two-party DP mechanism as IntersectMask Mechanism, which requires adding carefully crafted dummy variables to each party's data records, further protecting the linear number of revealed sizes in our less-revealing PSI.
Efficient DP: Our DP only induces small communication and computational overhead to ensure that subsequent intersection-related computations are less noisy. Our tight DP composition maximizes the number of intersect operations within a given DP privacy budget. The ratio between the data size after our protocol and that of the original data is 1.007:1, allowing for more accurate downstream computation on the intersection results.

Case Study: DPCA-PSI ensures privacy for advertising measurement

For measuring the effectiveness of advertising campaigns, ad publishers and advertisers need to share their privileged data privately. One party holds identifiers corresponding to its users who have viewed the advertising campaign, while the other party holds its identifiers and numeric values related to their users who have made purchases and corresponding spending amounts. Due to increasingly stringent privacy requirements, ads publishers and advertisers are facing challenges to measure ad conversions when they can no longer leverage user data collected from outside their platforms. The ad industry has turned to PSIs to perform ad measurement without sharing unencrypted data. However, as mentioned earlier, these protocols suffer from membership leakage, which allows advertisers or publishers to learn users' activity on the other platform. Our DPCA-PSI method effectively mitigates such risks, ensuring user privacy and adhering to relevant privacy requirements.

IV. Stepping Forward

PrivacyGo strives to safeguard the privacy and security of TikTok users and business partners through an intricate and innovative fusion of various PETs within real-world applications.

Aside from the health data scenario and the ad measurement scenario above, our DPCA-PSI solution can be useful in a range of scenarios where privacy is paramount. For example, it can aid in detecting money laundering by comparing transactions across various financial institutions without revealing the identities of the customers involved.

Recognizing the importance of collaboration and transparency, we open source PrivacyGo(https://github.com/tiktok-privacy-innnovation/PrivacyGo), making it readily available to researchers and practitioners. PrivacyGo strives to seamlessly integrate various PETs, such as DP, MPC, homomorphic encryption, and artificial intelligence methods to enhance user privacy protection.

PrivacyGo represents one of the initiatives made by Privacy Innovation at TikTok to research innovative ways of safeguarding the privacy and security of our users and protecting our partner organizations' sensitive information, all while leveraging the benefits of cutting-edge technologies.

PrivacyGo demonstrates the intricate and innovative fusion of various PETs, showcasing that with dedicated engineering effort, it is feasible to develop protocols that are not only well-suited for real-world applications but also effectively address privacy requirements.

Get involved with the project!

Follow us on GitHub and Twitter

Github: https://github.com/tiktok-privacy-innnovation/PrivacyGo
Twitter :https://twitter.com/PrivacyInno_tt

Events and Activities

32nd USENIX Security Symposium

Tech Talk and networking event by TikTok Privacy Innovation

Anaheim Marriott in Anaheim, CA, USA.
Thursday, August 10 , 7:30 pm–8:30 pm

TikTok Privacy Innovation team is hosting a tech talk and networking event at the Usenix security USENIX Security'23 conference. In this 1-hour session, Research Scientist at TikTok, will introduce PrivacyGo and share how this fits into real-world applications while also effectively addressing privacy requirements.

Come and meet the TikTok Privacy Innovation team and network with the community. Light catering will be provided.