Summary of How Private Are Dp-sgd Implementations?, by Lynn Chua et al.
How Private are DP-SGD Implementations?
by Lynn Chua, Badih Ghazi, Pritish Kamath, Ravi Kumar, Pasin Manurangsi, Amer Sinha, Chiyuan Zhang
First submitted to arxiv on: 26 Mar 2024
Categories
- Main: Machine Learning (cs.LG)
- Secondary: Cryptography and Security (cs.CR); Data Structures and Algorithms (cs.DS)
GrooveSquid.com Paper Summaries
GrooveSquid.com’s goal is to make artificial intelligence research accessible by summarizing AI papers in simpler terms. Each summary below covers the same AI paper, written at different levels of difficulty. The medium difficulty and low difficulty versions are original summaries written by GrooveSquid.com, while the high difficulty version is the paper’s original abstract. Feel free to learn from the version that suits you best!
| Summary difficulty | Written by | Summary |
|---|---|---|
| High | Paper authors | High Difficulty Summary Read the original abstract here |
| Medium | GrooveSquid.com (original content) | Medium Difficulty Summary The paper investigates the privacy guarantees of Adaptive Batch Linear Queries (ABLQ) under different types of batch sampling. It highlights that while shuffling-based Differentially Private Stochastic Gradient Descent (DP-SGD) is commonly used, it lacks a clear privacy analysis. In contrast, Poisson subsampling-based DP-SGD has a well-understood privacy analysis but is challenging to implement. The result shows that there can be a significant gap between the privacy guarantees of shuffling- and Poisson subsampling-based DP-SGD, advising caution in reporting privacy parameters. |
| Low | GrooveSquid.com (original content) | Low Difficulty Summary The paper looks at how private it is when using different methods to group data together. It finds that one way, called shuffling, is used more often but doesn’t have a clear proof of being private. Another way, called Poisson subsampling, has a proof but is hard to use in practice. This means we can’t always trust the privacy measures of these two methods. |
Keywords
» Artificial intelligence » Stochastic gradient descent
