Lesson 4, Concept: Input Privacy

[adtygan]

In the lesson, it was concluded that if input privacy is ensured, then the copy problem and bundling problem can be solved. So in the case that I am running a tool that ensures input privacy, how can I know for sure that the tool I am using is not going to make copies of my data? I would have to ask the tool-makers to reveal the details of the code - which would breach the privacy of the tool.

[hwrdtm]

I would say this boils down to whether the tool itself is intentionally designed as malware or is hijacked by malware, in which case the best defence / preventive mechanisms are that of general cybersecurity best practises. You can also run diagnostics against your computer / this piece of software to understand if it is malicious in any way shape or form.

[adtygan]

Yes, and later in the course, they talk of the problem of trust. So I think the way to would to have something like Amazon reviews for a particular solution, but with anonymous identity for each reviewer. We can also design solutions where the identity can be linked to a group of trusted cybersecurity experts. This way, the details of the particular individual will not be visible, but the identity will ensure that this individual comes from a trusted cybersecurity group.

[hershd23]

That is an interesting question.

As with Input Privacy, we cannot find the private key even if we have access to the public key and the algorithm itself, that makes Open Source a good avenue for developing these types of technologies.

Now if someone wants to develop a proprietary privacy preserving tool, they would definitely have to look for ways to overcome these 'trust' issues that these Open Source tools would already have a huge advantage on.

The answer given by @hwrdtm makes perfect sense when comes to verifying if such a tool does not make or send copies of your data.

[adtygan]

But wouldn't revealing the inner workings of a code make it vulnerable to manipulation? I think the way the course handled the issue of trust is the best way we have right now.
At the time of posting this Q, I had not watched the entire course, so I did not know that they were going to talk about the issue of trust.
But yeah, I think Open Source might still be a more feasible alternative.

[manik-500]

You have stated in your question “In the lesson, it was concluded that if input privacy is ensured, then the copy problem and bundling problem can be solved”
As far as I know input privacy solves copy problems , You have to deal with output privacy to solve bundling problems .
Please let me know if I am wrong .

For your main question I think privacy tools should be open source for transparency .
If they have specific reasons for making their privacy tools proprietary then I agree with @hwrdtm to test the privacy tools with cybersecurity best practises to verify it as malicious or not .

[leriomaggio]

@manik-500 the Input Privacy is indeed a solution to the Data Lumpiness (aka the "Bundling Problem") as well.

Please, consider the case of the voters, or a multi-party computation, or the "richest rich problem" presented in the course.

The "Input Privacy" is the guarantee that multiple individuals can participate to a task/computation in such a way that neither party knows (or learn) anything about others input to the computation nor any intermediate results (output) produced except for those related to them.

I guess the "Millionaire Problem" is quite self-explanatory about this:

We want to determine who is the richest millionaire in the group, without having them to disclose their wealth.

This is a solution to the bundling problem as we won't share any undesired/unrequired information in the flow to be part of the millionaire game.

The solution to the "copy" problem is pretty obvious, on the other hand: you cannot copy something you cannot see

Hope this helps 😊

[adtygan]

Thanks for the explanation @leriomaggio . It's been a few weeks since I finished the course, and this was a good refresher.
Yes, @manik-500, I think OSS is the more feasible option in this regard.