Skip to main content
TikTok for Developers
Evaluating anonymity limitations with AnonPSI
by Jian Du and Bo Jiang, Research Scientists, TikTok Privacy Innovation

Last year, we announced PrivacyGo, one of the initiatives undertaken by Privacy Innovation at TikTok to research innovative ways of safeguarding the privacy and security of our users and protecting sensitive information for our partner organizations. PrivacyGo is the synergetic fusion of Privacy Enhancing Technologies (PETs), namely Private Set Intersection (PSI) and Differential Privacy (DP).

Introducing AnonPSI

Within the PrivacyGo ecosystem, we recently introduced AnonPSI, an anonymity assessment framework for Private Set Intersection (PSI). AnonPSI shows that solely using PSI is not secure, therefore, motivating the PET fusion introduced by PrivacyGo.

PSI is a widely used protocol that enables two parties to securely compute a function over the intersected part of their shared datasets and has been a significant research focus over the years. However, recent studies have highlighted its vulnerability to Set Membership Inference Attacks (SMIA), where an adversary might deduce an individual's membership by invoking multiple PSI protocols. This presents a considerable risk, even in the most stringent versions of PSI, which only return the cardinality of the intersection.

We recently published a research paper that explores the evaluation of anonymity within the PSI context.

Initially, we highlight the reasons why existing works fall short in measuring privacy leakage, and subsequently propose two attack strategies that address these deficiencies. Furthermore, we provide theoretical guarantees on the performance of our proposed methods. In addition to these, we illustrate how the integration of auxiliary information, such as the sum of payloads associated with members of the intersection (PSI-SUM), can enhance attack efficiency. We conducted a comprehensive performance evaluation of various attack strategies proposed utilizing two real datasets.

Our findings indicate that the methods we propose markedly enhance attack efficiency when contrasted with previous research endeavors. The effective attacking implies that depending solely on existing PSI protocols may not provide an adequate level of privacy assurance. It is recommended to combine privacy-enhancing technologies synergistically to enhance privacy protection even further.

Learn more about AnonPSI

For more information, check out the AnonPSI research paper and follow us on GitHub.

Share this article
Discover more
TikTok for Developers