David M. Sommer

David M. Sommer, Lukas Abfalterer, Sheila Zingg et al.

Differentially private (DP) mechanisms face the challenge of providing accurate results while protecting their inputs: the privacy-utility trade-off. A simple but powerful technique for DP adds noise to sensitivity-bounded query outputs to blur the exact query output: additive mechanisms. While a vast body of work considers infinitely wide noise distributions, some applications (e.g., real-time operating systems) require hard bounds on the deviations from the real query, and only limited work on such mechanisms exist. An additive mechanism with truncated noise (i.e., with bounded range) can offer such hard bounds. We introduce a gradient-descent-based tool to learn truncated noise for additive mechanisms with strong utility bounds while simultaneously optimizing for differential privacy under sequential composition, i.e., scenarios where multiple noisy queries on the same data are revealed. Our method can learn discrete noise patterns and not only hyper-parameters of a predefined probability distribution. For sensitivity bounded mechanisms, we show that it is sufficient to consider symmetric and that\new{, for from the mean monotonically falling noise,} ensuring privacy for a pair of representative query outputs guarantees privacy for all pairs of inputs (that differ in one element). We find that the utility-privacy trade-off curves of our generated noise are remarkably close to truncated Gaussians and even replicate their shape for $l_2$ utility-loss. For a low number of compositions, we also improved DP-SGD (sub-sampling). Moreover, we extend Moments Accountant to truncated distributions, allowing to incorporate mechanism output events with varying input-dependent zero occurrence probability.

David M. Sommer, Moritz Schneider, Jannik Gut et al.

Paper ballot voting with its fully-reviewable paper-trail is usually considered as more secure than their e-voting counterparts, given the large number of recent incidents. In this work, we explore the security of paper voting and show that paper voting, as it is implemented today, is surprisingly vulnerable to cyber-attacks. In particular, the aggregation methods of preliminary voting results of various countries rely on insecure communication channels like telephone, fax or non-secure e-mail. Furthermore, regulations typically do not mandate the use of secure channels for the transmission of preliminary results. We illustrate that preliminary results, despite their temporary nature, may have a severe impact on real-world decisions during the 3 to 30 days window until the final results are declared. An attacker exploiting this discrepancy can, e.g., benefit from stock market manipulation or call into question the legitimacy of the elections. This work investigates the cyber-risks in paper voting in a systematic manner by reviewing procedures in several countries (Estonia, France, Germany, the United Kingdom, and the United States of America) and through a comprehensive case-study of Switzerland. We examine the transmission systems currently in use through inquires from election officials. Moreover, we illustrate the feasibility of attacks by analyzing the frequent historical discrepancies between preliminary and final results. Considering our results and recent reports about easily modifiable preliminary results in Germany and the Netherlands, we conjecture similar weaknesses in other countries as well.