Skip to main navigation Skip to search Skip to main content

Doppio: Communication-Efficient and Secure Multi-Party Shuffle Differential Privacy

Research output: Journal Publications and ReviewsRGC 21 - Publication in refereed journalpeer-review

5 Downloads (CityUHK Scholars)

Abstract

Modern database ecosystems increasingly process large-scale distributed user data, heightening the intrinsic tension between analytical utility and individual privacy. Shuffle differential privacy (shuffle DP) has recently emerged as a promising paradigm between the local and central models, offering favorable privacy-utility tradeoffs by introducing a centralized, trusted shuffler. However, this architectural shift also poses new challenges in trust assumptions, system overhead, security risks, and workload limitations. To address them, we propose the augmented multi-party shuffle DP (AMP-SDP) model, which re-architects the data pipeline with a lightweight, versatile secret-shared intermediary layer. AMP-SDP (1) decentralizes trust while minimizing online communication costs; (2) provides structural security hardening against both shuffler compromise and user-side poisoning risks; and (3) augments shuffle DP for broader, more flexible workloads. Atop this model, we instantiate Doppio, a privacy-preserving crowdsourcing and data analytics framework. Our results show Doppio outperforms the state-of-the-art decentralized shuffle DP mechanism (Network Shuffling, SIGMOD’22) across many key metrics, affirming its effectiveness and efficiency in modern privacy-aware data management. © is held by the owner/author(s).
Original languageEnglish
Pages (from-to)113-126
Number of pages14
JournalProceedings of the VLDB Endowment
Volume19
Issue number2
Online published1 Oct 2025
DOIs
Publication statusPublished - Oct 2025
Event52nd International Conference on Very Large Data Bases, VLDB 2026 - Boston, United States
Duration: 31 Aug 20264 Sept 2026

Bibliographical note

Full text of this publication does not contain sufficient affiliation information. With consent from the author(s) concerned, the Research Unit(s) information for this record is based on the existing academic department affiliation of the author(s).

Funding

The authors sincerely thank all reviewers for their insightful feedback. This research was supported in part by Hong Kong Research Grants Council (RGC) under Grants 11217620, 11218521, 11218322, 11219025, R6021-20F, R1012-21, RFS2122-1S04, C2004-21G, C1029- 22G, C6015-23G, and N_CityU139/21; Hong Kong Innovation and Technology Commission (ITC) under Project MHP/135/23; Japan Society for the Promotion of Science (JSPS) under Grant KAKENHI JP23K24851; and Japan Science and Technology Agency (JST) under Grants PRESTO JPMJPR23P5, CREST JPMJCR21M2, and NEXUS JPMJNX25C4. This work was also substantially supported by the InnoHK initiative, the Government of the HKSAR, and the Laboratory for AI-Powered Financial Technologies (AIFT).

Publisher's Copyright Statement

  • This full text is made available under CC-BY-NC-ND 4.0. https://creativecommons.org/licenses/by-nc-nd/4.0/

RGC Funding Information

  • RGC-funded

Access Output

Other Access Options

Check CityUHK Library

Permanent Link

Other Files and Links

    Fingerprint

    Dive into the research topics of 'Doppio: Communication-Efficient and Secure Multi-Party Shuffle Differential Privacy'. Together they form a unique fingerprint.
    View full fingerprint
    View all 16 projects

    Cite this