Differential privacy in Prio can result in negative conversion counts, which then wrap around to large numbers as all operations are performed modulo a large prime number.
This change hard-codes the prime number used for the Prio3SumVec data type (currently the only data type we use for DAP reports) to detect and correct this behavior, such that we can generate human-friendly reports for advertisers.
Namely, given the modulus P is a 128-bit prime, any value N in the histogram that is greater than 2^127 is replaced with (N-P).
[ ] Commits should reference a bug or github issue, if relevant (if a bug is
referenced, the pull request should include the bug number in the title)
[ ] Scan the PR and verify that no changes (particularly to
.circleci/config.yml) will cause environment variables (particularly
credentials) to be exposed in test logs
[ ] Ensure the container image will be using permissions granted to
telemetry-airflow
responsibly.
Differential privacy in Prio can result in negative conversion counts, which then wrap around to large numbers as all operations are performed modulo a large prime number.
This change hard-codes the prime number used for the Prio3SumVec data type (currently the only data type we use for DAP reports) to detect and correct this behavior, such that we can generate human-friendly reports for advertisers.
Namely, given the modulus P is a 128-bit prime, any value N in the histogram that is greater than 2^127 is replaced with (N-P).
JIRA: AE-553
Checklist for reviewer:
.circleci/config.yml
) will cause environment variables (particularly credentials) to be exposed in test logs