Search papers, labs, and topics across Lattice.
This paper investigates privacy vulnerabilities in stable marriage algorithms, particularly focusing on the Gale-Shapley Matching Algorithm when the proposers are malicious. The authors demonstrate that repeated interactions with the algorithm can lead to the revelation of private preferences of the non-malicious side, such as residents in a matching program. Their findings indicate that while certain preference distributions can maintain privacy when the honest side proposes, the overall susceptibility of real-world data to privacy attacks necessitates the development of new privacy-preserving algorithms.
Repeated interactions with stable marriage algorithms can expose the private preferences of non-malicious participants, revealing significant vulnerabilities in widely used matching systems.
The stable marriage problem appears in many privacy-sensitive domains, for example in the National Resident Matching Program in the US. In such applications, preserving the privacy of users' preference lists is essential to prevent strategic manipulation, discourage misreporting, and comply with data protection regulations. In this work, we investigate privacy attacks on stable marriage algorithms. Assuming that the attacker (e.g., the hospitals) can repeatedly interact with the stable marriage algorithm, we demonstrate how such interactions can reveal private preferences of the non-malicious side (e.g., the residents). We show that the widely applied Gale-Shapley Matching Algorithm, where the proposers' side is malicious, is vulnerable to privacy attacks and all honest agents' preferences can be revealed. We further investigate which preference distributions of the honest, non-malicious side are susceptible to privacy attacks and show that the Gale-Shapley Matching Algorithm where the honest side proposes can preserve privacy in non-susceptible preference distributions. We extend our results to the decentralized setting and show that the attacker's side can infer all preference orderings. In an experimental evaluation, we test privacy attacks on synthetic and real-world data and show that real-world data is indeed susceptible to privacy attacks. This work underlines a need for new privacy-preserving stable marriage algorithms.