Limits of computational differential privacy in the client/server setting
TCC'11 Proceedings of the 8th conference on Theory of cryptography
Pan-private algorithms via statistics on sketches
Proceedings of the thirtieth ACM SIGMOD-SIGACT-SIGART symposium on Principles of database systems
Interactive information complexity
STOC '12 Proceedings of the forty-fourth annual ACM symposium on Theory of computing
Lower bounds in differential privacy
TCC'12 Proceedings of the 9th international conference on Theory of Cryptography
Differentially-private learning and information theory
Proceedings of the 2012 Joint EDBT/ICDT Workshops
Distributed private heavy hitters
ICALP'12 Proceedings of the 39th international colloquium conference on Automata, Languages, and Programming - Volume Part I
Optimal lower bound for differentially private multi-party aggregation
ESA'12 Proceedings of the 20th Annual European conference on Algorithms
Limits on the usefulness of random oracles
TCC'13 Proceedings of the 10th theory of cryptography conference on Theory of Cryptography
A privacy framework: indistinguishable privacy
Proceedings of the Joint EDBT/ICDT 2013 Workshops
Information-Theoretic foundations of differential privacy
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
How robust are linear sketches to adaptive inputs?
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Differential privacy for the analyst via private equilibrium computation
Proceedings of the forty-fifth annual ACM symposium on Theory of computing
Differential privacy for functions and functional data
The Journal of Machine Learning Research
Hi-index | 0.00 |
We study differential privacy in a distributed setting where two parties would like to perform analysis of their joint data while preserving privacy for both datasets. Our results imply almost tight lower bounds on the accuracy of such data analyses, both for specific natural functions (such as Hamming distance) and in general. Our bounds expose a sharp contrast between the two-party setting and the simpler client-server setting (where privacy guarantees are one-sided). In addition, those bounds demonstrate a dramatic gap between the accuracy that can be obtained by differentially private data analysis versus the accuracy obtainable when privacy is relaxed to a computational variant of differential privacy. The first proof technique we develop demonstrates a connection between differential privacy and deterministic extraction from Santha-Vazirani sources. A second connection we expose indicates that the ability to approximate a function by a low-error differentially private protocol is strongly related to the ability to approximate it by a low communication protocol. (The connection goes in both directions.)