2010 IEEE 51st Annual Symposium on Foundations of Computer Science (2010)
Las Vegas, Nevada USA
Oct. 23, 2010 to Oct. 26, 2010
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/FOCS.2010.14
We study differential privacy in a distributed setting where two parties would like to perform analysis of their joint data while preserving privacy for both datasets. Our results imply almost tight lower bounds on the accuracy of such data analyses, both for specific natural functions (such as Hamming distance) and in general. Our bounds expose a sharp contrast between the two-party setting and the simpler client-server setting (where privacy guarantees are one-sided). In addition, those bounds demonstrate a dramatic gap between the accuracy that can be obtained by differentially private data analysis versus the accuracy obtainable when privacy is relaxed to a computational variant of differential privacy. The first proof technique we develop demonstrates a connection between differential privacy and deterministic extraction from Santha-Vazirani sources. A second connection we expose indicates that the ability to approximate a function by a low-error differentially private protocol is strongly related to the ability to approximate it by a low communication protocol. (The connection goes in both directions.)
differential privacy, communication complexity, randomness extractors
A. McGregor, K. Talwar, I. Mironov, S. Vadhan, T. Pitassi and O. Reingold, "The Limits of Two-Party Differential Privacy," 2010 IEEE 51st Annual Symposium on Foundations of Computer Science(FOCS), Las Vegas, Nevada USA, 2010, pp. 81-90.