Cryptology ePrint Archive: Report 2016/820
Separating Computational and Statistical Differential Privacy in the Client-Server Model
Mark Bun and Yi-Hsiu Chen and Salil Vadhan
Abstract: Differential privacy is a mathematical definition of privacy for statistical data analysis. It guarantees that any (possibly adversarial) data analyst is unable to learn too much information that is specific to an individual. Mironov et al.~(CRYPTO 2009) proposed several computational relaxations of differential privacy (CDP), which relax this guarantee to hold only against computationally bounded adversaries. Their work and subsequent work showed that CDP can yield substantial accuracy improvements in various multiparty privacy problems. However, these works left open whether such improvements are possible in the traditional client-server model of data analysis. In fact, Groce, Katz and Yerukhimovich~(TCC 2011) showed that, in this setting, it is impossible to take advantage of CDP for many natural statistical tasks.
Our main result shows that, assuming the existence of sub-exponentially secure one-way functions and 2-message witness indistinguishable proofs (zaps) for NP, that there is in fact a computational task in the client-server model that can be efficiently performed with CDP, but is infeasible to perform with information-theoretic differential privacy.
Category / Keywords: differential privacy, computational differential privacy, witness indistinguishability
Original Publication (in the same form): IACR-TCC-2016
Date: received 23 Aug 2016, last revised 26 Aug 2016
Contact author: yihsiuchen at g harvard edu
Available format(s): PDF | BibTeX Citation
Note: Fixed some typos.
Version: 20160828:200232 (All versions of this report)
Short URL: ia.cr/2016/820
[ Cryptology ePrint archive ]