Cryptology ePrint Archive: Report 2016/820

Separating Computational and Statistical Differential Privacy in the Client-Server Model

Mark Bun and Yi-Hsiu Chen and Salil Vadhan

Abstract: Differential privacy is a mathematical definition of privacy for statistical data analysis. It guarantees that any (possibly adversarial) data analyst is unable to learn too much information that is specific to an individual. Mironov et al.~(CRYPTO 2009) proposed several computational relaxations of differential privacy (CDP), which relax this guarantee to hold only against computationally bounded adversaries. Their work and subsequent work showed that CDP can yield substantial accuracy improvements in various multiparty privacy problems. However, these works left open whether such improvements are possible in the traditional client-server model of data analysis. In fact, Groce, Katz and Yerukhimovich~(TCC 2011) showed that, in this setting, it is impossible to take advantage of CDP for many natural statistical tasks.

Our main result shows that, assuming the existence of sub-exponentially secure one-way functions and 2-message witness indistinguishable proofs (zaps) for NP, that there is in fact a computational task in the client-server model that can be efficiently performed with CDP, but is infeasible to perform with information-theoretic differential privacy.

Category / Keywords: differential privacy, computational differential privacy, witness indistinguishability

Original Publication (in the same form): IACR-TCC-2016

Date: received 23 Aug 2016, last revised 26 Aug 2016

Contact author: yihsiuchen at g harvard edu

Available format(s): PDF | BibTeX Citation

Note: Fixed some typos.

Version: 20160828:200232 (All versions of this report)

Short URL: ia.cr/2016/820