Abstract
Differentially private query answering is an important problem in machine learning and data analysis. As an example, the users may want to know the empirical errors of some classifiers on a training data set which contains sensitive information. In this case, the answers returned by the database holder must preserve privacy. Previous results show that answering large number of queries with differential privacy is computationally expensive. However, almost all the hardness results are conditional, which means that they rely on unproved conjectures. One exception is the hardness for stateless mechanisms, in which the sanitizer is assumed to have very limited memory and can only answer the queries separately. In this work, we explore the hardness for differentially private query answering mechanisms beyond the stateless restriction. Specifically, we investigate the measurement complexity of a natural class of stateful sanitizer. Here, measurement refers to the evaluation of a query (a Boolean function) on a data point. Measurement complexity is a lower bound for the running time. We prove unconditional subexponential lower bound for the measurement complexity of the class of sanitizer with ɛ-differential privacy. Possible generalization of the results is also discussed.
抽象
创新点
差分隐私的计算复杂度. 通过定义并研究所谓测量复杂度, 对于一大类算法 (包括目前已知的差分隐私算法) 给出了不基于其它未证明猜想的复杂度下界. 指出了对于任意算法差分隐私的测量复杂度下界与 P vs NP 问题的关系.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Dwork C, McSherry F, Nissim K, et al. Calibrating noise to sensitivity in private data analysis. In: Proceedings of the 3rd Conference on Theory of Cryptography. Berlin/Heidelberg: Springer, 2006. 265–284
Chaudhuri K, Monteleoni C. Privacy-preserving logistic regression. In: Proceedings of 22nd Annual Conference on Neural Information Processing Systems, Vancouver, 2008. 289–296
Kasiviswanathan S P, Lee H K, Nissim K, et al. What can we learn privately? SIAM J Comput, 2011, 40: 793–826
Chaudhuri K, Hsu D. Sample complexity bounds for differentially private learning. In: Proceedings of the 24th Annual Conference on Learning Theory, Budapest, 2011. 155–186
McAllester D A. PAC-Bayesian stochastic model selection. Mach Learn, 2003, 51: 5–21
Blum A, Ligett K, Roth A. A learning theory approach to noninteractive database privacy. J ACM, 2013, 60: 12
McSherry F, Talwar K. Mechanism design via differential privacy. In: Proceedings of the 48th IEEE Annual Symposium on Foundations of Computer Science (FOCS). Washington DC: IEEE, 2007. 94–103
Dwork C, Rothblum G N, Vadhan S. Boosting and differential privacy. In: Proceedings of the 51st IEEE Annual Symposium on Foundations of Computer Science (FOCS). Washington DC: IEEE, 2010. 51–60
Dwork C, Naor M, Reingold O, et al. On the complexity of differentially private data release: efficient algorithms and hardness results. In: Proceedings of the 41st Annual ACM Symposium on Theory of Computing. New York: ACM, 2009. 381–390
Schapire R E, Singer Y. Improved boosting algorithms using confidence-rated predictions. Mach learn, 1999, 37: 297–336
Roth A, Roughgarden T. Interactive privacy via the median mechanism. In: Proceedings of the 42nd ACM Symposium on Theory of Computing. New York: ACM, 2010. 765–774
Hardt M, Rothblum G N. A multiplicative weights mechanism for privacy-preserving data analysis. In: Proceedings of the 51st IEEE Annual Symposium on Foundations of Computer Science (FOCS). Washington DC: IEEE, 2010. 61–70
Hardt M, Ligett K. A simple and practical algorithm for differentially private data release. In: Proceedings of the 26th Annual Conference on Neural Information Processing Systems, Stateline, 2012. 2339–2347
Ullman J, Vadhan S. PCPs and the hardness of generating private synthetic data. Lect Notes Comput Sci, 2011, 6597: 400–416
Chor B, Fiat A, Naor M. Tracing traitors. IEEE Trans Inf Theory, 2000, 46: 893–910
Ullman J. Answering n 2+o(1) counting queries with differential privacy is hard. In: Proceedings of the 55th Annual ACM Symposium on Theory of Computing. Washingtong DC: ACM, 2013. 361–370
Dwork C, Naor M, Vadhan S. The privacy of the analyst and the power of the state. In: Proceedings of the 53rd IEEE Annual Symposium on Foundations of Computer Science (FOCS). New York: IEEE, 2012. 400–409
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Wang, L., Zhang, J. On the measurement complexity of differentially private query answering. Sci. China Inf. Sci. 58, 1–11 (2015). https://doi.org/10.1007/s11432-015-5306-x
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11432-015-5306-x