Volume 14 (2018) Article 8 pp. 1-35
The Complexity of Computing the Optimal Composition of Differential Privacy
by
Revised: July 29, 2017
Published: June 2, 2018
[PDF (1266K)] [PS (6771K)] [Source ZIP]
Keywords: complexity theory, approximation algorithms, differential privacy, composition
ACM Classification: F.2
AMS Classification: 68Q17, 68W25, 68Q25

Abstract: [Plain Text Version]

In the study of differential privacy, composition theorems (starting with the original paper of Dwork, McSherry, Nissim, and Smith (TCC'06)) bound the degradation of privacy when composing several differentially private algorithms. Kairouz, Oh, and Viswanath (ICML'15) showed how to compute the optimal bound for composing $k$ arbitrary $(\epsilon,\delta)$-differentially private algorithms. We characterize the optimal composition for the more general case of $k$ arbitrary $(\epsilon_{1},\delta_{1}),\ldots,(\epsilon_{k},\delta_{k})$-differentially private algorithms where the privacy parameters may differ for each algorithm in the composition. We show that computing the optimal composition in general is $\#$P-complete. Since computing optimal composition exactly is infeasible (unless FP=$\#$P), we give an approximation algorithm that computes the composition to arbitrary accuracy in polynomial time. The algorithm is a modification of Dyer's dynamic programming approach to approximately counting solutions to knapsack problems (STOC'03).

A conference version of this paper appeared in the Proceedings of the 13th IACR Theory of Cryptography Conference (TCC 2016).