The Complexity of Computing the Optimal Composition of Differential Privacy


Abstract in English

In the study of differential privacy, composition theorems (starting with the original paper of Dwork, McSherry, Nissim, and Smith (TCC06)) bound the degradation of privacy when composing several differentially private algorithms. Kairouz, Oh, and Viswanath (ICML15) showed how to compute the optimal bound for composing $k$ arbitrary $(epsilon,delta)$-differentially private algorithms. We characterize the optimal composition for the more general case of $k$ arbitrary $(epsilon_{1},delta_{1}),ldots,(epsilon_{k},delta_{k})$-differentially private algorithms where the privacy parameters may differ for each algorithm in the composition. We show that computing the optimal composition in general is $#$P-complete. Since computing optimal composition exactly is infeasible (unless FP=$#$P), we give an approximation algorithm that computes the composition to arbitrary accuracy in polynomial time. The algorithm is a modification of Dyers dynamic programming approach to approximately counting solutions to knapsack problems (STOC03).

Download