Optimal Mechanism for Randomized Responses under Universally Composable Security Measure

We consider a problem of analyzing a global property of private data through randomized responses subject to a certain rule, where private data are used for another cryptographic protocol, e.g., authentication. For this problem, the security of private data was evaluated by a universally composable security measure, which can be regarded as (0, δ)-differential privacy. Here we focus on the trade-off between the global accuracy and a universally composable security measure, and derive an optimal solution to the trade-off problem. More precisely, we adopt the Fisher information of a certain distribution family as the estimation accuracy of a global property and impose (0, δ)-differential privacy on a randomization mechanism protecting private data. Finally, we maximize the Fisher information under the (0, δ)-differential privacy constraint and obtain an optimal mechanism explicitly.

[1]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[2]  Aaron B. Wagner,et al.  Measuring secrecy by the probability of a successful guess , 2015, 2015 53rd Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[3]  Pramod Viswanath,et al.  The Optimal Noise-Adding Mechanism in Differential Privacy , 2012, IEEE Transactions on Information Theory.

[4]  Charu C. Aggarwal,et al.  On the design and quantification of privacy preserving data mining algorithms , 2001, PODS.

[5]  Richard E. Blahut,et al.  Hypothesis testing and information theory , 1974, IEEE Trans. Inf. Theory.

[6]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[7]  Le Cam,et al.  Locally asymptotically normal families of distributions : certain approximations to families of distributions & thier use in the theory of estimation & testing hypotheses , 1960 .

[8]  Te Sun Han,et al.  The strong converse theorem for hypothesis testing , 1989, IEEE Trans. Inf. Theory.

[9]  Renato Renner,et al.  Simple and Tight Bounds for Information Reconciliation and Privacy Amplification , 2005, ASIACRYPT.

[10]  Paul W. Cuff,et al.  Differential Privacy as a Mutual Information Constraint , 2016, CCS.

[11]  Pramod Viswanath,et al.  Optimal Noise Adding Mechanisms for Approximate Differential Privacy , 2016, IEEE Transactions on Information Theory.

[12]  S L Warner,et al.  Randomized response: a survey technique for eliminating evasive answer bias. , 1965, Journal of the American Statistical Association.

[13]  Pramod Viswanath,et al.  Extremal Mechanisms for Local Differential Privacy , 2014, J. Mach. Learn. Res..

[14]  Thomas M. Cover,et al.  Elements of Information Theory , 2005 .

[15]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[16]  A. V. D. Vaart Asymptotic Statistics: Delta Method , 1998 .

[17]  Ueli Maurer,et al.  Information-Theoretic Key Agreement: From Weak to Strong Secrecy for Free , 2000, EUROCRYPT.

[18]  Masahito Hayashi,et al.  Tight Exponential Analysis of Universally Composable Privacy Amplification and Its Applications , 2010, IEEE Transactions on Information Theory.

[19]  Douglas J. Leith,et al.  Optimal Differentially Private Mechanisms for Randomised Response , 2016, IEEE Transactions on Information Forensics and Security.

[20]  Pramod Viswanath,et al.  The Staircase Mechanism in Differential Privacy , 2015, IEEE Journal of Selected Topics in Signal Processing.

[21]  E. Lehmann Testing Statistical Hypotheses. , 1997 .

[22]  L. L. Cam,et al.  Asymptotic Methods In Statistical Decision Theory , 1986 .

[23]  Stephen P. Boyd,et al.  Convex Optimization , 2004, Algorithms and Theory of Computation Handbook.

[24]  W. R. Simmons,et al.  The Unrelated Question Randomized Response Model: Theoretical Framework , 1969 .

[25]  H. Chernoff A Measure of Asymptotic Efficiency for Tests of a Hypothesis Based on the sum of Observations , 1952 .

[26]  Anindya De,et al.  Lower Bounds in Differential Privacy , 2011, TCC.

[27]  Hugo Krawczyk,et al.  LFSR-based Hashing and Authentication , 1994, CRYPTO.