Distribution Privacy Under Function Recoverability
share
A user generates n independent and identically distributed data random variables with a probability mass function that must be guarded from a querier. The querier must recover, with a prescribed accuracy, a given function of the data from each of n independent and identically distributed user-devised query responses. The user chooses the data probability mass function and the random query responses to maximize distribution privacy as gauged by the (Kullback-Leibler) divergence between the former and the querier's best estimate of it based on the n query responses. Considering an arbitrary function, a basic achievable lower bound for distribution privacy is provided that does not depend on n and corresponds to worst-case privacy. Worst-case privacy equals the logsum cardinalities of inverse atoms under the given function, with the number of summands decreasing as the querier recovers the function with improving accuracy. Next, upper (converse) and lower (achievable) bounds, dependent on n, are developed that improve upon worst-case privacy and converge to it as n grows. The converse and achievability proofs identify explicit strategies for the user and the querier.
READ FULL TEXT