# Answering n{2+o(1)} counting queries with differential privacy is hard

@article{Ullman2013AnsweringNC,
title={Answering n\{2+o(1)\} counting queries with differential privacy is hard},
author={Jonathan Ullman},
journal={ArXiv},
year={2013},
volume={abs/1207.6945}
}
A central problem in differentially private data analysis is how to design efficient algorithms capable of answering large numbers of counting queries on a sensitive database. Counting queries are of the form "What fraction of individual records in the database satisfy the property q?" We prove that if one-way functions exist, then there is no algorithm that takes as input a database db ∈ dbset, and k = ~Θ(n2) arbitrary efficiently computable counting queries, runs in time poly(d, n), and…
67 Citations
Answering n{2+o(1)} counting queries with differential privacy is hard
It is proved that if one-way functions exist, then there is no algorithm that takes as input a database db ∈ dbset, and k = ~Ω(n2) arbitrary efficiently computable counting queries, runs in time poly(d, n), and returns an approximate answer to each query, while satisfying differential privacy.
Fingerprinting codes and the price of approximate differential privacy
• Computer Science
STOC
• 2014
The results rely on the existence of short fingerprinting codes (Boneh and Shaw, CRYPTO'95; Tardos, STOC'03), which are closely connected to the sample complexity of differentially private data release.
Faster private release of marginals on small databases
• Computer Science, Mathematics
ITCS
• 2014
To the best of the knowledge, this is the first algorithm capable of privately answering marginal queries with a non-trivial worst-case accuracy guarantee for databases containing poly(d, k) records in time exp(o(d)).
On the measurement complexity of differentially private query answering
• Computer Science
Science China Information Sciences
• 2015
This work explores the hardness for differentially private query answering mechanisms beyond the stateless restriction and proves unconditional subexponential lower bound for the measurement complexity of the class of sanitizer with ɛ-differential privacy.
Strong Hardness of Privacy from Weak Traitor Tracing
• Computer Science, Mathematics
TCC
• 2016
The hardness result for a polynomial size query set resp.
Efficient Algorithm for Privately Releasing Smooth Queries
• Computer Science
NIPS
• 2013
An e-differentially private mechanism which for the class of K-smooth queries has accuracy O (N-K-2d+K/epsilon) and is based on L∞-approximation of (transformed) smooth functions by low degree even trigonometric polynomials with small and efficiently computable coefficients.
Differentially Private Data Releasing for Smooth Queries
• Computer Science, Mathematics
J. Mach. Learn. Res.
• 2016
This work develops two e-differentially private mechanisms which are able to answer all smooth queries for continuous data with continuous function based on L∞-approximation of (transformed) smooth functions by low-degree even trigonometric polynomials with uniformly bounded coefficients.
Interactive fingerprinting codes and the hardness of preventing false discovery
• Computer Science
2016 Information Theory and Applications Workshop (ITA)
• 2016
It is shown that, under a standard hardness assumption, there is no computationally efficient algorithm that, given n samples from an unknown distribution, can give valid answers to O(n2) adaptively chosen statistical queries.
Preventing False Discovery in Interactive Data Analysis Is Hard
• Computer Science
2014 IEEE 55th Annual Symposium on Foundations of Computer Science
• 2014
We show that, under a standard hardness assumption, there is no computationally efficient algorithm that given n samples from an unknown distribution can give valid answers to n3+o(1) adaptively
Efficient Private Query Release via Polynomial Approximation
It is shown that there exists a computationally efficient $\varepsilon$-differentially private mechanism that releases a query class parametrized by additively separable Holder continuous functions, and that the accuracy can be significantly boosted.

## References

SHOWING 1-10 OF 29 REFERENCES
Answering n{2+o(1)} counting queries with differential privacy is hard
It is proved that if one-way functions exist, then there is no algorithm that takes as input a database db ∈ dbset, and k = ~Ω(n2) arbitrary efficiently computable counting queries, runs in time poly(d, n), and returns an approximate answer to each query, while satisfying differential privacy.
Privately releasing conjunctions and the statistical query barrier
• Computer Science
STOC '11
• 2011
The number of statistical queries necessary and sufficient for this task is equal to the agnostic learning complexity of C in Kearns' statistical query (SQ)model, which isolates the complexity of agnosticLearning in the SQ-model as a new barrier in the design of differentially private algorithms.
A learning theory approach to noninteractive database privacy
• Computer Science
JACM
• 2013
It is shown that, ignoring computational constraints, it is possible to release synthetic databases that are useful for accurately answering large classes of queries while preserving differential privacy and a relaxation of the utility guarantee is given.
Faster Algorithms for Privately Releasing Marginals
• Computer Science
ICALP
• 2012
To the knowledge, this work is the first algorithm capable of privately releasing marginal queries with non-trivial worst-case accuracy guarantees in time substantially smaller than the number of k-way marginal queries, which is dΘ(k) (for k≪d).
A Multiplicative Weights Mechanism for Privacy-Preserving Data Analysis
• Computer Science
2010 IEEE 51st Annual Symposium on Foundations of Computer Science
• 2010
A new differentially private multiplicative weights mechanism for answering a large number of interactive counting (or linear) queries that arrive online and may be adaptively chosen, and it is shown that when the input database is drawn from a smooth distribution — a distribution that does not place too much weight on any single data item — accuracy remains as above, and the running time becomes poly-logarithmic in the data universe size.
Interactive privacy via the median mechanism
• Computer Science
STOC '10
• 2010
The median mechanism is the first privacy mechanism capable of identifying and exploiting correlations among queries in an interactive setting, and an efficient implementation is given, with running time polynomial in the number of queries, the database size, and the domain size.
Private data release via learning thresholds
• Computer Science
SODA
• 2012
The task of analyzing a database containing sensitive information about individual participants is studied, and a computationally efficient reduction from differentially private data release for a class of counting queries, to learning thresholded sums of predicates from a related class is instantiated.
PCPs and the Hardness of Generating Private Synthetic Data
• Computer Science
TCC
• 2011
It is shown that there is no polynomial-time, differentially private algorithm A that takes a database D and outputs a "synthetic database" D all of whose two-way marginals are approximately equal to those of D.
Practical privacy: the SuLQ framework
• Computer Science
PODS '05
• 2005
This work considers a statistical database in which a trusted administrator introduces noise to the query responses with the goal of maintaining privacy of individual database entries, and modify the privacy analysis to real-valued functions f and arbitrary row types, greatly improving the bounds on noise required for privacy.
Iterative Constructions and Private Data Release
• Computer Science
TCC
• 2012
New algorithms (and new analyses of existing algorithms) in both the interactive and non-interactive settings are given, and a reduction based on the IDC framework shows that an efficient, private algorithm for computing sufficiently accurate rank-1 matrix approximations would lead to an improved efficient algorithm for releasing private synthetic data for graph cuts.