Two party differential privacy allows two parties who do not trust each other, to come together and perform a joint analysis on their data whilst maintaining individual-level privacy. We show that any efficient, computationally differentially private protocol that has black-box access to key agreement (and nothing stronger), is also an efficient, information-theoretically differentially private protocol. In other words, the existence of efficient key agreement protocols is insufficient for efficient, computationally differentially private protocols. In doing so, we make progress in answering an open question posed by Vadhan about the minimal computational assumption needed for computational differential privacy. Combined with the information-theoretic lower bound due to McGregor, Mironov, Pitassi, Reingold, Talwar, and Vadhan in [FOCS'10], we show that there is no fully black-box reduction from efficient, computationally differentially private protocols for computing the Hamming distance (or equivalently inner product over the integers) on $n$ bits, with additive error lower than $O\left(\frac{\sqrt{n}}{e^{\epsilon}\log(n)}\right)$, to key agreement. This complements the result by Haitner, Mazor, Silbak, and Tsfadia in [STOC'22], which showed that computing the Hamming distance implies key agreement. We conclude that key agreement is \emph{strictly} weaker than computational differential privacy for computing the inner product, thereby answering their open question on whether key agreement is sufficient.

翻译：两方差分隐私允许互不信任的双方共同对其数据进行联合分析，同时保持个体层面的隐私。我们证明，任何能够黑盒访问密钥协商（且无更强能力）的、高效的计算差分隐私协议，同时也是高效的信息论差分隐私协议。换言之，存在高效的密钥协商协议不足以构建高效的计算差分隐私协议。这一结果推进了Vadhan提出的关于计算差分隐私所需最小计算假设这一开放问题的解答。结合McGregor、Mironov、Pitassi、Reingold、Talwar和Vadhan在[FOCS'10]中提出的信息论下界，我们证明：对于计算$n$比特汉明距离（或等价地，整数内积）且加性误差低于$O\left(\frac{\sqrt{n}}{e^{\epsilon}\log(n)}\right)$的高效计算差分隐私协议，不存在完全黑盒归约至密钥协商的构造。这补充了Haitner、Mazor、Silbak和Tsfadia在[STOC'22]中的结果——该结果表明计算汉明距离可推导出密钥协商。我们得出结论：在计算内积问题上，密钥协商严格弱于计算差分隐私，从而回答了其关于密钥协商是否足够的开放问题。