Large language models (LLMs) have had a profound impact on numerous aspects of daily life including natural language processing, content generation, research methodologies and so on. However, one crucial issue concerning the inference results of large language models is security and privacy. In many scenarios, the results generated by LLMs could possibly leak many confidential or copyright information. A recent beautiful and breakthrough work [Vyas, Kakade and Barak 2023] focus on such privacy issue of the LLMs from theoretical perspective. It is well-known that computing the attention matrix is one of the major task during the LLMs computation. Thus, how to give a provable privately guarantees of computing the attention matrix is an important research direction. Previous work [Alman and Song 2023, Brand, Song and Zhou 2023] have proposed provable tight result for fast computation of attention without considering privacy concerns. One natural mathematical formulation to quantity the privacy in theoretical computer science graduate school textbook is differential privacy. Inspired by [Vyas, Kakade and Barak 2023], in this work, we provide a provable result for showing how to differentially private approximate the attention matrix. From technique perspective, our result replies on a pioneering work in the area of differential privacy by [Alabi, Kothari, Tankala, Venkat and Zhang 2022].

翻译：大型语言模型（LLMs）在日常生活诸多方面产生了深远影响，包括自然语言处理、内容生成、研究方法等。然而，大型语言模型推理结果面临的一个关键问题是安全与隐私。在许多场景下，LLMs生成的输出可能泄露大量机密或版权信息。近期一项突破性工作[Vyas, Kakade and Barak 2023]从理论角度聚焦LLMs的隐私问题。众所周知，注意力矩阵计算是LLMs计算过程中的核心任务之一，因此如何为注意力矩阵计算提供可证明的隐私保证是一个重要研究方向。此前的研究[Alman and Song 2023, Brand, Song and Zhou 2023]已提出快速计算注意力矩阵的可证明紧致结果，但未考虑隐私问题。在理论计算机科学研究生教材中，量化隐私的自然数学表述是差分隐私。受[Vyas, Kakade and Barak 2023]启发，本研究展示了如何对注意力矩阵进行可证明的差分隐私近似计算。在技术层面，我们的结果依赖于差分隐私领域的开创性工作[Alabi, Kothari, Tankala, Venkat and Zhang 2022]。