In data-driven applications, preserving user privacy while enabling valuable computations remains a critical challenge. Technologies like Differential Privacy (DP) have been pivotal in addressing these concerns. The shuffle model of DP requires no trusted curators and can achieve high utility by leveraging the privacy amplification effect yielded from shuffling. These benefits have led to significant interest in the shuffle model. However, the computation tasks in the shuffle model are limited to statistical estimation, making the shuffle model inapplicable to real-world scenarios in which each user requires a personalized output. This paper introduces a novel paradigm termed Private Individual Computation (PIC), expanding the shuffle model to support a broader range of permutation-equivariant computations. PIC enables personalized outputs while preserving privacy, and enjoys privacy amplification through shuffling. We propose a concrete protocol that realizes PIC. By using one-time public keys, our protocol enables users to receive their outputs without compromising anonymity, which is essential for privacy amplification. Additionally, we present an optimal randomizer, the Minkowski Response, designed for the PIC model to enhance utility. We formally prove the security and privacy properties of the PIC protocol. Theoretical analysis and empirical evaluations demonstrate PIC's capability in handling non-statistical computation tasks, and the efficacy of PIC and the Minkowski randomizer in achieving superior utility compared to existing solutions.
翻译:在数据驱动的应用中,如何在保护用户隐私的同时实现有价值的计算仍然是一个关键挑战。差分隐私等技术在解决这些问题方面发挥了关键作用。差分隐私的混洗模型无需可信的数据管理者,并可通过利用混洗带来的隐私放大效应实现高效用。这些优势使得混洗模型受到了广泛关注。然而,混洗模型中的计算任务仅限于统计估计,这使其无法适用于每个用户都需要个性化输出的现实场景。本文提出了一种称为“隐私个体计算”的新范式,扩展了混洗模型以支持更广泛的置换等变计算。PIC能够在保护隐私的同时实现个性化输出,并通过混洗获得隐私放大效应。我们提出了一个实现PIC的具体协议。通过使用一次性公钥,我们的协议使用户能够在接收输出时不泄露匿名性,这对于隐私放大至关重要。此外,我们提出了一种专为PIC模型设计的最优随机化器——闵可夫斯基响应,以提升效用。我们形式化地证明了PIC协议的安全性和隐私性。理论分析和实验评估表明,PIC能够处理非统计计算任务,并且与现有解决方案相比,PIC及闵可夫斯基随机化器在实现更高效用方面具有显著优势。