Recent work of Erlingsson, Feldman, Mironov, Raghunathan, Talwar, and Thakurta [EFMRTT19] demonstrates that random shuffling amplifies differential privacy guarantees of locally randomized data. Such amplification implies substantially stronger privacy guarantees for systems in which data is contributed anonymously [BEMMRLRKTS17] and has lead to significant interest in the shuffle model of privacy [CSUZZ19,EFMRTT19]. We show that random shuffling of $n$ data records that are input to $\varepsilon_0$-differentially private local randomizers results in an $(O((1-e^{-\varepsilon_0})\sqrt{\frac{e^{\varepsilon_0}\log(1/\delta)}{n}}), \delta)$-differentially private algorithm. This significantly improves over previous work and achieves the asymptotically optimal dependence in $\varepsilon_0$. Our result is based on a new approach that is simpler than previous work and extends to approximate differential privacy with nearly the same guarantees. Our work also yields an empirical method to derive tighter bounds the resulting $\varepsilon$ and we show that it gets to within a small constant factor of the optimal bound. As a direct corollary of our analysis, we derive a simple and asymptotically optimal algorithm for discrete distribution estimation in the shuffle model of privacy. We also observe that our result implies the first asymptotically optimal privacy analysis of noisy stochastic gradient descent that applies to sampling without replacement.
翻译:Erlingsson、Feldman、Mironov、Raghunathan、Talwar和Thakurta最近的工作表明,随机打拼会扩大本地随机数据的不同隐私保障。这种打拼意味着对匿名提供数据的系统大大加强隐私保障[BEMMRLRKTS17],并导致对隐私的打拼模式[CSUZZ19、EFMRT19]的极大兴趣。我们显示,随机打乱美元的数据记录,这些记录被输入到美元(Varepsilon_0) 和Thakurta[EFMRTT19]。随机打乱会增加本地本地随机随机随机随机随机数据,从而导致美元(O(O-E-Q_\\\\\\ varepslon_0}) 的隐私保障差异。我们以新的方法进行更精确的更精确的变现,也意味着我们以更精确的方式进行更精确的分析。