Optimal Mechanism for Randomized Responses under Universally Composable Security Measure

Abstract

We consider a problem of analyzing a global property of private data through randomized responses subject to a certain rule, where private data are used for another cryptographic protocol, e.g., authentication. For this problem, the security of private data was evaluated by a universally composable security measure, which can be regarded as $(0,\delta)$-differential privacy. Here we focus on the trade-off between the global accuracy and a universally composable security measure, and derive an optimal solution to the trade-off problem. More precisely, we adopt the Fisher information of a certain distribution family as the estimation accuracy of a global property and impose $(0,\delta)$-differential privacy on a randomization mechanism protecting private data. Finally, we maximize the Fisher information under the $(0,\delta)$-differential privacy constraint and obtain an optimal mechanism explicitly.