Beyond statistical estimation: differentially private individual computation via shuffling
Beyond statistical estimation: differentially private individual computation via shuffling
In data-driven applications, preserving user privacy while enabling valuable computations remains a critical challenge. Technologies like differential privacy have been pivotal in addressing these concerns. The shuffle model of DP requires no trusted curators and can achieve high utility by leveraging the privacy amplification effect yielded from shuffling. These benefits have led to significant interest in the shuffle model. However, the computation tasks in the shuffle model are limited to statistical estimation, making it inapplicable to real-world scenarios in which each user requires a personalized output. This paper introduces a novel paradigm termed Private Individual Computation (PIC), expanding the shuffle model to support a broader range of permutation-equivariant computations. PIC enables personalized outputs while preserving privacy, and enjoys privacy amplification through shuffling. We propose a concrete protocol that realizes PIC. By using one-time public keys, our protocol enables users to receive their outputs without compromising anonymity, which is essential for privacy amplification. Additionally, we present an optimal randomizer, the Minkowski Response, designed for the PIC model to enhance utility. We formally prove the security and privacy properties of the PIC protocol. Theoretical analysis and empirical evaluations demonstrate PIC’s capability in handling non-statistical computation tasks, and the efficacy of PIC and the Minkowski randomizer in achieving superior utility compared to existing solutions.
Wang, Shaowei
2f0f9eb1-61ac-4129-8b71-8a0316789296
Dong, Changyu
e578ab8c-4f99-4899-b521-06a6a3331dab
Song, Xiangfu
15eb8b44-284e-46c7-9d20-543deca82f53
Li, Jin
470cc456-af8a-4ce4-a901-8845bb839430
Zhou, Zhili
34be5f46-19a7-46a1-8d9a-4c0994fa2b70
Wang, Di
b225bad4-9933-42a1-ab97-2ab1d48ba8b9
Wu, Han
df26f7c9-c15d-4c37-baa3-68bc19e1d74b
August 2025
Wang, Shaowei
2f0f9eb1-61ac-4129-8b71-8a0316789296
Dong, Changyu
e578ab8c-4f99-4899-b521-06a6a3331dab
Song, Xiangfu
15eb8b44-284e-46c7-9d20-543deca82f53
Li, Jin
470cc456-af8a-4ce4-a901-8845bb839430
Zhou, Zhili
34be5f46-19a7-46a1-8d9a-4c0994fa2b70
Wang, Di
b225bad4-9933-42a1-ab97-2ab1d48ba8b9
Wu, Han
df26f7c9-c15d-4c37-baa3-68bc19e1d74b
Wang, Shaowei, Dong, Changyu, Song, Xiangfu, Li, Jin, Zhou, Zhili, Wang, Di and Wu, Han
(2025)
Beyond statistical estimation: differentially private individual computation via shuffling.
The 34th USENIX Security Symposium (USENIX Security 2025), , Seattle, United States.
13 - 15 Aug 2025.
Record type:
Conference or Workshop Item
(Paper)
Abstract
In data-driven applications, preserving user privacy while enabling valuable computations remains a critical challenge. Technologies like differential privacy have been pivotal in addressing these concerns. The shuffle model of DP requires no trusted curators and can achieve high utility by leveraging the privacy amplification effect yielded from shuffling. These benefits have led to significant interest in the shuffle model. However, the computation tasks in the shuffle model are limited to statistical estimation, making it inapplicable to real-world scenarios in which each user requires a personalized output. This paper introduces a novel paradigm termed Private Individual Computation (PIC), expanding the shuffle model to support a broader range of permutation-equivariant computations. PIC enables personalized outputs while preserving privacy, and enjoys privacy amplification through shuffling. We propose a concrete protocol that realizes PIC. By using one-time public keys, our protocol enables users to receive their outputs without compromising anonymity, which is essential for privacy amplification. Additionally, we present an optimal randomizer, the Minkowski Response, designed for the PIC model to enhance utility. We formally prove the security and privacy properties of the PIC protocol. Theoretical analysis and empirical evaluations demonstrate PIC’s capability in handling non-statistical computation tasks, and the efficacy of PIC and the Minkowski randomizer in achieving superior utility compared to existing solutions.
This record has no associated files available for download.
More information
Published date: August 2025
Venue - Dates:
The 34th USENIX Security Symposium (USENIX Security 2025), , Seattle, United States, 2025-08-13 - 2025-08-15
Identifiers
Local EPrints ID: 500891
URI: http://eprints.soton.ac.uk/id/eprint/500891
PURE UUID: 85db7c59-ddfd-4eed-857a-bf49bff7dc59
Catalogue record
Date deposited: 15 May 2025 16:31
Last modified: 15 May 2025 16:31
Export record
Contributors
Author:
Shaowei Wang
Author:
Changyu Dong
Author:
Xiangfu Song
Author:
Jin Li
Author:
Zhili Zhou
Author:
Di Wang
Author:
Han Wu
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics