부산대학교 도서관

To bound information leakage in outputs of protocols, it is important to construct secure multiparty computation protocols which output differentially private values perturbed by the addition of noise. However, previous noise generation protocols have round and communication complexity growing with differential privacy budgets, or require parties to locally generate non-uniform noise, which makes it difficult to guarantee differential privacy against active adversaries. We propose three kinds of protocols for generating noise drawn from certain distributions providing differential privacy. The two of them generate noise from finite-range variants of the discrete Laplace distribution. For $(\epsilon,\delta )$(ε,δ)-differential privacy, they only need constant numbers of rounds independent of $\epsilon,\delta$ε,δ while the previous protocol needs the number of rounds depending on $\delta$δ. The two protocols are incomparable as they make a trade-off between round and communication complexity. Our third protocol non-interactively generate shares of noise from the binomial distribution by predistributing keys for a pseudorandom function. It achieves communication complexity independent of $\epsilon$ε or $\delta$δ for the computational analogue of $(\epsilon,\delta )$(ε,δ)-differential privacy while the previous protocols require communication complexity depending on $\epsilon$ε. We also prove that our protocols can be extended so that they provide differential privacy in the active setting.