The Complexity of Verifying Boolean Programs as Differentially Private

TL;DR

This paper analyzes the computational complexity of verifying various notions of differential privacy in boolean probabilistic programs, establishing PSPACE-completeness results for decision and approximation problems.

Contribution

It proves that verifying differential privacy and approximating privacy parameters in boolean programs is PSPACE-complete, extending to several privacy relaxations.

Findings

Deciding differential privacy is PSPACE-complete.

Approximating privacy parameters is PSPACE-hard.

Results extend to Rényi, concentrated, and truncated concentrated differential privacy.

Abstract

We study the complexity of the problem of verifying differential privacy for while-like programs working over boolean values and making probabilistic choices. Programs in this class can be interpreted into finite-state discrete-time Markov Chains (DTMC). We show that the problem of deciding whether a program is differentially private for specific values of the privacy parameters is PSPACE-complete. To show that this problem is in PSPACE, we adapt classical results about computing hitting probabilities for DTMC. To show PSPACE-hardness we use a reduction from the problem of checking whether a program almost surely terminates or not. We also show that the problem of approximating the privacy parameters that a program provides is PSPACE-hard. Moreover, we investigate the complexity of similar problems also for several relaxations of differential privacy: R\'enyi differential privacy, concentrated differential privacy, and truncated concentrated differential privacy. For these notions, we consider gap-versions of the problem of deciding whether a program is private or not and we show that all of them are PSPACE-complete.