Verifiable Exponential Mechanism for Median Estimation

TL;DR

This paper introduces a verifiable implementation of the exponential mechanism for differential privacy using zk-SNARKs, enabling cryptographic proof of privacy guarantees and correct median estimation without revealing sensitive data.

Contribution

It presents the first verifiable exponential mechanism implementation with a practical median estimation scheme, ensuring privacy and correctness through cryptographic verification.

Findings

First verifiable DP median estimation scheme.

Uses zk-SNARKs for cryptographic verification.

Ensures privacy and correctness without data exposure.

Abstract

Differential Privacy (DP) is a rigorous privacy standard widely adopted in data analysis and machine learning. However, its guarantees rely on correctly introducing randomized noise--an assumption that may not hold if the implementation is faulty or manipulated by an untrusted analyst. To address this concern, we propose the first verifiable implementation of the exponential mechanism using zk-SNARKs. As a concrete application, we present the first verifiable differentially private (DP) median estimation scheme, which leverages this construction to ensure both privacy and verifiability. Our method encodes the exponential mechanism and a utility function for the median into an arithmetic circuit, employing a scaled inverse CDF technique for sampling. This design enables cryptographic verification that the reported output adheres to the intended DP mechanism, ensuring both privacy and integrity without revealing sensitive data.