Appendix E. Composition Proofs

This appendix contains proofs for several theorems from Chapter 2: basic sequential composition, general sequential composition, parallel composition, and immunity to postprocessing. While you won’t need to memorize these to prepare a DP release, working through each step can give you a deeper understanding of the behaviors of a DP mechanism. Further, knowing how to use composition and postprocessing will help you address more DP scenarios and build more complex pipelines.

Theorem: Basic Sequential Composition

Given an ϵ 0 -DP mechanism M 0 ( D ) and an ϵ 1 -DP mechanism M 1 ( D ) , then applying each mechanism in sequence to a data set D provides ( ϵ 0 + ϵ 1 ) -differential privacy.

Proof

For notational simplicity, let’s start with the following scenario: you have an ϵ 0 -DP mechanism called M 0 , an ϵ 1 -DP mechanism called M 1 , and a data set D. If you apply M 0 to D, and then apply M 1 to D, the result is ( ϵ 0 + ϵ 1 ) -DP, that is, the privacy loss sums. In fact, the order doesn’t matter here, so long as they are independent.

For some outcome Y, you can use independence and know that:

P r [ M 0 ( D ) = Y , M 1 ( D ) = Y ] = P r [ M 0 ( D ) = Y ] P r [ M 1 ( D ) = Y ]

and for an adjacent data set D ' , this also holds:

P r [ M 0 ( D ' ) = Y , M 1 ( D ' ) = Y ] = P r [ M 0 ( D ' ) = Y ] P r [ M 1 ( D ' ) = Y ]

Dividing these two statements yields: ...

Get Hands-On Differential Privacy now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial