Pcps And The Hardness Of Generating Private Synthetic Data

Assuming the existence of one-way functions, we show that there is no polynomial-time, differentially private algorithm A that takes a database D is an element of ({0, 1}(d))(n) and outputs a "synthetic database" (D) over cap all of whose two-way marginals are approximately equal to those of D. (A two-way marginal is the fraction of database rows x is an element of {0, 1}(d) with a given pair of values in a given pair of columns). This answers a question of Barak et al. (PODS '07), who gave an algorithm running in time poly(n, 2(d)).Our proof combines a construction of hard-to-sanitize databases based on digital signatures (by Dwork et al., STOC '09) with encodings based on probabilistically checkable proofs.We also present both negative and positive results for generating "relaxed" synthetic data, where the fraction of rows in D satisfying a predicate c are estimated by applying c to each row of (D) over cap and aggregating the results in some way.