On Communication Protocols that Compute Almost Privately

A traditionally desired goal when designing auction mechanisms is incentive compatibility, i.e., ensuring that bidders fare best by truthfully reporting their preferences. A complementary goal, which has, thus far, received significantly less attention, is to preserve privacy, i.e., to ensure that bidders reveal no more information than necessary. We further investigate and generalize the approximate privacy model for two-party communication recently introduced by Feigenbaum et al.[8]. We explore the privacy properties of a natural class of communication protocols that we refer to as “dissection protocols”. Dissection protocols include, among others, the bisection auction in [9,10] and the bisection protocol for the millionaires problem in [8]. Informally, in a dissection protocol the communicating parties are restricted to answering simple questions of the form “Is your input between the values \alpha and \beta (under a predefined order over the possible inputs)?”. We prove that for a large class of functions, called tiling functions, which include the 2nd-price Vickrey auction, there always exists a dissection protocol that provides a constant average-case privacy approximation ratio for uniform or “almost uniform” probability distributions over inputs. To establish this result we present an interesting connection between the approximate privacy framework and basic concepts in computational geometry. We show that such a good privacy approximation ratio for tiling functions does not, in general, exist in the worst case. We also discuss extensions of the basic setup to more than two parties and to non-tiling functions, and provide calculations of privacy approximation ratios for two functions of interest.

💡 Research Summary

The paper investigates the problem of preserving privacy while two parties, Alice and Bob, jointly compute a deterministic function f(x, y) of their private inputs. Building on the approximate‑privacy framework introduced by Feigenbaum et al. (2008), the authors quantify privacy loss using the Privacy Approximation Ratio (PAR). PAR compares the size of the monochromatic region that a protocol reveals for a given input pair with the size of the ideal monochromatic region (the maximal rectangle in which the function’s output is constant). Both worst‑case and average‑case PAR are defined, the latter with respect to a probability distribution over inputs.

A central contribution is the introduction of “dissection protocols”. In such protocols each communication round consists of a simple range query of the form “Is your input between α and β?” (according to a predefined total order on the input domain). This restriction captures natural settings where inputs are integers or binary strings and mirrors the bisection strategies used in the classic millionaires problem and in the bisection auction.

The authors focus on a broad class of functions called tiling functions. A tiling function’s output space can be partitioned into a set of disjoint axis‑aligned rectangles (tiles) such that the function is constant on each tile. Many well‑studied problems—second‑price Vickrey auctions, max/min, and the millionaires problem—are tiling functions.

Main positive result: For every tiling function, when the inputs are drawn from a uniform or “almost uniform” distribution, there exists a dissection protocol whose average‑case PAR is bounded by a constant (specifically ≤ 4). The proof exploits a connection to Binary Space Partitioning (BSP) from computational geometry. BSP recursively splits the plane with axis‑parallel lines, producing a partition into rectangles. Known bounds on the size of BSPs translate into bounds on the number of rectangles a protocol must generate, which directly yields the constant PAR guarantee.

Main negative results:

1. In the worst‑case, the same constant‑PAR guarantee cannot be achieved for all tiling functions. The authors construct tiling functions (e.g., with three distinct output values) for which any dissection protocol must have PAR that grows linearly with the input size.
2. When the model is extended to more than two parties (d > 2), the constant‑average‑PAR property fails. They exhibit a three‑dimensional tiling function for which every dissection protocol incurs exponential PAR in both the average and worst cases, even if an unbounded number of communication rounds is allowed.

Non‑tiling functions: The paper also analyzes two specific non‑tiling Boolean functions: the set‑covering function and the equality function. By applying the bisection protocol (a special case of dissection), they compute both worst‑case and average‑case PARs and show that the values are large, indicating that simple range queries are insufficient to hide information for such functions.

Methodological contributions:

• Formalization of dissection protocols and their relationship to monochromatic tilings.
• Extension of the PAR definition from two‑party to multi‑party settings, replacing rectangles with hyper‑rectangles.
• Demonstration that the ideal monochromatic partition (the “ideal tiling”) coincides with the maximal monochromatic rectangles of the function’s matrix representation.
• Use of BSP literature (e.g., bounds on the number of leaves in a binary space partition) to derive privacy guarantees, establishing a novel bridge between communication‑complexity‑based privacy analysis and geometric partitioning techniques.

Implications: The results suggest that for many economically relevant functions (second‑price auctions, millionaires problem) one can design very simple, communication‑efficient protocols that also provide strong average‑case privacy guarantees, provided the input distribution is roughly uniform. However, the impossibility results warn that such guarantees are fragile: they break down under adversarial input distributions, for functions with richer output alphabets, or when more than two parties are involved. Consequently, protocol designers must carefully consider the function’s tiling structure, the number of participants, and the expected input distribution when aiming for approximate privacy.

Overall, the paper deepens our understanding of the trade‑off between communication cost and privacy, introduces geometric tools into the analysis of approximate privacy, and delineates the precise conditions under which dissection protocols can achieve constant‑factor privacy approximation.