What does this research mean for the field?

Concurrent composition theorems can guarantee differential privacy against adaptive adversaries for continual mechanisms with arbitrarily interleaved queries and dataset updates, providing a modular framework for privacy analysis. Novelty: ClaimNovelty.METHODOLOGICAL. Consensus alignment: ConsensusAlignment.NEUTRAL.

What question did this study set out to answer?

This research aims to understand differential privacy in systems that continuously update datasets and process queries against adaptive threats.

May 16, 2026Open Access

Concurrent Composition for Differentially Private Continual Mechanisms

Key Points

This research aims to understand differential privacy in systems that continuously update datasets and process queries against adaptive threats.
Developed the first treatment of privacy for continual mechanisms with dataset updates and interleaved queries.
Proved concurrent composition theorems and generalizations for both interactive and noninteractive differential privacy.
Simplified privacy analysis for existing protocols using the established theorems.
Demonstrated that privacy guarantees for continual mechanisms hold against adaptive adversaries with interleaved actions.
Provided the first proof of adaptive privacy for approximate differential privacy mechanisms.
Established a framework that facilitates easier privacy analysis for multi-round interactions in protocols.

Abstract

Many intended uses of differential privacy involve a continual mechanism that is set up to run continuously over a long period of time, making more statistical releases as either queries come in or the dataset is updated. In this paper, we give the first general treatment of privacy against adaptive adversaries for mechanisms that support dataset updates and a variety of queries, all arbitrarily interleaved. It also models a very general notion of neighboring, that includes both event-level and user-level privacy. We prove several concurrent composition theorems for continual mechanisms, which ensure privacy even when an adversary can interleave its queries and dataset updates to the different composed mechanisms. Previous concurrent composition theorems for differential privacy were only for the case when the dataset is static, with no adaptive updates. We also give the first interactive and continual generalizations of the ''parallel composition theorem'' for noninteractive differential privacy. Specifically, we show that the analogue of the noninteractive parallel composition theorem holds if either there are no adaptive dataset updates or each of the composed mechanisms satisfies pure differential privacy, but it fails to hold for composing approximately differentially private mechanisms with dataset updates. Thus, we prove a tight new composition theorem for this case. In addition, we prove concurrent filter compositions theorems for the scenarios in which the privacy parameters are adaptively chosen. We extend these results to other measures of differential privacy, including Rényi DP and ƒ-DP. We then formalize a set of general conditions on a continual mechanism M that runs multiple continual sub-mechanisms such that the privacy guarantees of M follow directly using the above concurrent composition theorems on the sub-mechanisms, without further privacy loss. This enables us to give a simpler and modular privacy analysis of a recent continual histogram mechanism of Henzinger, Sricharan, and Steiner. In the case of approximate DP, ours is the first proof that shows that its privacy holds against adaptive adversaries. We also provide a framework that simplifies the analysis of local differential privacy when the protocol includes multi-round server-user interactions. Using this result, we simplify the privacy analysis of the core decomposition protocol of Dhulipala, Henzinger, Li, Liu, Sricharan, and Zhu.

Read Full Paperexternally

Bookmark

View Full Paper

Cite This Study

Henzinger et al. (Tue,) studied this question.

synapsesocial.com/papers/6a080a41a487c87a6a40c2f8 https://doi.org/https://doi.org/10.1145/3801895

Bookmark

View Full Paper