Privacy-Aware Rejection Sampling. (arXiv:2108.00965v2 [cs.CR] UPDATED)

Differential privacy (DP) offers strong theoretical privacy guarantees, but
implementations of DP mechanisms may be vulnerable to side-channel attacks,
such as timing attacks. When sampling methods such as MCMC or rejection
sampling are used to implement a mechanism, the runtime can leak private
information. We characterize the additional privacy cost due to the runtime of
a rejection sampler in terms of both $(\epsilon,\delta)$-DP as well as $f$-DP.
We also show that unless the acceptance probability is constant across
databases, the …

privacy