Affiliation:
1. University of Wisconsin-Madison, USA
2. University College London, UK
Abstract
Differential privacy has emerged as a promising probabilistic formulation of privacy, generating intense interest within academia and industry. We present a push-button, automated technique for verifying ε-differential privacy of sophisticated randomized algorithms. We make several conceptual, algorithmic, and practical contributions: (i) Inspired by the recent advances on approximate couplings and randomness alignment, we present a new proof technique called coupling strategies, which casts differential privacy proofs as a winning strategy in a game where we have finite privacy resources to expend. (ii) To discover a winning strategy, we present a constraint-based formulation of the problem as a set of Horn modulo couplings (HMC) constraints, a novel combination of first-order Horn clauses and probabilistic constraints. (iii) We present a technique for solving HMC constraints by transforming probabilistic constraints into logical constraints with uninterpreted functions. (iv) Finally, we implement our technique in the FairSquare verifier and provide the first automated privacy proofs for a number of challenging algorithms from the differential privacy literature, including Report Noisy Max, the Exponential Mechanism, and the Sparse Vector Mechanism.
Funder
European Research Council
Division of Computer and Network Systems
Division of Computing and Communication Foundations
Simons Foundation
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,Software
Reference47 articles.
1. FairSquare: probabilistic verification of program fairness
2. Really Natural Linear Indexed Type Checking
3. A semantic account of metric preservation
4. Proving uniformity and independence by self-composition and coupling. In International Conference on Logic for Programming, Artificial Intelligence and Reasoning (LPAR), Maun;Barthe Gilles;Botswana (EPiC Series in Computing),2017
Cited by
36 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Deciding Differential Privacy of Online Algorithms with Multiple Variables;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15
2. Contextual Linear Types for Differential Privacy;ACM Transactions on Programming Languages and Systems;2023-05-17
3. Divergences on monads for relational program logics;Mathematical Structures in Computer Science;2023-04
4. Symbolic execution for randomized programs;Proceedings of the ACM on Programming Languages;2022-10-31
5. Solo: a lightweight static analysis for differential privacy;Proceedings of the ACM on Programming Languages;2022-10-31