Advanced Probabilistic Couplings for Differential Privacy

TL;DR

This paper introduces an advanced formalism combining relational and non-relational logics to verify complex differential privacy algorithms, including adaptive and accuracy-dependent ones, using a new coupling technique and EasyCrypt implementation.

Contribution

It extends apRHL with aHL to handle accuracy, composition, and adaptivity in differential privacy verification, and introduces optimal subset coupling for improved analysis.

Findings

Successfully verified privacy of complex algorithms in EasyCrypt.

Demonstrated the approach on variants of the Sparse Vector technique.

Introduced the novel optimal subset coupling technique.

Abstract

Differential privacy is a promising formal approach to data privacy, which provides a quantitative bound on the privacy cost of an algorithm that operates on sensitive information. Several tools have been developed for the formal verification of differentially private algorithms, including program logics and type systems. However, these tools do not capture fundamental techniques that have emerged in recent years, and cannot be used for reasoning about cutting-edge differentially private algorithms. Existing techniques fail to handle three broad classes of algorithms: 1) algorithms where privacy depends accuracy guarantees, 2) algorithms that are analyzed with the advanced composition theorem, which shows slower growth in the privacy cost, 3) algorithms that interactively accept adaptive inputs. We address these limitations with a new formalism extending apRHL, a relational program logic that has been used for proving differential privacy of non-interactive algorithms, and incorporating aHL, a (non-relational) program logic for accuracy properties. We illustrate our approach through a single running example, which exemplifies the three classes of algorithms and explores new variants of the Sparse Vector technique, a well-studied algorithm from the privacy literature. We implement our logic in EasyCrypt, and formally verify privacy. We also introduce a novel coupling technique called \emph{optimal subset coupling} that may be of independent interest.