DuetSGX: Differential Privacy with Secure Hardware

TL;DR

DuetSGX leverages secure hardware to enable differentially private data analysis without a trusted third party, verifying privacy guarantees before query execution.

Contribution

It introduces DuetSGX, combining secure enclaves with a specialized language and typechecker to ensure differential privacy without relying on a trusted curator.

Findings

Implemented a proof-of-concept system

Verifies differential privacy guarantees before execution

Eliminates need for trusted third-party in privacy-preserving analysis

Abstract

Differential privacy offers a formal privacy guarantee for individuals, but many deployments of differentially private systems require a trusted third party (the data curator). We propose DuetSGX, a system that uses secure hardware (Intel's SGX) to eliminate the need for a trusted data curator. Data owners submit encrypted data that can be decrypted only within a secure enclave running the DuetSGX system, ensuring that sensitive data is never available to the data curator. Analysts submit queries written in the Duet language, which is specifically designed for verifying that programs satisfy differential privacy; DuetSGX uses the Duet typechecker to verify that each query satisfies differential privacy before running it. DuetSGX therefore provides the benefits of local differential privacy and central differential privacy simultaneously: noise is only added to final results, and there is no trusted third party. We have implemented a proof-of-concept implementation of DuetSGX and we release it as open-source.