DPGen: Automated Program Synthesis for Differential Privacy

TL;DR

DPGen is an automated program synthesizer that transforms non-private algorithms into differentially private ones by automatically inserting and calibrating noise, optimizing privacy proofs, and handling adaptive mechanisms efficiently.

Contribution

This paper introduces DPGen, a novel system that automates the synthesis of differentially private algorithms from non-private code, including adaptive mechanisms.

Findings

Generates differentially private algorithms within 120 seconds on benchmarks.

Successfully synthesizes adaptive privacy mechanisms.

Optimizes utility functions effectively through automatic noise calibration.

Abstract

Differential privacy has become a de facto standard for releasing data in a privacy-preserving way. Creating a differentially private algorithm is a process that often starts with a noise-free (non-private) algorithm. The designer then decides where to add noise, and how much of it to add. This can be a non-trivial process -- if not done carefully, the algorithm might either violate differential privacy or have low utility. In this paper, we present DPGen, a program synthesizer that takes in non-private code (without any noise) and automatically synthesizes its differentially private version (with carefully calibrated noise). Under the hood, DPGen uses novel algorithms to automatically generate a sketch program with candidate locations for noise, and then optimize privacy proof and noise scales simultaneously on the sketch program. Moreover, DPGen can synthesize sophisticated mechanisms that adaptively process queries until a specified privacy budget is exhausted. When evaluated on standard benchmarks, DPGen is able to generate differentially private mechanisms that optimize simple utility functions within 120 seconds. It is also powerful enough to synthesize adaptive privacy mechanisms.