TY - GEN
T1 - Proving differential privacy with shadow execution
AU - Wang, Yuxin
AU - Ding, Zeyu
AU - Wang, Guanhong
AU - Kifer, Daniel
AU - Zhang, Danfeng
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery. ACM
PY - 2019/6/8
Y1 - 2019/6/8
N2 - Recent work on formal verification of differential privacy shows a trend toward usability and expressiveness - generating a correctness proof of sophisticated algorithm while minimizing the annotation burden on programmers. Sometimes, combining those two requires substantial changes to program logics: one recent paper is able to verify Report Noisy Max automatically, but it involves a complex verification system using customized program logics and verifiers. In this paper, we propose a new proof technique, called shadow execution, and embed it into a language called ShadowDP. ShadowDP uses shadow execution to generate proofs of differential privacy with very few programmer annotations and without relying on customized logics and verifiers. In addition to verifying Report Noisy Max, we show that it can verify a new variant of Sparse Vector that reports the gap between some noisy query answers and the noisy threshold. Moreover, ShadowDP reduces the complexity of verification: for all of the algorithms we have evaluated, type checking and verification in total takes at most 3 seconds, while prior work takes minutes on the same algorithms.
AB - Recent work on formal verification of differential privacy shows a trend toward usability and expressiveness - generating a correctness proof of sophisticated algorithm while minimizing the annotation burden on programmers. Sometimes, combining those two requires substantial changes to program logics: one recent paper is able to verify Report Noisy Max automatically, but it involves a complex verification system using customized program logics and verifiers. In this paper, we propose a new proof technique, called shadow execution, and embed it into a language called ShadowDP. ShadowDP uses shadow execution to generate proofs of differential privacy with very few programmer annotations and without relying on customized logics and verifiers. In addition to verifying Report Noisy Max, we show that it can verify a new variant of Sparse Vector that reports the gap between some noisy query answers and the noisy threshold. Moreover, ShadowDP reduces the complexity of verification: for all of the algorithms we have evaluated, type checking and verification in total takes at most 3 seconds, while prior work takes minutes on the same algorithms.
UR - http://www.scopus.com/inward/record.url?scp=85067698752&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85067698752&partnerID=8YFLogxK
U2 - 10.1145/3314221.3314619
DO - 10.1145/3314221.3314619
M3 - Conference contribution
AN - SCOPUS:85067698752
T3 - Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI)
SP - 655
EP - 669
BT - PLDI 2019 - Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation
A2 - McKinley, Kathryn S.
A2 - Fisher, Kathleen
PB - Association for Computing Machinery
T2 - 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI 2019
Y2 - 22 June 2019 through 26 June 2019
ER -