5,975 research outputs found
Advanced Probabilistic Couplings for Differential Privacy
Differential privacy is a promising formal approach to data privacy, which
provides a quantitative bound on the privacy cost of an algorithm that operates
on sensitive information. Several tools have been developed for the formal
verification of differentially private algorithms, including program logics and
type systems. However, these tools do not capture fundamental techniques that
have emerged in recent years, and cannot be used for reasoning about
cutting-edge differentially private algorithms. Existing techniques fail to
handle three broad classes of algorithms: 1) algorithms where privacy depends
accuracy guarantees, 2) algorithms that are analyzed with the advanced
composition theorem, which shows slower growth in the privacy cost, 3)
algorithms that interactively accept adaptive inputs.
We address these limitations with a new formalism extending apRHL, a
relational program logic that has been used for proving differential privacy of
non-interactive algorithms, and incorporating aHL, a (non-relational) program
logic for accuracy properties. We illustrate our approach through a single
running example, which exemplifies the three classes of algorithms and explores
new variants of the Sparse Vector technique, a well-studied algorithm from the
privacy literature. We implement our logic in EasyCrypt, and formally verify
privacy. We also introduce a novel coupling technique called \emph{optimal
subset coupling} that may be of independent interest
Proving Differential Privacy with Shadow Execution
Recent work on formal verification of differential privacy shows a trend
toward usability and expressiveness -- generating a correctness proof of
sophisticated algorithm while minimizing the annotation burden on programmers.
Sometimes, combining those two requires substantial changes to program logics:
one recent paper is able to verify Report Noisy Max automatically, but it
involves a complex verification system using customized program logics and
verifiers.
In this paper, we propose a new proof technique, called shadow execution, and
embed it into a language called ShadowDP. ShadowDP uses shadow execution to
generate proofs of differential privacy with very few programmer annotations
and without relying on customized logics and verifiers. In addition to
verifying Report Noisy Max, we show that it can verify a new variant of Sparse
Vector that reports the gap between some noisy query answers and the noisy
threshold. Moreover, ShadowDP reduces the complexity of verification: for all
of the algorithms we have evaluated, type checking and verification in total
takes at most 3 seconds, while prior work takes minutes on the same algorithms.Comment: 23 pages, 12 figures, PLDI'1
Privacy and Truthful Equilibrium Selection for Aggregative Games
We study a very general class of games --- multi-dimensional aggregative
games --- which in particular generalize both anonymous games and weighted
congestion games. For any such game that is also large, we solve the
equilibrium selection problem in a strong sense. In particular, we give an
efficient weak mediator: a mechanism which has only the power to listen to
reported types and provide non-binding suggested actions, such that (a) it is
an asymptotic Nash equilibrium for every player to truthfully report their type
to the mediator, and then follow its suggested action; and (b) that when
players do so, they end up coordinating on a particular asymptotic pure
strategy Nash equilibrium of the induced complete information game. In fact,
truthful reporting is an ex-post Nash equilibrium of the mediated game, so our
solution applies even in settings of incomplete information, and even when
player types are arbitrary or worst-case (i.e. not drawn from a common prior).
We achieve this by giving an efficient differentially private algorithm for
computing a Nash equilibrium in such games. The rates of convergence to
equilibrium in all of our results are inverse polynomial in the number of
players . We also apply our main results to a multi-dimensional market game.
Our results can be viewed as giving, for a rich class of games, a more robust
version of the Revelation Principle, in that we work with weaker informational
assumptions (no common prior), yet provide a stronger solution concept (ex-post
Nash versus Bayes Nash equilibrium). In comparison to previous work, our main
conceptual contribution is showing that weak mediators are a game theoretic
object that exist in a wide variety of games -- previously, they were only
known to exist in traffic routing games
- …