Approximate Span Liftings: Compositional Semantics for Relaxations of Differential Privacy

We develop new abstractions for reasoning about three relaxations of differential privacy: $R$ényi differential privacy, zero-concentrated differential privacy, and truncated concentrated differential privacy, which express bounds on statistical divergences between two output probability distributions. In order to reason about such properties compositionally, we introduce approximate span-lifting, a novel construction extending the approximate relational lifting approaches previously developed for standard differential privacy to a more general class of divergences, and also to continuous distributions. As an application, we develop a program logic based on approximate span-liftings capable of proving relaxations of differential privacy and other statistical divergence properties.

[1]  Gilles Barthe,et al.  Probabilistic Relational Reasoning for Differential Privacy , 2012, TOPL.

[2]  Aws Albarghouthi,et al.  Synthesizing coupling proofs of differential privacy , 2017, Proc. ACM Program. Lang..

[3]  Thomas Steinke,et al.  Composable and versatile privacy via truncated CDP , 2018, STOC.

[4]  Roman Fric,et al.  A Categorical Approach to Probability Theory , 2010, Stud Logica.

[5]  Guy N. Rothblum,et al.  Boosting and Differential Privacy , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[6]  Ilya Mironov,et al.  Rényi Differential Privacy , 2017, 2017 IEEE 30th Computer Security Foundations Symposium (CSF).

[7]  Shin-ya Katsumata,et al.  A Semantic Formulation of TT-Lifting and Logical Predicates for Computational Metalanguage , 2005, CSL.

[8]  Gilles Barthe,et al.  Beyond Differential Privacy: Composition Theorems and Relational Logic for f-divergences between Probabilistic Programs , 2013, ICALP.

[9]  Kamalika Chaudhuri,et al.  Renyi Differential Privacy Mechanisms for Posterior Sampling , 2017, NIPS.

[10]  Gilles Barthe,et al.  Differentially Private Bayesian Programming , 2016, CCS.

[11]  Gilles Barthe,et al.  *-Liftings for Differential Privacy , 2017, ICALP.

[12]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[13]  Peter Harremoës,et al.  Rényi Divergence and Kullback-Leibler Divergence , 2012, IEEE Transactions on Information Theory.

[14]  Ron Steinfeld,et al.  GGHLite: More Efficient Multilinear Maps from Ideal Lattices , 2014, IACR Cryptol. ePrint Arch..

[15]  Gilles Barthe,et al.  Proving Differential Privacy in Hoare Logic , 2014, 2014 IEEE 27th Computer Security Foundations Symposium.

[16]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[17]  W. Rudin Real and complex analysis, 3rd ed. , 1987 .

[18]  G. Crooks On Measures of Entropy and Information , 2015 .

[19]  Tetsuya Sato,et al.  Codensity Liftings of Monads , 2015, CALCO.

[20]  Danfeng Zhang,et al.  LightDP: towards automating differential privacy proofs , 2016, POPL.

[21]  Prakash Panangaden,et al.  The Category of Markov Kernels , 1998, PROBMIV.

[22]  Andreas Haeberlen,et al.  A framework for adaptive differential privacy , 2017, Proc. ACM Program. Lang..

[23]  Igor Vajda,et al.  About distances of discrete distributions satisfying the data processing theorem of information theory , 1997, IEEE Trans. Inf. Theory.

[24]  Benjamin C. Pierce,et al.  Distance makes the types grow stronger: a calculus for differential privacy , 2010, ICFP '10.

[25]  Igor Vajda,et al.  On Divergences and Informations in Statistics and Information Theory , 2006, IEEE Transactions on Information Theory.

[26]  Andreas Haeberlen,et al.  Linear dependent types for differential privacy , 2013, POPL.

[27]  Tetsuya Sato,et al.  Approximate Relational Hoare Logic for Continuous Random Samplings , 2016, MFPS.

[28]  Sebastian Meiser,et al.  Approximate and Probabilistic Differential Privacy Definitions , 2018, IACR Cryptol. ePrint Arch..

[29]  Arthur Azevedo de Amorim,et al.  Really Natural Linear Indexed Type Checking , 2014, IFL.

[30]  Shin-ya Katsumata,et al.  Towards a Formal Theory of Graded Monads , 2016, FoSSaCS.

[31]  Shin-ya Katsumata,et al.  Parametric effect monads and semantics of effect systems , 2014, POPL.

[32]  Gilles Barthe,et al.  Programming language techniques for differential privacy , 2016, SIGL.

[33]  Thomas Steinke,et al.  Concentrated Differential Privacy: Simplifications, Extensions, and Lower Bounds , 2016, TCC.

[34]  Pierre-Yves Strub,et al.  Advanced Probabilistic Couplings for Differential Privacy , 2016, CCS.

[35]  F. Olmedo Approximate Relational Reasoning for Probabilistic Programs , 2014 .

[36]  Ian Goodfellow,et al.  Deep Learning with Differential Privacy , 2016, CCS.

[37]  Gilles Barthe,et al.  Higher-Order Approximate Relational Refinement Types for Mechanism Design and Differential Privacy , 2014, POPL.