TY - GEN
T1 - Approximate Algorithms for Verifying Differential Privacy with Gaussian Distributions
AU - Bhusal, Bishnu
AU - Chadha, Rohit
AU - Sistla, A. Prasad
AU - Viswanathan, Mahesh
N1 - This work was partially supported by the National Science Foundation: Bishnu Bhusal and Rohit Chadha were partially supported by grant CCF 1900924, A. Prasad Sistla was partially supported by grant CCF 1901069, and Mahesh Viswanathan was partially supported by grants CCF 1901069 and CCF 2007428.
PY - 2025/11/22
Y1 - 2025/11/22
N2 - The verification of differential privacy algorithms that employ Gaussian distributions is little understood. This paper tackles the challenge of verifying such programs by introducing a novel approach to approximating probability distributions of loop-free programs that sample from both discrete and continuous distributions with computable probability density functions, including Gaussian and Laplace. We establish that verifying (ε, δ)-differential privacy for these programs is almost decidable, meaning the problem is decidable for all values of δ except those in a finite set. Our verification algorithm is based on computing probabilities to any desired precision by combining integral approximations, and tail probability bounds. The proposed methods are implemented in the tool, DiPApprox, using the FLINT library for high-precision integral computations, and incorporate optimizations to enhance scalability. We validate DiPApprox on fundamental privacy-preserving algorithms, such as Gaussian variants of the Sparse Vector Technique and Noisy Max, demonstrating its effectiveness in both confirming privacy guarantees and detecting violations.
AB - The verification of differential privacy algorithms that employ Gaussian distributions is little understood. This paper tackles the challenge of verifying such programs by introducing a novel approach to approximating probability distributions of loop-free programs that sample from both discrete and continuous distributions with computable probability density functions, including Gaussian and Laplace. We establish that verifying (ε, δ)-differential privacy for these programs is almost decidable, meaning the problem is decidable for all values of δ except those in a finite set. Our verification algorithm is based on computing probabilities to any desired precision by combining integral approximations, and tail probability bounds. The proposed methods are implemented in the tool, DiPApprox, using the FLINT library for high-precision integral computations, and incorporate optimizations to enhance scalability. We validate DiPApprox on fundamental privacy-preserving algorithms, such as Gaussian variants of the Sparse Vector Technique and Noisy Max, demonstrating its effectiveness in both confirming privacy guarantees and detecting violations.
KW - Differential Privacy
KW - Gaussian Distribution
KW - Tail Bounds
KW - Verification
UR - https://www.scopus.com/pages/publications/105023882610
UR - https://www.scopus.com/pages/publications/105023882610#tab=citedBy
U2 - 10.1145/3719027.3765043
DO - 10.1145/3719027.3765043
M3 - Conference contribution
AN - SCOPUS:105023882610
T3 - CCS 2025 - Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security
SP - 1439
EP - 1453
BT - CCS 2025 - Proceedings of the 2025 ACM SIGSAC Conference on Computer and Communications Security
PB - Association for Computing Machinery
T2 - 32nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2025
Y2 - 13 October 2025 through 17 October 2025
ER -