Trustworthy Systems

Proving that programs are differentially private


Annabelle McIver and Carroll Morgan

    School of Computer Science and Engineering
    Sydney 2052, Australia


We extend recent work in Quantitative Information Flow (QIF) to provide tools for the analysis of programs that aim to implement differentially private mechanisms. We demonstrate how differential privacy can be expressed using loss functions, and how to use this idea in conjunction with a QIF-enabled program semantics to verify differentially private guarantees. Finally we describe how to use this approach experimentally using Kuifje, a recently developed tool for analysing information-flow properties of programs.

BibTeX Entry

    paperurl         = {},
    isbn             = {978-3-030-34175-6},
    publisher        = {Springer International Publishing},
    editor           = {Lin, Anthony Widjaja},
    author           = {McIver, Annabelle and Morgan, Carroll},
    year             = {2019},
    pages            = {3--18},
    booktitle        = {Programming Languages and Systems},
    title            = {Proving that Programs Are Differentially Private}