Governments and industries have widely adopted differential privacy as a measure to protect users' sensitive data, creating the need for new implementations of differentially private algorithms. In order to properly test and audit these algorithms, a suite of tools for testing the property of differential privacy is needed. In this work we expand this testing suite and introduce R\'enyiTester, an algorithm that can verify if a mechanism is R\'enyi differentially private. Our algorithm computes computes a lower bound of the R\'enyi divergence between the distributions of a mechanism on neighboring datasets, only requiring black-box access to samples from the audited mechanism. We test this approach on a variety of pure and R\'enyi differentially private mechanisms with diverse output spaces and show that R\'enyiTester detects bugs in mechanisms' implementations and design flaws. While detecting that a general mechanism is differentially private is known to be NP hard, we empirically show that tools like R\'enyiTester provide a way for researchers and engineers to decrease the risk of deploying mechanisms that expose users' privacy.

翻译：政府和工业界已广泛采用差分隐私作为保护用户敏感数据的措施，这催生了对新型差分隐私算法实现的需求。为正确测试和审计这些算法，需要一套用于验证差分隐私属性的工具。本研究扩展了该测试工具集，提出了RényiTester算法，该算法能够验证机制是否满足Rényi差分隐私。我们的算法通过仅需黑盒访问被审计机制的样本，计算该机制在相邻数据集上分布之间的Rényi散度下界。我们在一系列具有多样输出空间的纯差分隐私和Rényi差分隐私机制上测试了该方法，结果表明RényiTester能够检测机制实现中的缺陷和设计漏洞。尽管验证一般机制是否满足差分隐私已知为NP难问题，但我们的实证研究表明，RényiTester这类工具为研究人员和工程师提供了一种降低部署可能泄露用户隐私机制风险的方法。