The standard definition of differential privacy (DP) ensures that a mechanism's output distribution on adjacent datasets is indistinguishable. However, real-world implementations of DP can, and often do, reveal information through their runtime distributions, making them susceptible to timing attacks. In this work, we establish a general framework for ensuring differential privacy in the presence of timing side channels. We define a new notion of timing privacy, which captures programs that remain differentially private to an adversary that observes the program's runtime in addition to the output. Our framework enables chaining together component programs that are timing-stable followed by a random delay to obtain DP programs that achieve timing privacy. Importantly, our definitions allow for measuring timing privacy and output privacy using different privacy measures. We illustrate how to instantiate our framework by giving programs for standard DP computations in the RAM and Word RAM models of computation. Furthermore, we show how our framework can be realized in code through a natural extension of the OpenDP Programming Framework.
翻译:差分隐私(DP)的标准定义确保机制在相邻数据集上的输出分布不可区分。然而,差分隐私的实际实现可能且常常会通过其运行时间分布泄露信息,使其容易受到时序攻击。在本工作中,我们建立了一个通用框架,用于在存在时序侧信道的情况下确保差分隐私。我们定义了一种新的时序隐私概念,该概念捕获了在攻击者除了观察程序输出外还能观察程序运行时间的情况下仍保持差分隐私的程序。我们的框架允许将时序稳定的组件程序与随机延迟链接起来,以获得实现时序隐私的差分隐私程序。重要的是,我们的定义允许使用不同的隐私度量来衡量时序隐私和输出隐私。我们通过给出在RAM和Word RAM计算模型中进行标准差分隐私计算的程序,来说明如何实例化我们的框架。此外,我们还展示了如何通过自然扩展OpenDP编程框架在代码中实现我们的框架。