Fixes and cleanups in Accounting libraries,Privacy on Beam and Go DP library.

C++ accounting library:
- Change float-based artifacts to double-based
- Check when composing two PLDs (both pessimistic or both optimistic)

Python accounting library:
- Use vectorized call when exponentiate during computation of delta from epsilon
- Fast computation of delta without convolution

Privacy on Beam:
- Small cleanup changes.
- Refactoring to prepare for adding QuantilesPerKey.

Go DP library:
- Update dependencies
- Simplify BoundedQuantiles algorithm and increase alpha

General updates:
- Update README: new supported algorithms, new reference links

GitOrigin-RevId: c904cb1ba8ce14c61a69bad25f8adabdbe68f27d
Change-Id: I47805ba7b4927d162767510225214935c51f43b5

Author: Differential Privacy Team

README.md

@@ -13,27 +13,34 @@ private statistics over datasets. It contains the following tools.
   make the differential privacy property no longer hold.
 * A [differential privacy accounting library](python/dp_accounting), used for
   tracking privacy budget.
-* A [command line interface](examples/zetasql) for running DP queries with
-  [ZetaSQL](https://github.com/google/zetasql).
+* A [command line interface](examples/zetasql) for running differentially
+  private SQL queries with [ZetaSQL](https://github.com/google/zetasql).
 
 To get started on generating differentially private data, we recomend you follow
 the [Privacy on Beam codelab](https://codelabs.developers.google.com/codelabs/privacy-on-beam/).
 
 Currently, the DP building block libraries support the following algorithms:
 
-| Algorithm          | C++           | Go        |Java      |
-| -------------      |:-------------:|:---------:|:--------:|
-| Count              | Supported     | Supported |Supported |
-| Sum                | Supported     | Supported |Supported |
-| Mean               | Supported     | Supported |Supported |
-| Variance           | Supported     | Planned   |Planned   |
-| Standard deviation | Supported     | Planned   |Planned   |
-| Order statistics (incl. min, max, and median) | Supported   | Planned | Supported |
-| Automatic bounds approximation | Supported   | Planned | Planned |
-
-They also contain [safe implementations](common_docs/Secure_Noise_Generation.pdf)
-of Laplace and Gaussian mechanisms, which can be used to perform computations
-that aren't covered by the algorithms implemented in our libraries.
+| Algorithm                        | C++       | Go        | Java      |
+| :------------------------------- | :-------: | :-------: | :-------: |
+| Laplace mechanism                | Supported | Supported | Supported |
+| Gaussian mechanism               | Supported | Supported | Supported |
+| Count                            | Supported | Supported | Supported |
+| Sum                              | Supported | Supported | Supported |
+| Mean                             | Supported | Supported | Supported |
+| Variance                         | Supported | Planned   | Planned   |
+| Standard deviation               | Supported | Planned   | Planned   |
+| Quantiles                        | Supported | Supported | Supported |
+| Automatic bounds approximation   | Supported | Planned   | Planned   |
+| Truncated geometric thresholding | Supported | Supported | Supported |
+| Laplace thresholding             | Supported | Supported | Supported |
+| Gaussian thresholding            | Planned   | Supported | Supported |
+
+Implementations of the Laplace mechanism and the Gaussian mechanism use [secure
+noise generation].  These mechanisms can be used to perform computations that
+aren't covered by the algorithms implemented in our libraries.
+
+[secure noise generation]: ./common_docs/Secure_Noise_Generation.pdf
 
 The DP building block libraries are suitable for research, experimental or
 production use cases, while the other tools are currently experimental, and
@@ -135,3 +142,11 @@ it helps you to solve.  We have two communication channels:
 Please refrain from sending any personal identifiable information. If you wish
 to delete a message you've previously sent, please contact us.
 
+## Related projects
+
+- [PyDP](https://github.com/OpenMined/PyDP), a Python wrapper of our C++ DP
+  building block library.
+- [OpenDP](https://opendp.org) tools for statistical analysis of sensitive
+  private data.
+- [TensorFlow Privacy](https://github.com/tensorflow/privacy), a library to
+  train machine learning models with differential privacy.

cc/accounting/accountant.cc

@@ -71,9 +71,10 @@ base::StatusOr<double> AdvancedComposition(
     }
   }
 
-  return absl::NotFoundError(absl::StrFormat(
-      "Total delta %f is too small for %d queries each with delta equal to %f.",
-      total_delta, k, delta));
+  return absl::NotFoundError(
+      absl::StrFormat("Total delta %lf is too small for %d queries each with "
+                      "delta equal to %lf.",
+                      total_delta, k, delta));
 }
 }  // namespace accounting
 }  // namespace differential_privacy

cc/accounting/accountant_test.cc

@@ -27,7 +27,7 @@ namespace accounting {
 
 namespace {
 
-constexpr double kMaxError = 1e-1f;
+constexpr double kMaxError = 1e-1;
 using ::testing::Values;
 using ::differential_privacy::base::testing::StatusIs;
 

cc/accounting/common/common.cc

@@ -39,8 +39,8 @@ base::StatusOr<double> InverseMonotoneFunction(
   }
   if (min_value > value) {
     return absl::NotFoundError(absl::StrFormat(
-        "Cannot find x in range (%f, %f) whose value is at most %f.", lower_x,
-        upper_x, value));
+        "Cannot find x in range (%lf, %lf) whose value is at most %lf.",
+        lower_x, upper_x, value));
   }
 
   std::function<bool(const double)> solution_above_current_x;

cc/accounting/common/common.h

@@ -35,11 +35,11 @@ struct EpsilonDelta {
   absl::Status Validate() const {
     if (epsilon < 0) {
       return absl::InvalidArgumentError(
-          absl::StrFormat("epsilon should be positive: %f.", epsilon));
+          absl::StrFormat("epsilon should be positive: %lf.", epsilon));
     }
     if (delta < 0 || delta > 1) {
       return absl::InvalidArgumentError(
-          absl::StrFormat("delta should be between 0 and 1: %f.", delta));
+          absl::StrFormat("delta should be between 0 and 1: %lf.", delta));
     }
     return absl::OkStatus();
   }

cc/accounting/common/common_test.cc

@@ -27,7 +27,7 @@ namespace {
 using ::testing::Values;
 using ::differential_privacy::base::testing::StatusIs;
 
-constexpr double kMaxError = 1e-4f;
+constexpr double kMaxError = 1e-4;
 
 struct EpsilonDeltaParam {
   double epsilon;

cc/accounting/example.cc

@@ -47,7 +47,7 @@ int main(int argc, char **argv) {
 
   PrintF(
       "An algorithm that executes the Laplace Mechansim with parameter"
-      " %.0f for a total of %d times is (%.0f, %.8f)-DP.\n",
+      " %.0lf for a total of %d times is (%.0lf, %.8lf)-DP.\n",
       parameter_laplace, num_laplace, epsilon, delta);
 
   // PLDs for different mechanisms can also be composed. Below is an example in
@@ -69,8 +69,8 @@ int main(int argc, char **argv) {
 
   PrintF(
       "An algorithm that executes the Laplace Mechansim with parameter"
-      " %.0f for a total of %d times and in addition executes once the"
-      " Gaussian Mechanism with STD %.0f is (%.0f, %.8f)-DP.\n",
+      " %.0lf for a total of %d times and in addition executes once the"
+      " Gaussian Mechanism with STD %.0lf is (%.0lf, %.8lf)-DP.\n",
       parameter_laplace, num_laplace, standard_deviation, epsilon, delta);
 
   return EXIT_SUCCESS;

cc/accounting/privacy_loss_distribution.cc

@@ -147,7 +147,7 @@ PrivacyLossDistribution::CreateForRandomizedResponse(
     double discretization_interval) {
   if (noise_parameter <= 0 || noise_parameter >= 1) {
     return absl::InvalidArgumentError(absl::StrFormat(
-        "Noise parameter %f should be strictly between 0 and 1.",
+        "Noise parameter %lf should be strictly between 0 and 1.",
         noise_parameter));
   }
   if (num_buckets <= 1) {
@@ -211,10 +211,15 @@ absl::Status PrivacyLossDistribution::Compose(
   if (other_pld.DiscretizationInterval() != discretization_interval_) {
     return absl::InvalidArgumentError(absl::StrFormat(
         "Cannot compose, discretization intervals are different "
-        "- %f vs %f",
+        "- %lf vs %lf",
         other_pld.DiscretizationInterval(), discretization_interval_));
   }
 
+  if (other_pld.GetEstimateType() != estimate_type_) {
+    return absl::InvalidArgumentError(
+        "Cannot compose, estimate types are different");
+  }
+
   double new_infinity_mass = infinity_mass_ + other_pld.InfinityMass() -
                              infinity_mass_ * other_pld.InfinityMass();
 

cc/accounting/privacy_loss_distribution.h

@@ -158,6 +158,8 @@ class PrivacyLossDistribution {
 
   double DiscretizationInterval() const { return discretization_interval_; }
 
+  EstimateType GetEstimateType() const { return estimate_type_; }
+
   //  The probability mass of mu_upper over all the outcomes that
   //  can occur only in mu_upper but not in mu_lower. (These outcomes result in
   //  privacy loss ln(mu_upper(o) / mu_lower(o)) of infinity.)

cc/accounting/privacy_loss_distribution_test.cc

@@ -29,9 +29,11 @@ class PrivacyLossDistributionTestPeer {
  public:
   static std::unique_ptr<PrivacyLossDistribution> Create(
       const ProbabilityMassFunction& probability_mass_function,
-      double infinity_mass = 0, double discretization_interval = 1e-4f) {
-    return absl::WrapUnique(new PrivacyLossDistribution(
-        discretization_interval, infinity_mass, probability_mass_function));
+      double infinity_mass = 0, double discretization_interval = 1e-4,
+      EstimateType estimate_type = EstimateType::kPessimistic) {
+    return absl::WrapUnique(
+        new PrivacyLossDistribution(discretization_interval, infinity_mass,
+                                    probability_mass_function, estimate_type));
   }
 };
 
@@ -198,7 +200,8 @@ TEST(PrivacyLossDistributionTest, ComposeNumTimes) {
                               FieldsAre(Eq(4), DoubleNear(0.16, kMaxError))));
 }
 
-TEST(PrivacyLossDistributionTest, ComposeError) {
+TEST(PrivacyLossDistributionTest,
+     ComposeErrorDifferentDiscretizationIntervals) {
   ProbabilityMassFunction pmf = {};
   std::unique_ptr<PrivacyLossDistribution> pld =
       PrivacyLossDistributionTestPeer::Create(pmf, 0.3, 1e-4);
@@ -212,6 +215,23 @@ TEST(PrivacyLossDistributionTest, ComposeError) {
                                  "are different - 0.000200 vs 0.000100")));
 }
 
+TEST(PrivacyLossDistributionTest, ComposeErrorDifferentEstimateTypes) {
+  ProbabilityMassFunction pmf;
+  std::unique_ptr<PrivacyLossDistribution> pld =
+      PrivacyLossDistributionTestPeer::Create(
+          pmf, /*infinity_mass=*/0.3, /*discretization_interval=*/1e-4,
+          /*estimate_type=*/EstimateType::kPessimistic);
+
+  std::unique_ptr<PrivacyLossDistribution> pld_other =
+      PrivacyLossDistributionTestPeer::Create(
+          pmf, /*infinity_mass=*/0.3, /*discretization_interval=*/1e-4,
+          /*estimate_type=*/EstimateType::kOptimistic);
+
+  EXPECT_THAT(pld->Compose(*pld_other),
+              StatusIs(absl::StatusCode::kInvalidArgument,
+                       Eq("Cannot compose, estimate types are different")));
+}
+
 struct GetEpsilonFromDeltaParam {
   double discretization_interval;
   double infinity_mass;