Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

SIMD-PAC-DB: Pretty Performant PAC Privacy

Ilaria Battiston, Dandan Yuan, Xiaochen Zhu, Peter Boncz

Abstract

This work presents a highly optimized implementation of PAC-DB, a recent and promising database privacy model. We prove that our SIMD-PAC-DB can compute the same privatized answer with just a single query, instead of the 128 stochastic executions against different 50% database sub-samples needed by the original PAC-DB. Our key insight is that every bit of a hashed primary key can be seen to represent membership of such a sub-sample. We present new algorithms for approximate computation of stochastic aggregates based on these hashes, which, thanks to their SIMD-friendliness, run up to 40x faster than scalar equivalents. We release an open-source DuckDB community extension which includes a rewriter that PAC-privatizes arbitrary SQL queries. Our experiments on TPC-H, Clickbench, and SQLStorm evaluate thousands of queries in terms of performance and utility, significantly advancing the ease of use and functionality of privacy-aware data systems in practice.

SIMD-PAC-DB: Pretty Performant PAC Privacy

Abstract

This work presents a highly optimized implementation of PAC-DB, a recent and promising database privacy model. We prove that our SIMD-PAC-DB can compute the same privatized answer with just a single query, instead of the 128 stochastic executions against different 50% database sub-samples needed by the original PAC-DB. Our key insight is that every bit of a hashed primary key can be seen to represent membership of such a sub-sample. We present new algorithms for approximate computation of stochastic aggregates based on these hashes, which, thanks to their SIMD-friendliness, run up to 40x faster than scalar equivalents. We release an open-source DuckDB community extension which includes a rewriter that PAC-privatizes arbitrary SQL queries. Our experiments on TPC-H, Clickbench, and SQLStorm evaluate thousands of queries in terms of performance and utility, significantly advancing the ease of use and functionality of privacy-aware data systems in practice.
Paper Structure (16 sections, 2 theorems, 26 equations, 10 figures, 1 table, 1 algorithm)

This paper contains 16 sections, 2 theorems, 26 equations, 10 figures, 1 table, 1 algorithm.

Table of Contents

  1. Introduction
  2. From PAC-DB to SIMD-PAC-DB
  3. DuckDB-PAC Extension
  4. PAC Parser
  5. PAC Rewriter
  6. SIMD-PAC-DB Semantics
  7. PAC-Private Databases
  8. SIMD-PAC-DB Compiler
  9. SIMD-optimized PAC Aggregates
  10. Evaluation
  11. Aggregation Optimizations (RQ1)
  12. Performance Impact (RQ2)
  13. Quality (RQ3)
  14. Coverage (RQ4)
  15. Related Work
  16. ...and 1 more sections

Key Result

theorem 1

For any inference attack and an informed adversary $A$, let $1-\delta_0$ denote the prior success rate and $1-\delta_A$ denote the posterior success rate after observing $\mathsf{Output}_{\mathrm{PAC-DB}}(\mathbb{I}, Q)$. The adversary's posterior advantage is strictly bounded by:

Figures (10)

  • Figure 1: Our SIMD-friendly PAC (light green) incurs limited overhead compared to default DuckDB (TPC-H SF30, Macbook M2 Pro), making it much more usable than PAC-DB (light blue). Slowdowns mostly stem from unavoidable extra joins (dark green) -- aggregation-heavy Q01 being the only exception. PAC rejects Q10 and 18, which release customer data. Q02, 03, 16 are also not shown, as PAC is a no-op there.
  • Figure 2: godbolt.org screenshots of PacCountUpdateSWAR() (top), that updates 64-bits probabilistic_total8, which consists of 8x "virtual" 8-bits lanes. It uses one AND that masks 8 bits and the ADD adds these (0 or 1)s to 8x 8-bits numbers inside the 64-bits integer. The loop was reduced to 8 iterations (down from 64) because of this SWAR (SIMD Inside a Register). Auto-vectorization makes the loop disappear: SIMD+SWAR. Five AVX512 instructions update 64 counters!
  • Figure 3: PAC Count optimization impact on Intel (Granite Rapids), 1G rows, scattered groups. Cascading 8-bit into 64-bit counters enables SIMD improvements over the Naïve approach. Buffering adds little overhead, but reduces RAM footprint with many groups --- the others OOM at 10M.
  • Figure 4: PAC Sum optimization impact on Macbook, 1G rows, scattered groups. The Approximate sum with 25 lazy counter levels is faster than the Cascading SUM, because it only operates in thin 16-bit SIMD lanes. Buffering adds little overhead but prevents OOM in case of many groups (10M).
  • Figure 5: PAC MAX optimization impact on Graviton4, 1G rows, ungrouped. Bound pruning (green) improves pac_max() performance $3\times$ on random data (white) and within only $1.4\times$ of standard DuckDB MAX (grey). On monotonically increasing data, all variants converge.
  • ...and 5 more figures

Theorems & Definitions (2)

  • theorem 1
  • theorem 2: Equivalence of PAC-DB and SIMD-PAC-DB