CrypTFlow: Secure TensorFlow Inference

09/16/2019
by   Nishant Kumar, et al.
0

We present CrypTFlow, a first of its kind system that converts TensorFlow inference code into Secure Multi-party Computation (MPC) protocols at the push of a button. To do this, we build three components. Our first component, Athos, is an end-to-end compiler from TensorFlow to a variety of semi-honest MPC protocols. The second component, Porthos, is an improved semi-honest 3-party protocol that provides significant speedups for Tensorflow like applications. Finally, to provide malicious secure MPC protocols, our third component, Aramis, is a novel technique that uses hardware with integrity guarantees to convert any semi-honest MPC protocol into an MPC protocol that provides malicious security. The security of the protocols output by Aramis relies on hardware for integrity and MPC for confidentiality. Moreover, our system, through the use of a new float-to-fixed compiler, matches the inference accuracy over the plaintext floating-point counterparts of these networks. We experimentally demonstrate the power of our system by showing the secure inference of real-world neural networks such as ResNet50, DenseNet121, and SqueezeNet over the ImageNet dataset with running times of about 30 seconds for semi-honest security and under two minutes for malicious security. Prior work in the area of secure inference (SecureML, MiniONN, HyCC, ABY3, CHET, EzPC, Gazelle, and SecureNN) has been limited to semi-honest security of toy networks with 3–4 layers over tiny datasets such as MNIST or CIFAR which have 10 classes. In contrast, our largest network has 200 layers, 65 million parameters and over 1000 ImageNet classes. Even on MNIST/CIFAR, CrypTFlow outperforms prior work.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
12/09/2020

Secure Medical Image Analysis with CrypTFlow

We present CRYPTFLOW, a system that converts TensorFlow inference code i...
research
10/28/2019

Secure Evaluation of Quantized Neural Networks

Image classification using Deep Neural Networks that preserve the privac...
research
10/18/2022

STAMP: Lightweight TEE-Assisted MPC for Efficient Privacy-Preserving Machine Learning

In this paper, we propose STAMP, an end-to-end 3-party MPC protocol for ...
research
07/01/2021

Secure Quantized Training for Deep Learning

We have implemented training of neural networks in secure multi-party co...
research
10/13/2020

CrypTFlow2: Practical 2-Party Secure Inference

We present CrypTFlow2, a cryptographic framework for secure inference ov...
research
09/15/2021

MPC-Friendly Commitments for Publicly Verifiable Covert Security

We address the problem of efficiently verifying a commitment in a two-pa...
research
10/27/2022

Partially Oblivious Neural Network Inference

Oblivious inference is the task of outsourcing a ML model, like neural-n...

Please sign up or login with your details

Forgot password? Click here to reset