Accelerating 2PC-based ML with Limited Trusted Hardware
- URL: http://arxiv.org/abs/2009.05566v1
- Date: Fri, 11 Sep 2020 17:53:13 GMT
- Title: Accelerating 2PC-based ML with Limited Trusted Hardware
- Authors: Muqsit Nawaz, Aditya Gulati, Kunlong Liu, Vishwajeet Agrawal,
Prabhanjan Ananth and Trinabh Gupta
- Abstract summary: Otak is a system that allows two non-colluding cloud providers to run machine learning (ML) inference without knowing the inputs to inference.
Otak improves efficiency via a new 2PC protocol that tailors recent primitives such as function and homomorphic secret sharing to ML inference.
- Score: 7.080903507706396
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: This paper describes the design, implementation, and evaluation of Otak, a
system that allows two non-colluding cloud providers to run machine learning
(ML) inference without knowing the inputs to inference. Prior work for this
problem mostly relies on advanced cryptography such as two-party secure
computation (2PC) protocols that provide rigorous guarantees but suffer from
high resource overhead. Otak improves efficiency via a new 2PC protocol that
(i) tailors recent primitives such as function and homomorphic secret sharing
to ML inference, and (ii) uses trusted hardware in a limited capacity to
bootstrap the protocol. At the same time, Otak reduces trust assumptions on
trusted hardware by running a small code inside the hardware, restricting its
use to a preprocessing step, and distributing trust over heterogeneous trusted
hardware platforms from different vendors. An implementation and evaluation of
Otak demonstrates that its CPU and network overhead converted to a dollar
amount is 5.4$-$385$\times$ lower than state-of-the-art 2PC-based works.
Besides, Otak's trusted computing base (code inside trusted hardware) is only
1,300 lines of code, which is 14.6$-$29.2$\times$ lower than the code-size in
prior trusted hardware-based works.
Related papers
- Decompiling Smart Contracts with a Large Language Model [51.49197239479266]
Despite Etherscan's 78,047,845 smart contracts deployed on (as of May 26, 2025), a mere 767,520 ( 1%) are open source.<n>This opacity necessitates the automated semantic analysis of on-chain smart contract bytecode.<n>We introduce a pioneering decompilation pipeline that transforms bytecode into human-readable and semantically faithful Solidity code.
arXiv Detail & Related papers (2025-06-24T13:42:59Z) - A distillation-teleportation protocol for fault-tolerant QRAM [95.99192129224721]
We present a protocol for fault-tolerantly implementing the logical quantum random access memory (QRAM) operation.<n>For coherently accessing classical memories of size $2n$, our protocol consumes only $mathrmpoly(n)$ fault-tolerant quantum resources.
arXiv Detail & Related papers (2025-05-26T17:42:56Z) - Teaching an Old Dog New Tricks: Verifiable FHE Using Commodity Hardware [4.8964380125993685]
Argos is a simple approach for adding verifiability to fully homomorphic encryption schemes using trusted hardware.
Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward.
arXiv Detail & Related papers (2024-12-04T18:47:11Z) - Bit-flipping Decoder Failure Rate Estimation for (v,w)-regular Codes [84.0257274213152]
We propose a new technique to provide accurate estimates of the DFR of a two-iterations (parallel) bit flipping decoder.
We validate our results, providing comparisons of the modeled and simulated weight of the syndrome, incorrectly-guessed error bit distribution at the end of the first iteration, and two-itcrypteration Decoding Failure Rates (DFR)
arXiv Detail & Related papers (2024-01-30T11:40:24Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - SyzTrust: State-aware Fuzzing on Trusted OS Designed for IoT Devices [67.65883495888258]
We present SyzTrust, the first state-aware fuzzing framework for vetting the security of resource-limited Trusted OSes.
SyzTrust adopts a hardware-assisted framework to enable fuzzing Trusted OSes directly on IoT devices.
We evaluate SyzTrust on Trusted OSes from three major vendors: Samsung, Tsinglink Cloud, and Ali Cloud.
arXiv Detail & Related papers (2023-09-26T08:11:38Z) - Secure and Efficient Two-party Quantum Scalar Product Protocol With
Application to Privacy-preserving Matrix Multiplication [2.770988618353868]
Two-party quantum scalar product (S2SP) is a promising research area within secure multiparty computation (SMC)
Existing quantum S2SP protocols are not efficient enough, and the complexity is usually close to exponential level.
In this paper, a novel secure two-party quantum scalar product (S2QSP) protocol based on Fourier states is proposed to achieve higher efficiency.
arXiv Detail & Related papers (2023-09-23T14:33:46Z) - Efficient Privacy-Preserving Machine Learning with Lightweight Trusted Hardware [20.21755520998494]
This paper proposes a new secure machine learning inference platform assisted by a small dedicated security processor.
We achieve significant performance improvements compared to state-of-the-art distributed Privacy-Preserving Machine Learning (PPML) protocols.
Our technique is not limited by the size of secure memory in a TEE and can support high-capacity modern neural networks like ResNet18 and Transformer.
arXiv Detail & Related papers (2022-10-18T20:06:06Z) - Bicoptor: Two-round Secure Three-party Non-linear Computation without Preprocessing for Privacy-preserving Machine Learning [5.774912335678817]
This work introduces a family of novel secure three-party protocols, Bicoptor, which improve the efficiency of evaluating non-linear functions.
Our 3PC sign determination protocol only requires two communication rounds, and does not involve any preprocessing.
We evaluate Bicoptor under a 3-party LAN network over a public cloud, and achieve more than 370,000 DReLU/ReLU or 41,000 Maxpool operations per second.
arXiv Detail & Related papers (2022-10-05T02:33:53Z) - PolyMPCNet: Towards ReLU-free Neural Architecture Search in Two-party
Computation Based Private Inference [23.795457990555878]
Secure multi-party computation (MPC) has been discussed, to enable the privacy-preserving deep learning (DL) computation.
MPCs often come at very high computation overhead, and potentially prohibit their popularity in large scale systems.
In this work, we develop a systematic framework, PolyMPCNet, of joint overhead reduction of MPC comparison protocol and hardware acceleration.
arXiv Detail & Related papers (2022-09-20T02:47:37Z) - THE-X: Privacy-Preserving Transformer Inference with Homomorphic
Encryption [112.02441503951297]
Privacy-preserving inference of transformer models is on the demand of cloud service users.
We introduce $textitTHE-X$, an approximation approach for transformers, which enables privacy-preserving inference of pre-trained models.
arXiv Detail & Related papers (2022-06-01T03:49:18Z) - Quantum copy-protection of compute-and-compare programs in the quantum random oracle model [48.94443749859216]
We introduce a quantum copy-protection scheme for a class of evasive functions known as " compute-and-compare programs"
We prove that our scheme achieves non-trivial security against fully malicious adversaries in the quantum random oracle model (QROM)
As a complementary result, we show that the same scheme fulfils a weaker notion of software protection, called "secure software leasing"
arXiv Detail & Related papers (2020-09-29T08:41:53Z) - Security Limitations of Classical-Client Delegated Quantum Computing [54.28005879611532]
A client remotely prepares a quantum state using a classical channel.
Privacy loss incurred by employing $RSP_CC$ as a sub-module is unclear.
We show that a specific $RSP_CC$ protocol can replace the quantum channel at least in some contexts.
arXiv Detail & Related papers (2020-07-03T13:15:13Z) - SWIFT: Super-fast and Robust Privacy-Preserving Machine Learning [16.17280000789628]
We propose SWIFT, a robust framework for a range of ML algorithms in SOC setting.
SWIFT guarantees output delivery to the users irrespective of any adversarial behaviour.
We demonstrate our framework's practical relevance by benchmarking popular ML algorithms.
arXiv Detail & Related papers (2020-05-20T18:20:23Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.