Related papers: Bicoptor 2.0: Addressing Challenges in Probabilistic Truncation for Enhanced Privacy-Preserving Machine Learning

Bicoptor 2.0: Addressing Challenges in Probabilistic Truncation for Enhanced Privacy-Preserving Machine Learning

URL: http://arxiv.org/abs/2309.04909v2
Date: Wed, 6 Mar 2024 13:34:59 GMT
Title: Bicoptor 2.0: Addressing Challenges in Probabilistic Truncation for Enhanced Privacy-Preserving Machine Learning
Authors: Lijing Zhou, Qingrui Song, Su Zhang, Ziyu Wang, Xianggui Wang, Yong Li,
Abstract summary: This paper focuses on analyzing the problems and proposing solutions for the probabilistic truncation protocol in existing PPML works. In terms of accuracy, we reveal that precision selections recommended in some of the existing works are incorrect. We propose a solution and a precision selection guideline for future works.
Score: 6.733212399517445
License: http://creativecommons.org/licenses/by-nc-nd/4.0/
Abstract: This paper primarily focuses on analyzing the problems and proposing solutions for the probabilistic truncation protocol in existing PPML works from the perspectives of accuracy and efficiency. In terms of accuracy, we reveal that precision selections recommended in some of the existing works are incorrect. We conduct a thorough analysis of their open-source code and find that their errors were mainly due to simplified implementation, more specifically, fixed numbers are used instead of random numbers in probabilistic truncation protocols. Based on this, we provide a detailed theoretical analysis to validate our views. We propose a solution and a precision selection guideline for future works. Regarding efficiency, we identify limitations in the state-of-the-art comparison protocol, Bicoptor's (S\&P 2023) DReLU protocol, which relies on the probabilistic truncation protocol and is heavily constrained by the security parameter to avoid errors, significantly impacting the protocol's performance. To address these challenges, we introduce the first non-interactive deterministic truncation protocol, replacing the original probabilistic truncation protocol. Additionally, we design a non-interactive modulo switch protocol to enhance the protocol's security. Finally, we provide a guideline to reduce computational and communication overhead by using only a portion of the bits of the input, i.e., the key bits, for DReLU operations based on different model parameters. With the help of key bits, the performance of our DReLU protocol is further improved. We evaluate the performance of our protocols on three GPU servers, and achieve a 10x improvement in DReLU protocol, and a 6x improvement in the ReLU protocol over the state-of-the-art work Piranha-Falcon (USENIX Sec 22). Overall, the performance of our end-to-end (E2E) privacy-preserving machine learning (PPML) inference is improved by 3-4 times.

Related papers

Improving Encrypted Transport Protocol Designs: Deep Dive on the QUIC Case [0.65268245109828]
We call the methodology "Reverso" from reversing the order of field elements within a protocol specification. We release quiceh, a QUIC implementation of QUIC VReverso, an extension of the QUIC V1 standard.
arXiv Detail & Related papers (2024-09-11T09:37:29Z)
Making Existing Quantum Position Verification Protocols Secure Against Arbitrary Transmission Loss [0.889974344676093]
In quantum position verification (QPV) protocols, even relatively small loss rates can compromise security. We modify the usual structure of QPV protocols and prove that this modification makes the potentially high transmission loss between the verifiers security-irrelevant. We show possible implementations of the required photon presence detection, making c-$mathrmQPV_mathrmBB84f$ a protocol that solves all major practical issues in QPV.
arXiv Detail & Related papers (2023-12-19T21:38:10Z)
Single-qubit loss-tolerant quantum position verification protocol secure against entangled attackers [0.0]
We study the exact loss-tolerance of the most popular protocol for QPV, which is based on BB84 states. We show how these results transfer to the variant protocol which combines $n$ bits of classical information with a single qubit.
arXiv Detail & Related papers (2022-12-07T14:39:56Z)
Bicoptor: Two-round Secure Three-party Non-linear Computation without Preprocessing for Privacy-preserving Machine Learning [5.774912335678817]
This work introduces a family of novel secure three-party protocols, Bicoptor, which improve the efficiency of evaluating non-linear functions. Our 3PC sign determination protocol only requires two communication rounds, and does not involve any preprocessing. We evaluate Bicoptor under a 3-party LAN network over a public cloud, and achieve more than 370,000 DReLU/ReLU or 41,000 Maxpool operations per second.
arXiv Detail & Related papers (2022-10-05T02:33:53Z)
Byzantine-Robust Federated Learning with Optimal Statistical Rates and Privacy Guarantees [123.0401978870009]
We propose Byzantine-robust federated learning protocols with nearly optimal statistical rates. We benchmark against competing protocols and show the empirical superiority of the proposed protocols. Our protocols with bucketing can be naturally combined with privacy-guaranteeing procedures to introduce security against a semi-honest server.
arXiv Detail & Related papers (2022-05-24T04:03:07Z)
Data post-processing for the one-way heterodyne protocol under composable finite-size security [62.997667081978825]
We study the performance of a practical continuous-variable (CV) quantum key distribution protocol. We focus on the Gaussian-modulated coherent-state protocol with heterodyne detection in a high signal-to-noise ratio regime. This allows us to study the performance for practical implementations of the protocol and optimize the parameters connected to the steps above.
arXiv Detail & Related papers (2022-05-20T12:37:09Z)
Error-based Knockoffs Inference for Controlled Feature Selection [49.99321384855201]
We propose an error-based knockoff inference method by integrating the knockoff features, the error-based feature importance statistics, and the stepdown procedure together. The proposed inference procedure does not require specifying a regression model and can handle feature selection with theoretical guarantees.
arXiv Detail & Related papers (2022-03-09T01:55:59Z)
Selective Network Linearization for Efficient Private Inference [49.937470642033155]
We propose a gradient-based algorithm that selectively linearizes ReLUs while maintaining prediction accuracy. The results demonstrate up to $4.25%$ more accuracy (iso-ReLU count at 50K) or $2.2times$ less latency (iso-accuracy at 70%) than the current state of the art.
arXiv Detail & Related papers (2022-02-04T19:00:24Z)
Fault-tolerant parity readout on a shuttling-based trapped-ion quantum computer [64.47265213752996]
We experimentally demonstrate a fault-tolerant weight-4 parity check measurement scheme. We achieve a flag-conditioned parity measurement single-shot fidelity of 93.2(2)%. The scheme is an essential building block in a broad class of stabilizer quantum error correction protocols.
arXiv Detail & Related papers (2021-07-13T20:08:04Z)
Round-robin differential phase-time-shifting protocol for quantum key distribution: theory and experiment [58.03659958248968]
Quantum key distribution (QKD) allows the establishment of common cryptographic keys among distant parties. Recently, a QKD protocol that circumvents the need for monitoring signal disturbance, has been proposed and demonstrated in initial experiments. We derive the security proofs of the round-robin differential phase-time-shifting protocol in the collective attack scenario. Our results show that the RRDPTS protocol can achieve higher secret key rate in comparison with the RRDPS, in the condition of high quantum bit error rate.
arXiv Detail & Related papers (2021-03-15T15:20:09Z)
Optimizing the Decoy-State BB84 QKD Protocol Parameters [3.6954802719347413]
The performance of a QKD implementation is determined by the tightness of the underlying security analysis. It is known that optimal protocol parameters, such as the number of decoy states and their intensities, can be found by solving a nonlinear optimization problem. We show an improved performance for the Decoy-State BB84 QKD protocol, demonstrating that the assumptions typically made are too restrictive.
arXiv Detail & Related papers (2020-06-29T12:06:16Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.