Related papers: High-Throughput and Scalable Secure Inference Protocols for Deep Learning with Packed Secret Sharing

High-Throughput and Scalable Secure Inference Protocols for Deep Learning with Packed Secret Sharing

URL: http://arxiv.org/abs/2601.13041v1
Date: Mon, 19 Jan 2026 13:23:13 GMT
Title: High-Throughput and Scalable Secure Inference Protocols for Deep Learning with Packed Secret Sharing
Authors: Qinghui Zhang, Xiaojun Chen, Yansong Zhang, Xudong Chen,
Abstract summary: Most existing secure neural network inference protocols based on secure multi-party computation (MPC) typically support at most four participants.<n>MPC protocols incur substantial communication overhead, resulting in particularly significant latency in wide-area network (WAN) environments.<n>We propose a high- throughput and scalable MPC protocol for neural network inference against semi-honest adversaries.
Score: 9.465540887972102
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: Most existing secure neural network inference protocols based on secure multi-party computation (MPC) typically support at most four participants, demonstrating severely limited scalability. Liu et al. (USENIX Security'24) presented the first relatively practical approach by utilizing Shamir secret sharing with Mersenne prime fields. However, when processing deeper neural networks such as VGG16, their protocols incur substantial communication overhead, resulting in particularly significant latency in wide-area network (WAN) environments. In this paper, we propose a high-throughput and scalable MPC protocol for neural network inference against semi-honest adversaries in the honest-majority setting. The core of our approach lies in leveraging packed Shamir secret sharing (PSS) to enable parallel computation and reduce communication complexity. The main contributions are three-fold: i) We present a communication-efficient protocol for vector-matrix multiplication, based on our newly defined notion of vector-matrix multiplication-friendly random share tuples. ii) We design the filter packing approach that enables parallel convolution. iii) We further extend all non-linear protocols based on Shamir secret sharing to the PSS-based protocols for achieving parallel non-linear operations. Extensive experiments across various datasets and neural networks demonstrate the superiority of our approach in WAN. Compared to Liu et al. (USENIX Security'24), our scheme reduces the communication upto 5.85x, 11.17x, and 6.83x in offline, online and total communication overhead, respectively. In addition, our scheme is upto 1.59x, 2.61x, and 1.75x faster in offline, online and total running time, respectively.

Related papers

LRD-MPC: Efficient MPC Inference through Low-rank Decomposition [11.1852308328843]
Secure Multi-party Computation enables untrusted parties to jointly compute a function without revealing their inputs.<n>Deep neural networks rely heavily on convolutional and fully connected layers, which require costly matrix multiplications in MPC.<n>We propose leveraging low-rank decomposition (LRD) for linear layers, replacing one large matrix multiplication with two smaller ones.
arXiv Detail & Related papers (2026-02-16T02:11:38Z)
ECLipsE-Gen-Local: Efficient Compositional Local Lipschitz Estimates for Deep Neural Networks [4.752559512511423]
Lipschitz constant is a key measure for certifying the robustness of neural networks to input perturbations.<n>Standard approaches to estimate the Lipschitz constant involve solving a large matrix semidefinite program (SDP) that scales poorly with network size.<n>We propose a compositional framework that yields tight yet scalable Lipschitz estimates for deep feedforward neural networks.
arXiv Detail & Related papers (2025-10-06T18:26:46Z)
Fundamental Limits of Hierarchical Secure Aggregation with Cyclic User Association [93.46811590752814]
Hierarchical secure aggregation is motivated by federated learning (FL)<n>In this paper, we consider HSA with a cyclic association pattern where each user is connected to $B$ consecutive relays.<n>We propose an efficient aggregation scheme which includes a message design for the inputs inspired by gradient coding.
arXiv Detail & Related papers (2025-03-06T15:53:37Z)
Multi-view Multi-label Anomaly Network Traffic Classification based on MLP-Mixer Neural Network [55.21501819988941]
Existing network traffic classification based on convolutional neural networks (CNNs) often emphasizes local patterns of traffic data while ignoring global information associations. We propose an end-to-end network traffic classification method.
arXiv Detail & Related papers (2022-10-30T01:52:05Z)
Over-the-Air Split Machine Learning in Wireless MIMO Networks [56.27831295707334]
In split machine learning (ML), different partitions of a neural network (NN) are executed by different computing nodes. To ease communication burden, over-the-air computation (OAC) can efficiently implement all or part of the computation at the same time of communication.
arXiv Detail & Related papers (2022-10-07T15:39:11Z)
Lightweight and Progressively-Scalable Networks for Semantic Segmentation [100.63114424262234]
Multi-scale learning frameworks have been regarded as a capable class of models to boost semantic segmentation. In this paper, we thoroughly analyze the design of convolutional blocks and the ways of interactions across multiple scales. We devise Lightweight and Progressively-Scalable Networks (LPS-Net) that novelly expands the network complexity in a greedy manner.
arXiv Detail & Related papers (2022-07-27T16:00:28Z)
Receptive Field-based Segmentation for Distributed CNN Inference Acceleration in Collaborative Edge Computing [93.67044879636093]
We study inference acceleration using distributed convolutional neural networks (CNNs) in collaborative edge computing network. We propose a novel collaborative edge computing using fused-layer parallelization to partition a CNN model into multiple blocks of convolutional layers.
arXiv Detail & Related papers (2022-07-22T18:38:11Z)
High-Throughput Secure Multiparty Computation with an Honest Majority in Various Network Settings [16.242352823823218]
We present novel protocols over rings for secure three-party computation (3PC) and malicious four-party computation (4PC) with one corruption. Our protocols tolerate multiple arbitrarily weak network links between parties without any substantial decrease in performance. They significantly reduce computational complexity by requiring up to half the number of basic instructions per gate compared to related work.
arXiv Detail & Related papers (2022-06-08T09:46:37Z)
An Adaptive Device-Edge Co-Inference Framework Based on Soft Actor-Critic [72.35307086274912]
High-dimension parameter model and large-scale mathematical calculation restrict execution efficiency, especially for Internet of Things (IoT) devices. We propose a new Deep Reinforcement Learning (DRL)-Soft Actor Critic for discrete (SAC-d), which generates the emphexit point, emphexit point, and emphcompressing bits by soft policy iterations. Based on the latency and accuracy aware reward design, such an computation can well adapt to the complex environment like dynamic wireless channel and arbitrary processing, and is capable of supporting the 5G URL
arXiv Detail & Related papers (2022-01-09T09:31:50Z)
Adam in Private: Secure and Fast Training of Deep Neural Networks with Adaptive Moment Estimation [6.342794803074475]
We propose a framework that allows efficient evaluation of full-fledged state-of-the-art machine learning algorithms. This is in contrast to most prior works, which substitute ML algorithms with approximated "MPC-friendly" variants. We obtain secure training that outperforms state-of-the-art three-party systems.
arXiv Detail & Related papers (2021-06-04T01:40:09Z)
LCP: A Low-Communication Parallelization Method for Fast Neural Network Inference in Image Recognition [33.581285906182075]
We propose a low-communication parallelization (LCP) method in which models consist of several almost-independent and narrow branches. We deploy LCP models on three distributed systems: AWS instances, Raspberry Pis, and PYNQ boards. LCP models achieve a maximum and average speedups of 56x and 7x, compared to the originals, which could be improved by up to an average speedup of 33x.
arXiv Detail & Related papers (2020-03-13T19:52:44Z)

This list is automatically generated from the titles and abstracts of the papers in this site.