CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU

Tan, Sijun; Knott, Brian; Tian, Yuan; Wu, David J.

doi:10.48550/arxiv.2104.10949

Cited by 4 publications

(5 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Therefore, as one of the major components, we assume the existence of an underlying secure outsourced database scheme. Typically, secure outsourced databases can be implemented according to different architectural settings, such as the models utilizing server-aided MPC [6,7,47,64,79], homomorphic encryption [22], symmetric searchable encryption [3,9,20,26,35,48,78] or trusted hardware [32,70,81,89]. For the ease of demonstration, we focus exclusively on the outsourced databases built upon the server-aided MPC model, where a set of data owners secretly share their data to two untrusted but non-colluding servers S 0 and S 1 .…”

Section: Framework Componentsmentioning

confidence: 99%

“…There have been a series of efforts under the literature of secure outsourcing databases. Existing solutions utilize bucketization [40][41][42], predicate encryption [59,75], property and order preserving encryption [2,9,12,13,66,68,69], symmetric searchable encryption (SSE) [3,11,20,26,35,45,46,48,50,67,78], functional encryption [15,74], oblivious RAM [6,24,28,43,65,89], multi-party secure computation (MPC) [6,7,14,79], trusted execution environments (TEE) [32,70,81,87] and homomorphic encryption [16,22,34,72]. These designs differ in the types of supported queries and the provided security guarantees.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

IncShrink: Architecting Efficient Outsourced Databases using Incremental MPC and Differential Privacy

Wang¹,

Bater²,

Nayak³

et al. 2022

Preprint

View full text Add to dashboard Cite

In this paper, we consider secure outsourced growing databases that support view-based query answering. These databases allow untrusted servers to privately maintain a materialized view, such that they can use only the materialized view to process query requests instead of accessing the original data from which the view was derived. To tackle this, we devise a novel view-based secure outsourced growing database framework, IncShrink. The key features of this solution are: (i) IncShrink maintains the view using incremental MPC operators which eliminates the need for a trusted third party upfront, and (ii) to ensure high performance, IncShrink guarantees that the leakage satisfies DP in the presence of updates. To the best of our knowledge, there are no existing systems that have these properties. We demonstrate IncShrink's practical feasibility in terms of efficiency and accuracy with extensive empirical evaluations on real-world datasets and the TPC-ds benchmark. The evaluation results show that IncShrink provides a 3-way trade-off in terms of privacy, accuracy and efficiency guarantees, and offers at least a 7,800× performance advantage over standard secure outsourced databases that do not support view-based query paradigm.

show abstract

Section: Framework Componentsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

IncShrink: Architecting Efficient Outsourced Databases using Incremental MPC and Differential Privacy

Wang¹,

Bater²,

Nayak³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…As a follow-up work of PrivPy, Fan et al [171] focus on the privacy-preserving principal component analysis (PCA) via demonstrating an end-to-end optimization of a data mining algorithm to run on the mixed-protocol MPC framework. To further improve the efficiency, CRYPTGPU [172] is proposed to accelerate the mixed-protocol MPC computation via GPU. Specifically, CRYPTGPU introduces a new interface to losslessly embed cryptographic operations over secret-shared values into floating-point operations that highly-optimized CUDA kernels can process for linear algebra.…”

Section: Mixed-protocol Approachmentioning

confidence: 99%

Privacy-Preserving Machine Learning: Methods, Challenges and Directions

Xu¹,

Baracaldo²,

Joshi

2021

Preprint

View full text Add to dashboard Cite

Machine learning (ML) is increasingly being adopted in a wide variety of application domains. Usually, a well-performing ML model, especially, emerging deep neural network model, relies on a large volume of training data and high-powered computational resources. The need for a vast volume of available data raises serious privacy concerns because of the risk of leakage of highly privacy-sensitive information and the evolving regulatory environments that increasingly restrict access to and use of privacy-sensitive data. Furthermore, a trained ML model may also be vulnerable to adversarial attacks such as membership/property inference attacks and model inversion attacks. Hence, well-designed privacy-preserving ML (PPML) solutions are crucial and have attracted increasing research interest from academia and industry. More and more efforts of PPML are proposed via integrating privacy-preserving techniques into ML algorithms, fusing privacy-preserving approaches into ML pipeline, or designing various privacy-preserving architectures for existing ML systems. In particular, existing PPML arts cross-cut ML, system, security, and privacy; hence, there is a critical need to understand state-of-art studies, related challenges, and a roadmap for future research. This paper systematically reviews and summarizes existing privacy-preserving approaches and proposes a PGU model to guide evaluation for various PPML solutions through elaborately decomposing their privacy-preserving functionalities. The PGU model is designed as the triad of Phase, Guarantee, and technical Utility. Furthermore, we also discuss the unique characteristics and challenges of PPML and outline possible directions of future work that benefit a wide range of research communities among ML, distributed systems, security, and privacy areas.

show abstract

“…A series of recent works have made encouraging progress towards improving system efficiency of privacy-preserving MLaaS (Demmler, Schneider, and Zohner 2015;Liu et al 2017;Mohassel and Zhang 2017;Juvekar, Vaikuntanathan, and Chandrakasan 2018;Riazi et al 2018;Rouhani, Riazi, and Koushanfar 2018;Mohassel and Rindal 2018;Riazi et al 2019;Mishra et al 2020;Rathee et al 2020;Boemer et al 2020;Zhang, Xin, and Wu 2021;Patra et al 2021;Tan et al 2021;Hussain et al 2021;Ng et al 2021;Huang et al 2022). Among them, the mixed-primitive frameworks which utilize HE to compute linear functions (e.g., convolution and fully connection) while adopt MPC for nonlinear functions (e.g., ReLU) have demonstrated additional efficiency advantages (Liu et al 2017;Juvekar, Vaikuntanathan, and Chandrakasan 2018;Rathee et al 2020;Huang et al 2022) and it is noteworthy that the inference speed has been improved…”

Section: Introductionmentioning

confidence: 99%

United We Stand: Accelerating Privacy-Preserving Neural Inference by Conjunctive Optimization with Interleaved Nexus

Zhang,

Xiang,

Xin

et al. 2024

AAAI

View full text Add to dashboard Cite

Privacy-preserving Machine Learning as a Service (MLaaS) enables the powerful cloud server to run its well-trained neural model upon the input from resource-limited client, with both of server's model parameters and client's input data protected. While computation efficiency is critical for the practical implementation of privacy-preserving MLaaS and it is inspiring to witness recent advances towards efficiency improvement, there still exists a significant performance gap to real-world applications. In general, state-of-the-art frameworks perform function-wise efficiency optimization based on specific cryptographic primitives. Although it is logical, such independent optimization for each function makes noticeable amount of expensive operations unremovable and misses the opportunity to further accelerate the performance by jointly considering privacy-preserving computation among adjacent functions. As such, we propose COIN: Conjunctive Optimization with Interleaved Nexus, which remodels mainstream computation for each function to conjunctive counterpart for composite function, with a series of united optimization strategies. Specifically, COIN jointly computes a pair of consecutive nonlinear-linear functions in the neural model by reconstructing the intermediates throughout the whole procedure, which not only eliminates the most expensive crypto operations without invoking extra encryption enabler, but also makes the online crypto complexity independent of filter size. Experimentally, COIN demonstrates 11.2x to 29.6x speedup over various function dimensions from modern networks, and 6.4x to 12x speedup on the total computation time when applied in networks with model input from small-scale CIFAR10 to large-scale ImageNet.

show abstract

CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU

Cited by 4 publications

References 40 publications

IncShrink: Architecting Efficient Outsourced Databases using Incremental MPC and Differential Privacy

IncShrink: Architecting Efficient Outsourced Databases using Incremental MPC and Differential Privacy

Privacy-Preserving Machine Learning: Methods, Challenges and Directions

United We Stand: Accelerating Privacy-Preserving Neural Inference by Conjunctive Optimization with Interleaved Nexus

Contact Info

Product

Resources

About