[Resource Topic] 2021/1100: REDsec: Running Encrypted Discretized Neural Networks in Seconds

Welcome to the resource topic for 2021/1100

Title:
REDsec: Running Encrypted Discretized Neural Networks in Seconds

Authors: Lars Folkerts, Charles Gouert, Nektarios Georgios Tsoutsos

Abstract:

Machine learning as a service (MLaaS) has risen to become a prominent technology due to the large development time, amount of data, hardware costs, and level of expertise required to develop a machine learning model. However, privacy concerns prevent the adoption of MLaaS for applications with sensitive data. A promising privacy preserving solution is to use fully homomorphic encryption (FHE) to perform the ML computations. Recent advancements have lowered computational costs by several orders of magnitude, opening doors for secure practical applications to be developed. This work looks to optimize FHE-based private machine learning inference by leveraging ternary neural networks. Such neural networks, whose weights are constrained to {-1,0,1}, have special properties that we exploit in this work to operate efficiently in the homomorphic domain. We introduce a general framework that takes a user-defined model as input (bring-your-own-network), performs plaintext training, and efficiently evaluates private inference leveraging FHE. We perform inference experiments with the MNIST, CIFAR-10, and ImageNet datasets and achieve speeds as fast as 1.6 to 2.2 orders of magnitude slower than unencrypted single-core performance.

ePrint: https://eprint.iacr.org/2021/1100

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .