Tetrad: Actively Secure 4PC for Secure Training and Inference

Mixing arithmetic and boolean circuits to perform privacy-preserving machine learning has become increasingly popular. Towards this, we propose a framework for the case of four parties with at most one active corruption called Tetrad. Tetrad works over rings and supports two levels of security, fairness and robustness. The fair multiplication protocol costs 5 ring elements, improving over the state-of-the-art Trident (Chaudhari et al. NDSS’20). A key feature of Tetrad is that robustness comes for free over fair protocols. Other highlights across the two variants include (a) probabilistic truncation without overhead, (b) multi-input multiplication protocols, and (c) conversion protocols to switch between the computational domains, along with a tailor-made garbled circuit approach. Benchmarking of Tetrad for both training and inference is conducted over deep neural networks such as LeNet and VGG16. We found that Tetrad is up to 4 times faster in ML training and up to 5 times faster in ML inference. Tetrad is also lightweight in terms of deployment cost, costing up to 6 times less than Trident.

[1]  Ye Zhang,et al.  Fast and Secure Three-party Computation: The Garbled Circuit Approach , 2015, IACR Cryptol. ePrint Arch..

[2]  Andrew Zisserman,et al.  Very Deep Convolutional Networks for Large-Scale Image Recognition , 2014, ICLR.

[3]  Vitaly Shmatikov,et al.  Membership Inference Attacks Against Machine Learning Models , 2016, 2017 IEEE Symposium on Security and Privacy (SP).

[4]  Moti Yung,et al.  Two-Sided Malicious Security for Private Intersection-Sum with Cardinality , 2020, IACR Cryptol. ePrint Arch..

[5]  Yehuda Lindell,et al.  High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority , 2016, IACR Cryptol. ePrint Arch..

[6]  Mihir Bellare,et al.  Efficient Garbling from a Fixed-Key Blockcipher , 2013, 2013 IEEE Symposium on Security and Privacy.

[7]  Aseem Rastogi,et al.  Secure Medical Image Analysis with CrypTFlow , 2020, ArXiv.

[8]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[9]  Ronald Cramer,et al.  Efficient Information-Theoretic Secure Multiparty Computation over ℤ/pk ℤ via Galois Rings , 2019, IACR Cryptol. ePrint Arch..

[10]  Carmit Hazay,et al.  Fast Actively Secure Five-Party Computation with Security Beyond Abort , 2019, IACR Cryptol. ePrint Arch..

[11]  Sander Siim,et al.  Combining Secret Sharing and Garbled Circuits for Efficient Private IEEE 754 Floating-Point Computations , 2015, Financial Cryptography Workshops.

[12]  Arun Joseph,et al.  Fast Secure Computation for Small Population over the Internet , 2018, IACR Cryptol. ePrint Arch..

[13]  Andrew Chi-Chih Yao,et al.  Protocols for Secure Computations (Extended Abstract) , 1982, FOCS.

[14]  Farinaz Koushanfar,et al.  Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications , 2018, IACR Cryptol. ePrint Arch..

[15]  Daniel Escudero,et al.  An Efficient Passive-to-Active Compiler for Honest-Majority MPC over Rings , 2019, IACR Cryptol. ePrint Arch..

[16]  Marcel Keller,et al.  Improved Primitives for MPC over Mixed Arithmetic-Binary Circuits , 2020, IACR Cryptol. ePrint Arch..

[17]  Frederik Vercauteren,et al.  EPIC: Efficient Private Image Classification (or: Learning from the Masters) , 2019, CT-RSA.

[18]  Sahar Mazloom,et al.  Secure parallel computation on national scale volumes of data , 2020, USENIX Security Symposium.

[19]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[20]  Daniel Escudero,et al.  Fantastic Four: Honest-Majority Four-Party Secure Computation With Malicious Security , 2020, IACR Cryptol. ePrint Arch..

[21]  Arpita Patra,et al.  SWIFT: Super-fast and Robust Privacy-Preserving Machine Learning , 2020, IACR Cryptol. ePrint Arch..

[22]  Yehuda Lindell,et al.  How To Simulate It - A Tutorial on the Simulation Proof Technique , 2016, IACR Cryptol. ePrint Arch..

[23]  Somesh Jha,et al.  Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures , 2015, CCS.

[24]  Silvio Micali,et al.  A Completeness Theorem for Protocols with Honest Majority , 1987, STOC 1987.

[25]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[26]  Ajith Suresh,et al.  Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning , 2019, IACR Cryptol. ePrint Arch..

[27]  Mohammad Anagreh,et al.  Yet Another Compiler for Active Security or : Efficient MPC Over Arbitrary Rings , 2017 .

[28]  Eran Omri,et al.  MPC with Friends and Foes , 2020, IACR Cryptol. ePrint Arch..

[29]  Anat Paskin-Cherniavsky,et al.  Secure Computation with Minimal Interaction, Revisited , 2015, CRYPTO.

[30]  Eyal Kushilevitz,et al.  Falcon: Honest-Majority Maliciously Secure Framework for Private Deep Learning , 2021, Proc. Priv. Enhancing Technol..

[31]  Benny Pinkas,et al.  SpOT-Light: Lightweight Private Set Intersection from Sparse OT Extension , 2019, IACR Cryptol. ePrint Arch..

[32]  Peter Rindal,et al.  ABY3: A Mixed Protocol Framework for Machine Learning , 2018, IACR Cryptol. ePrint Arch..

[33]  Dragos Rotaru,et al.  MArBled Circuits: Mixing Arithmetic and Boolean Circuits with Active Security , 2019, IACR Cryptol. ePrint Arch..

[34]  Arpita Patra,et al.  FLASH: Fast and Robust Framework for Privacy-preserving Machine Learning , 2020, IACR Cryptol. ePrint Arch..

[35]  Yehuda Lindell,et al.  High-Throughput Secure Three-Party Computation for Malicious Adversaries and an Honest Majority , 2017, IACR Cryptol. ePrint Arch..

[36]  Yehuda Lindell,et al.  Optimized Honest-Majority MPC for Malicious Adversaries — Breaking the 1 Billion-Gate Per Second Barrier , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[37]  Yoshua Bengio,et al.  Gradient-based learning applied to document recognition , 1998, Proc. IEEE.

[38]  Sameer Wagh,et al.  SecureNN: 3-Party Secure Computation for Neural Network Training , 2019, Proc. Priv. Enhancing Technol..

[39]  Marcel Keller,et al.  Overdrive: Making SPDZ Great Again , 2018, IACR Cryptol. ePrint Arch..

[40]  Payman Mohassel,et al.  SecureML: A System for Scalable Privacy-Preserving Machine Learning , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[41]  Arpita Patra,et al.  ABY2.0: Improved Mixed-Protocol Secure Two-Party Computation , 2020, IACR Cryptol. ePrint Arch..

[42]  Satsuya Ohata,et al.  Communication-Efficient (Client-Aided) Secure Two-Party Protocols and Its Application , 2019, Financial Cryptography.

[43]  Vladimir Kolesnikov,et al.  FleXOR: Flexible garbling for XOR gates that beats free-XOR , 2014, IACR Cryptol. ePrint Arch..

[44]  Yuval Ishai,et al.  Zero-Knowledge Proofs on Secret-Shared Data via Fully Linear PCPs , 2019, CRYPTO.

[45]  Xiao Wang,et al.  Secure Computation with Low Communication from Cross-checking , 2018, IACR Cryptol. ePrint Arch..

[46]  Fan Zhang,et al.  Stealing Machine Learning Models via Prediction APIs , 2016, USENIX Security Symposium.

[47]  Yuval Ishai,et al.  Practical Fully Secure Three-Party Computation via Sublinear Distributed Zero-Knowledge Proofs , 2019, CCS.

[48]  Arpita Patra,et al.  BLAZE: Blazing Fast Privacy-Preserving Machine Learning , 2020, IACR Cryptol. ePrint Arch..

[49]  Ahmad-Reza Sadeghi,et al.  TASTY: tool for automating secure two-party computations , 2010, CCS '10.

[50]  Ashish Choudhury,et al.  ASTRA: High Throughput 3PC over Rings with Application to Secure Prediction , 2019, IACR Cryptol. ePrint Arch..

[51]  Mihir Bellare,et al.  Foundations of garbled circuits , 2012, CCS.

[52]  Marcel Keller,et al.  New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning , 2019, 2019 IEEE Symposium on Security and Privacy (SP).

[53]  Thomas Shrimpton,et al.  Cryptographic Hash-Function Basics: Definitions, Implications, and Separations for Preimage Resistance, Second-Preimage Resistance, and Collision Resistance , 2004, FSE.

[54]  Yehuda Lindell,et al.  Fast Garbling of Circuits Under Standard Assumptions , 2015, Journal of Cryptology.