Reference Papers:
SIRNN: A Math Library for Secure RNN Inference
Deevashwer Rathee, Mayank Rathee, Rahul Kranti Kiran Goli, Divya Gupta, Rahul Sharma, Nishanth Chandran, Aseem Rastogi
IEEE S&P 2021
CrypTFlow2: Practical 2-Party Secure Inference
Deevashwer Rathee, Mayank Rathee, Nishant Kumar, Nishanth Chandran, Divya Gupta, Aseem Rastogi, Rahul Sharma
ACM CCS 2020
CrypTFlow: Secure TensorFlow Inference
Nishant Kumar, Mayank Rathee, Nishanth Chandran, Divya Gupta, Aseem Rastogi, Rahul Sharma
IEEE S&P 2020
EzPC: Programmable, Efficient, and Scalable Secure Two-Party Computation for Machine Learning
Nishanth Chandran, Divya Gupta, Aseem Rastogi, Rahul Sharma, Shardul Tripathi
IEEE EuroS&P 2019
Project webpage: https://aka.ms/ezpc
This repository has the following components:
- EzPC: a language for secure machine learning.
- Athos (part of CrypTFlow): an end-to-end compiler from TensorFlow to a variety of semi-honest MPC protocols. Athos leverages EzPC as a low-level intermediate language.
- SIRNN: an end-to-end framework for performing inference over quantized RNN models using semi-honest 2-party computation protocols.
- Porthos (part of CrypTFlow): a semi-honest 3 party computation protocol which is geared towards TensorFlow-like applications.
- Aramis (part of CrypTFlow): a novel technique that uses hardware with integrity guarantees to convert any semi-honest MPC protocol into an MPC protocol that provides malicious security.
- SCI (part of CrypTFlow2 and SIRNN): a semi-honest 2-party computation library for secure inference on deep neural networks.
Each one of the above is independent and usable in their own right and more information can be found in the readme of each of the components. But together these combine to make CrypTFlow a powerful system for end-to-end secure inference of deep neural networks written in TensorFlow.
With these components in place, we are able to run for the first time secure inference on the ImageNet dataset with the pre-trained models of the following deep neural nets: ResNet-50, DenseNet-121 and SqueezeNet for ImageNet. For an end-to-end tutorial on running models with CrypTFlow please refer to this blog post.
For setup instructions, please refer to each of the components' readme.
Alternatively you can use the setup_env_and_build.sh script. It installs dependencies and builds each component. It also creates a virtual environment in a mpc_venv folder with all the required packages. If you want to do setup with default paths and settings do ./setup_env_and_build.sh quick
, otherwise if you want to manually choose paths you can use ./setup_env_and_build.sh
.
Please do source mpc_venv/bin/activate
before using the toolchain.
You can use a pre-built docker image from docker hub using docker pull ezpc/ezpc:latest
. We occasionally push stable images to that channel. However, if you want a docker image with the latest code, you can build it yourself using:
docker build -t ezpc_image - < path/to/EzPC/Dockerfile
Wiki section of this repository provides coding practices and examples to get started with EzPC.
For bugs and support, please create an issue on the issues page.