FALCON: Honest-Majority Maliciously Secure Framework for Private Deep Learning
| Autor: | Fabrice Benhamouda, Tal Rabin, Sameer Wagh, Prateek Mittal, Eyal Kushilevitz, Shruti Tople |
|---|---|
| Rok vydání: | 2020 |
| Předmět: |
Normalization (statistics)
FOS: Computer and information sciences Computer Science - Machine Learning Computer Science - Cryptography and Security Computer science Inference 02 engineering and technology multi party computation Machine Learning (cs.LG) 03 medical and health sciences Protocol design 0202 electrical engineering electronic engineering information engineering secure comparison 030304 developmental biology General Environmental Science computer.programming_language Ethics 0303 health sciences Abort business.industry Deep learning deep learning Information technology QA75.5-76.95 Complex network neural networks BJ1-1725 Electronic computers. Computer science General Earth and Planetary Sciences 020201 artificial intelligence & image processing Artificial intelligence business Falcon computer Cryptography and Security (cs.CR) Computer network |
| Zdroj: | Proceedings on Privacy Enhancing Technologies, Vol 2021, Iss 1, Pp 188-208 (2021) |
| DOI: | 10.48550/arxiv.2004.02229 |
| Popis: | We propose Falcon, an end-to-end 3-party protocol for efficient private training and inference of large machine learning models. Falcon presents four main advantages - (i) It is highly expressive with support for high capacity networks such as VGG16 (ii) it supports batch normalization which is important for training complex networks such as AlexNet (iii) Falcon guarantees security with abort against malicious adversaries, assuming an honest majority (iv) Lastly, Falcon presents new theoretical insights for protocol design that make it highly efficient and allow it to outperform existing secure deep learning solutions. Compared to prior art for private inference, we are about 8x faster than SecureNN (PETS'19) on average and comparable to ABY3 (CCS'18). We are about 16-200x more communication efficient than either of these. For private training, we are about 6x faster than SecureNN, 4.4x faster than ABY3 and about 2-60x more communication efficient. Our experiments in the WAN setting show that over large networks and datasets, compute operations dominate the overall latency of MPC, as opposed to the communication. Comment: Revised version, contains some more experiments and fixes minor typos in the paper |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|