Paper 2022/1483

Towards Practical Secure Neural Network Inference: The Journey So Far and the Road Ahead

Zoltán Ádám Mann, University of Amsterdam
Christian Weinert, Royal Holloway, University of London
Daphnee Chabal, University of Amsterdam
Joppe W. Bos, NXP Semiconductors

Neural networks (NNs) have become one of the most important tools for artificial intelligence (AI). Well-designed and trained NNs can perform inference (e.g., make decisions or predictions) on unseen inputs with high accuracy. Using NNs often involves sensitive data: depending on the specific use case, the input to the NN and/or the internals of the NN (e.g., the weights and biases) may be sensitive. Thus, there is a need for techniques for performing NN inference securely, ensuring that sensitive private data remains secret. This challenge belongs to the "privacy and data governance" dimension of trustworthy AI. In the past few years, several approaches have been proposed for secure neural network inference. These approaches achieve better and better results in terms of efficiency, security, accuracy, and applicability, thus making big progress towards practical secure neural network inference. The proposed approaches make use of many different techniques, such as homomorphic encryption and secure multi-party computation. The aim of this survey paper is to give an overview of the main approaches proposed so far, their different properties, and the techniques used. In addition, remaining challenges towards large-scale deployments are identified.

Available format(s)
Cryptographic protocols
Publication info
Neural Networks Machine Learning Deep Learning HE MPC
Contact author(s)
zoltan mann @ gmail com
christian weinert @ rhul ac uk
d n m s chabal @ uva nl
joppe bos @ nxp com
2022-10-28: approved
2022-10-28: received
See all versions
Short URL
Creative Commons Attribution


      author = {Zoltán Ádám Mann and Christian Weinert and Daphnee Chabal and Joppe W. Bos},
      title = {Towards Practical Secure Neural Network Inference: The Journey So Far and the Road Ahead},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1483},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.