Paper 2023/1890

Aegis: A Lightning Fast Privacy-preserving Machine Learning Platform against Malicious Adversaries

Tianpei Lu
Bingsheng Zhang, The State Key Laboratory of Blockchain and Data Security, Zhejiang University
Lichun Li, Ant group
Kui Ren, The State Key Laboratory of Blockchain and Data Security, Zhejiang University
Abstract

Privacy-preserving machine learning (PPML) techniques have gained significant popularity in the past years. Those protocols have been widely adopted in many real-world security-sensitive machine learning scenarios, e.g., medical care and finance. In this work, we introduce $\mathsf{Aegis}$~-- a high-performance PPML platform built on top of a maliciously secure 3-PC framework over ring $\mathbb{Z}_{2^\ell}$. In particular, we propose a novel 2-round secure comparison (a.k.a., sign bit extraction) protocol in the preprocessing model. The communication of its semi-honest version is only 25% of the state-of-the-art (SOTA) constant-round semi-honest comparison protocol by Zhou et al. (S&P 2023); communication and round complexity of its malicious version are approximately 25% and 50% of the SOTA (BLAZE) by Patra and Suresh (NDSS 2020), for $\ell=64$. Moreover, the overall communication of our maliciously secure inner product protocol is merely $3\ell$ bits, reducing 50% from the SOTA (Swift) by Koti et al. (USENIX 2021). Finally, the resulting ReLU and MaxPool PPML protocols outperform the SOTA constructions by $4\times$ in the semi-honest setting and $100\times$ in the malicious setting, respectively.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint.
Contact author(s)
lutianpei @ zju edu cn
History
2024-05-29: last of 2 revisions
2023-12-08: received
See all versions
Short URL
https://ia.cr/2023/1890
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/1890,
      author = {Tianpei Lu and Bingsheng Zhang and Lichun Li and Kui Ren},
      title = {Aegis: A Lightning Fast Privacy-preserving Machine Learning Platform against Malicious Adversaries},
      howpublished = {Cryptology {ePrint} Archive, Paper 2023/1890},
      year = {2023},
      url = {https://eprint.iacr.org/2023/1890}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.