Paper 2023/359

Convolutions in Overdrive: Maliciously Secure Convolutions for MPC

Marc Rivinius, University of Stuttgart
Pascal Reisert, University of Stuttgart
Sebastian Hasler, University of Stuttgart
Ralf Kuesters, University of Stuttgart
Abstract

Machine learning (ML) has seen a strong rise in popularity in recent years and has become an essential tool for research and industrial applications. Given the large amount of high quality data needed and the often sensitive nature of ML data, privacy-preserving collaborative ML is of increasing importance. In this paper, we introduce new actively secure multiparty computation (MPC) protocols which are specially optimized for privacy-preserving machine learning applications. We concentrate on the optimization of (tensor) convolutions which belong to the most commonly used components in ML architectures, especially in convolutional neural networks but also in recurrent neural networks or transformers, and therefore have a major impact on the overall performance. Our approach is based on a generalized form of structured randomness that speeds up convolutions in a fast online phase. The structured randomness is generated with homomorphic encryption using adapted and newly constructed packing methods for convolutions, which might be of independent interest. Overall our protocols extend the state-of-the-art Overdrive family of protocols (Keller et al., EUROCRYPT 2018). We implemented our protocols on-top of MP-SPDZ (Keller, CCS 2020) resulting in a full-featured implementation with support for faster convolutions. Our evaluation shows that our protocols outperform state-of-the-art actively secure MPC protocols on ML tasks like evaluating ResNet50 by a factor of 3 or more. Benchmarks for depthwise convolutions show order-of-magnitude speed-ups compared to existing approaches.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. To appear in the Proceedings on Privacy Enhancing Technologies 2023(3)
Keywords
secure multiparty computationconvolutionsneural networks
Contact author(s)
marc rivinius @ sec uni-stuttgart de
pascal reisert @ sec uni-stuttgart de
sebastian hasler @ sec uni-stuttgart de
ralf kuesters @ sec uni-stuttgart de
History
2023-03-16: approved
2023-03-11: received
See all versions
Short URL
https://ia.cr/2023/359
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2023/359,
      author = {Marc Rivinius and Pascal Reisert and Sebastian Hasler and Ralf Kuesters},
      title = {Convolutions in Overdrive: Maliciously Secure Convolutions for MPC},
      howpublished = {Cryptology ePrint Archive, Paper 2023/359},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/359}},
      url = {https://eprint.iacr.org/2023/359}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.