Paper 2024/1087

Tyche: Probabilistic Selection over Encrypted Data for Generative Language Models

Lars Folkerts, University of Delaware
Nektarios Georgios Tsoutsos, University of Delaware
Abstract

Generative AI, a significant technological disruptor in recent years, has impacted domains like augmented reality, coding assistance, and text generation. However, use of these models requires users to trust the model owners with their sensitive data given as input to the model. Fully Homomorphic Encryption (FHE) offers a promising solution, and many earlier works have investigated the use this technology for machine learning as a service (MLaaS) applications. Still, these efforts do not cater to generative models that operate probabilistically, allowing for diverse and creative outputs. In this work, we introduce three novel probabilistic selection algorithms for autoregressive generative AI: multiplication-scaled cumulative sum, heuristic cumulative sum, and the random-multiplication argmax. Each of these approaches presents distinctive challenges in optimizing the trade-off between precision and timing performance, a balance intricately tied to the specific characteristics of the data under consideration. Our results show that the random multiplication argmax-based method is more scalable than the cumulative sum methods and can accurately mimic the plaintext selection curve.

Note: Our implementation of Tyche is open-source: https://github.com/TrustworthyComputing/Tyche

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Keywords
Fully Homomorphic EncryptionPrivate Language ModelsGenerative AI
Contact author(s)
folkerts @ udel edu
tsoutsos @ udel edu
History
2024-07-05: approved
2024-07-04: received
See all versions
Short URL
https://ia.cr/2024/1087
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1087,
      author = {Lars Folkerts and Nektarios Georgios Tsoutsos},
      title = {Tyche: Probabilistic Selection over Encrypted Data for Generative Language Models},
      howpublished = {Cryptology ePrint Archive, Paper 2024/1087},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/1087}},
      url = {https://eprint.iacr.org/2024/1087}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.