Paper 2025/1063

MIZAR: Boosting Secure Three-Party Deep Learning with Co-Designed Sign-Bit Extraction and GPU Acceleration

Ye Dong, National University of Singapore, Singapore
Xudong Chen, Institute of Information Engineering, CAS
Xiangfu Song, Nanyang Technological University
Yaxi Yang, Singapore University of Technology and Design
Tianwei Zhang, Nanyang Technological University
Jin-Song Dong, National University of Singapore
Abstract

Three-party secret sharing-based computation has emerged as a promising approach for secure deep learning, benefiting from its high throughput. However, it still faces persistent challenges in computing complex operations such as secure Sign-Bit Extraction, particularly in high-latency and low-bandwidth networks. A recent work, Aegis (Lu et al., Cryptology ePrint'2023), made significant strides by proposing a constant-round DGK-style Sign-Bit Extraction protocol with GPU acceleration on Piranha (Watson et. al., USENIX Security'2022). However, Aegis exhibits two critical limitations: it \romannumeral1) overlooks the use of \textit{bit-wise prefix-sum}, and \romannumeral2) inherits non-optimized modular arithmetic over prime fields and excessive memory overhead from the underlying GPU-based MPC framework. This results in suboptimal performance in terms of communication, computation, and GPU memory usage. Driven by the limitations of Aegis, we propose an optimized constant-round secure Sign-Bit Extraction protocol with communication and GPU-specific optimizations. Concretely, we construct a new masked randomized list by exploiting the upper bound of bit-wise prefix-sum to reduce online communication by up to $50\%$, and integrate fast modular-reduction and kernel fusion techniques to enhance GPU utilization in MPC protocols. Besides, we propose specific optimizations for secure piecewise polynomial approximations and Maxpool computation in neural network evaluations. Finally, we instantiate these protocols as a framework MIZAR and report their improved performance over state-of-the-art GPU-based solutions: \romannumeral1) For secure Sign-Bit Extraction, we achieve a speedup of $2$--$2.5\times$ and reduce communication by $2$--$3.5\times$. \romannumeral2) Furthermore, we improve the performance of secure evaluation of nonlinear functions and neural networks by $1.5$--$3.5\times$. \romannumeral3) Lastly, our framework achieves $10\%$--$50\%$ GPU memory savings.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. ACSAC 2025
Keywords
PrivacySecure 3-Party ComputationSign-Bit ExtractionDeep Learning
Contact author(s)
dongye @ nus edu sg
chenxudong @ iie ac cn
xiangfu song @ ntu edu sg
yaxi_yang @ sutd edu sg
tianwei zhang @ ntu edu sg
csdjs @ nus edu sg
History
2025-09-18: last of 2 revisions
2025-06-06: received
See all versions
Short URL
https://ia.cr/2025/1063
License
Creative Commons Attribution-NonCommercial-ShareAlike
CC BY-NC-SA

BibTeX

@misc{cryptoeprint:2025/1063,
      author = {Ye Dong and Xudong Chen and Xiangfu Song and Yaxi Yang and Tianwei Zhang and Jin-Song Dong},
      title = {{MIZAR}: Boosting Secure Three-Party Deep Learning with Co-Designed Sign-Bit Extraction and {GPU} Acceleration},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/1063},
      year = {2025},
      url = {https://eprint.iacr.org/2025/1063}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.