CrypTFlow2: Practical 2-Party Secure Inference
This work addresses privacy-preserving machine learning for applications requiring secure data processing, representing a significant advance rather than an incremental improvement.
The paper tackles secure inference over deep neural networks using 2-party computation, achieving bitwise correctness and efficiency with at least an order of magnitude less communication and 20x-30x less time than prior state-of-the-art methods, including the first secure inference on ImageNet-scale networks like ResNet50.
We present CrypTFlow2, a cryptographic framework for secure inference over realistic Deep Neural Networks (DNNs) using secure 2-party computation. CrypTFlow2 protocols are both correct -- i.e., their outputs are bitwise equivalent to the cleartext execution -- and efficient -- they outperform the state-of-the-art protocols in both latency and scale. At the core of CrypTFlow2, we have new 2PC protocols for secure comparison and division, designed carefully to balance round and communication complexity for secure inference tasks. Using CrypTFlow2, we present the first secure inference over ImageNet-scale DNNs like ResNet50 and DenseNet121. These DNNs are at least an order of magnitude larger than those considered in the prior work of 2-party DNN inference. Even on the benchmarks considered by prior work, CrypTFlow2 requires an order of magnitude less communication and 20x-30x less time than the state-of-the-art.