EzPC system figure

EzPC (Easy Secure Multi-party Computation)

Consider the following scenario: Two hospitals, each having sensitive patient data, must compute statistical information about their joint data. Or, one of the hospitals has a pre-trained ML model based on sensitive patient data and another hospital either wants to learn inference results for its sensitive patient data or the accuracy of the model for its sensitive patient data. In all cases, privacy regulations forbid them from sharing the data and/or the model in the clear with any entity. So, can they run these tasks while keeping their private data encrypted (or “hidden”) from each other?

Cryptography, and specifically, the primitive Secure Multi-Party Computation (MPC), provides an answer to this seemingly impossible task using sophisticated mathematical protocols. However, two big challenges remain:

  1. Until recently, these cryptographic protocols have only been efficiently executable for simpler functions such as aggregations, linear regressions and so on; while, ideally one would like to execute more complex AI algorithms, such as UNet3D, that could allow the hospitals to learn and predict diseases or health abnormalities.
  2. Secondly, to execute these protocols, one must express the computation at the low-level of circuits comprising of AND and OR gates, which is both highly cumbersome and inefficient.

The EzPC (or Easy Secure Multi-Party Computation) project at MSR India addresses both these issues:

  1. Specifically for the case of machine learning, we have developed a system, CrypTFlow (opens in new tab), that takes as input TensorFlow/ONNX/PyTorch inference code and automatically compiles it into an efficient secure computation protocol for the same code.
  2. To serve as a backend to our compiler, we have developed new secure multi-party computation protocols for computing various neural network training and prediction algorithms that have orders of magnitude improvement in performance over the prior state-of-the-art.
  3. Our most recent works Orca and Sigma not only provide state-of-the-art protocols for inference of CNNs and transformers, but also intelligently utilize GPUs to scale efficiently to the latest image classification architectures like ResNets and transformers such as GPTs and Llama-13B.

To learn more about how developers can build scalable and efficient MPC protocols for secure inference tasks with absolutely no cryptography expertise using the CrypTFlow system, visit this blog post. For more information, contact the team at ezpc@microsoft.com