Marcel Keller

Marcel Keller

Senior Research Scientist

Sitemap

A list of all the posts and pages found on the site. For you robots out there is an XML version available for digesting as well.

Pages

Posts

portfolio

MP-SPDZ

A versatile framework for multi-party computation

publications

talks

Secure Quantized Training for Deep Learning

Published:

We have implemented training of neural networks in secure multi-party computation (MPC) using quantization commonly used in the said setting. To the best of our knowledge, we are the first to present an MNIST classifier purely trained in MPC that comes within 0.2 percent of the accuracy of the same convolutional neural network trained via plaintext computation. More concretely, we have trained a network with two convolution and two dense layers to 99.2% accuracy in 25 epochs. This took 3.5 hours in our MPC implementation (under one hour for 99% accuracy).

MP-SPDZ: A Versatile Framework for Multi-Party Computation

Published:

While there is a growing number of MPC implementations, most of them are restricted in terms of protocols, security models, and applications. MP-SPDZ on the other hand offers more than 30 protocol variants in a range of security models and a programming interface that is application-independent. I will talk about the core design choices of MP-SPDZ and how they facilitate this versatility. In particular, the fact that almost all protocol feature two basic operations, some sort of addition and multiplication, provide a simple template for reusable code. I will also present recent results in privacy-preserving machine learning. We have implemented a network for MNIST with which we achieved an accuracy close to cleartext training with a few hours of training.

MP-SPDZ: A Versatile Framework for Multi-Party Computation

Published:

MP-SPDZ is an MPC framework supporting more than 30 protocol variants in all commonly used security models and computation domains. By security model, we mean the choice of total number of parties, number of corrupted parties, and level of corruption (semi-honest or malicious). By computation domain we mean mathematical domain underlying the relevant cryptographic techniques (secret sharing or garbled circuits). MP-SPDZ supports computation modulo a prime or a power of two as well as computation in fields of characteristic two.

Threshold Cryptography in MP-SPDZ

Published:

MP-SPDZ is a versatile framework for multi-party computation implementing more than 40 protocol variants. It achieves this by heavily using C++ templating. This allows implementing a protocol only once for several domains if possible. For example, replicated secret sharing works over any ring, and MP-SPDZ uses the same code for computing modulo primes or powers of two. One way of achieving threshold cryptography is by exploiting the mathematical structure of a cryptosystem based on discrete logarithm and combining it with an MPC protocol in a black-box manner. This has been done with ECDSA where the domain of the secret keys are equivalent to a prime-order field, which allows run a number of MPC protocols over it. A secret sharing scheme over the secret-key domain canonically implies one over the public-key domain and the conversion is straight-forward by applying the exponentiation. In this talk, I will present the infrastructure in MP-SPDZ that underlies the implementation and code examples thereof. The simple interface makes it easy to extend to other cryptosystems with a similar structure.

Privacy-preserving machine learning based on multiparty computation

Published:

Multiparty computation is a key privacy-enhancing technology as it allows computing on distributed data without revealing it to any particular participant. I will introduce the core aspects and present results on using it for machine learning.

teaching