Talk, Sydney Privacy Workshop, University of Sydney
Multiparty computation is a key privacy-enhancing technology as it allows computing on distributed data without revealing it to any particular participant. I will introduce the core aspects and present results on using it for machine learning.
Talk, NIST Workshop on Multi-Party Threshold Schemes, NIST
MP-SPDZ is a versatile framework for multi-party computation implementing more than 40 protocol variants. It achieves this by heavily using C++ templating. This allows implementing a protocol only once for several domains if possible. For example, replicated secret sharing works over any ring, and MP-SPDZ uses the same code for computing modulo primes or powers of two. One way of achieving threshold cryptography is by exploiting the mathematical structure of a cryptosystem based on discrete logarithm and combining it with an MPC protocol in a black-box manner. This has been done with ECDSA where the domain of the secret keys are equivalent to a prime-order field, which allows run a number of MPC protocols over it. A secret sharing scheme over the secret-key domain canonically implies one over the public-key domain and the conversion is straight-forward by applying the exponentiation. In this talk, I will present the infrastructure in MP-SPDZ that underlies the implementation and code examples thereof. The simple interface makes it easy to extend to other cryptosystems with a similar structure.
Talk, Secure and Private Computing in AI and Finance, New York
Talk, Theory and Practice of Multi-Party Computation Workshop, Aarhus, Denmark
MP-SPDZ is an MPC framework supporting more than 30 protocol variants in all commonly used security models and computation domains. By security model, we mean the choice of total number of parties, number of corrupted parties, and level of corruption (semi-honest or malicious). By computation domain we mean mathematical domain underlying the relevant cryptographic techniques (secret sharing or garbled circuits). MP-SPDZ supports computation modulo a prime or a power of two as well as computation in fields of characteristic two.
Keynote, Conference on Cryptology And Network Security, Virtual
While there is a growing number of MPC implementations, most of them are restricted in terms of protocols, security models, and applications. MP-SPDZ on the other hand offers more than 30 protocol variants in a range of security models and a programming interface that is application-independent. I will talk about the core design choices of MP-SPDZ and how they facilitate this versatility. In particular, the fact that almost all protocol feature two basic operations, some sort of addition and multiplication, provide a simple template for reusable code. I will also present recent results in privacy-preserving machine learning. We have implemented a network for MNIST with which we achieved an accuracy close to cleartext training with a few hours of training.
Talk, CWI in Business, Amsterdam, Netherlands
I will present the core design choices of MP-SPDZ and their application to machine learning.
Talk, The 3rd Privacy-Preserving Machine Learning Workshop 2021, Virtual
We have implemented training of neural networks in secure multi-party computation (MPC) using quantization commonly used in the said setting. To the best of our knowledge, we are the first to present an MNIST classifier purely trained in MPC that comes within 0.2 percent of the accuracy of the same convolutional neural network trained via plaintext computation. More concretely, we have trained a network with two convolution and two dense layers to 99.2% accuracy in 25 epochs. This took 3.5 hours in our MPC implementation (under one hour for 99% accuracy).