Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
139 tokens/sec
GPT-4o
47 tokens/sec
Gemini 2.5 Pro Pro
43 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
47 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Private Inference in Quantized Models (2311.13686v1)

Published 22 Nov 2023 in cs.IT and math.IT

Abstract: A typical setup in many machine learning scenarios involves a server that holds a model and a user that possesses data, and the challenge is to perform inference while safeguarding the privacy of both parties. Private Inference has been extensively explored in recent years, mainly from a cryptographic standpoint via techniques like homomorphic encryption and multiparty computation. These approaches often come with high computational overhead and may degrade the accuracy of the model. In our work, we take a different approach inspired by the Private Information Retrieval literature. We view private inference as the task of retrieving inner products of parameter vectors with the data, a fundamental operation in many machine learning models. We introduce schemes that enable such retrieval of inner products for models with quantized (i.e., restricted to a finite set) weights; such models are extensively used in practice due to a wide range of benefits. In addition, our schemes uncover a fundamental tradeoff between user and server privacy. Our information-theoretic approach is applicable to a wide range of problems and robust in privacy guarantees for both the user and the server.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (31)
  1. Amos Beimel, Yuval Ishai and Eyal Kushilevitz “General constructions for information-theoretic private information retrieval” In J. Comput. Syst. Sci. 71.2, 2005, pp. 213–247
  2. “MP2ML: A mixed-protocol machine learning framework for private inference” In Proceedings of the 15th International Conference on Availability, Reliability and Security, 2020, pp. 1–10
  3. “Private Information Retrieval” In J. ACM 45.6, 1998, pp. 965–981
  4. “Elements of Information Theory” New-York: Wiley, 2006
  5. “An information-theoretic approach to neural computing” Springer Science & Business Media, 1996
  6. “Approximate Private Inference in Quantized Models” In arxiv: 2305:03801 [CS], 2023
  7. Angus Galloway, Graham W. Taylor and Medhat Moussa “Attacking binarized neural networks” In International Conference on Learning Representations, 2018
  8. Allen Gersho “Principles of quantization” In IEEE Transactions on circuits and systems 25.7 IEEE, 1978, pp. 427–436
  9. “Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy” In International Conference on Machine Learning, 2016, pp. 201–210 PMLR
  10. “Intersection sizes of linear subspaces with the hypercube” In J. Comb. Theory, Ser. A 170, 2020
  11. Ehsan Hesamifard, Hassan Takabi and Mehdi Ghasemi “Cryptodl: Deep neural networks over encrypted data” In arXiv preprint arXiv:1711.05189, 2017
  12. Kathy J Horadam “Hadamard matrices and their applications” Princeton university press, 2012
  13. “Binarized neural networks” In Proceedings of the 30th International Conference on Neural Information Processing Systems, 2016, pp. 4114–4122
  14. “Replication is not needed: Single database, computation-ally-private information retrieval” In Proceedings 38th annual symposium on foundations of computer science, 1997, pp. 364–373 IEEE
  15. Ralph Linsker “Self-organization in a perceptual network” In Computer 21.3 IEEE, 1988, pp. 105–117
  16. Florence Jessie MacWilliams and Neil James Alexander Sloane “The theory of error-correcting codes” Elsevier, 1977
  17. Bradley McDanel, Surat Teerapittayanon and HT Kung “Embedded Binarized Neural Networks” In Proceedings of the 2017 International Conference on Embedded Wireless Systems and Networks, 2017, pp. 168–173
  18. “SecureML: A system for scalable privacy-preserving machine learning” In 2017 IEEE symposium on security and privacy (SP), 2017, pp. 19–38 IEEE
  19. Rafail Ostrovsky and William E.Skeith III “A Survey of Single-Database Private Information Retrieval: Techniques and Applications” In Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography 4450 Springer, 2007, pp. 393–411
  20. Mark D Plumbley “An information-theoretic approach to unsupervised connectionist models” In Proceedings of the 1988 Connectionist Models Summer School, 1988, pp. 239–245 Morgan-Kaufmann
  21. Mark D Plumbley “On information theory and unsupervised neural networks” In Ph. D. Thesis,; Department on Information Theory and Neural Network, Cambridge University, 1991
  22. Vinayak Ramkumar, Netanel Raviv and Itzhak Tamo “Coefficient Complexity in Low-Access Quantized Linear Computations” In to appear in Allerton Conference on Communication, Control, and Computing, 2023
  23. “Codnn–robust neural networks from coded classification” In 2020 IEEE International Symposium on Information Theory (ISIT), 2020, pp. 2688–2693 IEEE
  24. Netanel Raviv and David A. Karpuk “Private Polynomial Computation From Lagrange Encoding” In IEEE Trans. Inf. Forensics Secur. 15, 2020, pp. 553–563
  25. “Enhancing Robustness of Neural Networks through Fourier Stabilization” In International Conference on Machine Learning, 2021
  26. “Cheetah: Optimizing and accelerating homomorphic encryption for private inference” In 2021 IEEE International Symposium on High-Performance Computer Architecture (HPCA), 2021, pp. 26–39 IEEE
  27. B C Rennie and A C Dobson “On Stirling Numbers of the Second Kind” In Journal of combinatorial theory 7, 1969, pp. 116–121
  28. “XONN: Xnor-based oblivious deep neural network inference” In 28th USENIX Security Symposium (USENIX Security 19), 2019, pp. 1501–1518
  29. Hua Sun and Syed Ali Jafar “The Capacity of Private Computation” In IEEE Trans. Inf. Theory 65.6, 2019, pp. 3880–3897
  30. Surat Teerapittayanon, Bradley McDanel and Hsiang-Tsung Kung “Distributed deep neural networks over the cloud, the edge and end devices” In 2017 IEEE 37th international conference on distributed computing systems (ICDCS), 2017, pp. 328–339 IEEE
  31. Sergey Yekhanin “Private information retrieval” In Commun. ACM 53.4, 2010, pp. 68–73
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now