Papers

Topics

Authors

Recent

View all

Detailed Answer

Quick Answer

Concise responses based on abstracts only

Detailed Answer

Well-researched responses based on abstracts and relevant paper content.

Custom Instructions Pro

Preferences or requirements that you'd like Emergent Mind to consider when generating responses

Gemini 2.5 Flash

Gemini 2.5 Flash 39 tok/s

Gemini 2.5 Pro 49 tok/s Pro

GPT-5 Medium 12 tok/s Pro

GPT-5 High 18 tok/s Pro

GPT-4o 91 tok/s Pro

Kimi K2 191 tok/s Pro

GPT OSS 120B 456 tok/s Pro

Claude Sonnet 4 37 tok/s Pro

2000 character limit reached

Secure Transformer Inference Protocol (2312.00025v2)

Published 14 Nov 2023 in cs.CR and cs.LG

Abstract: Security of model parameters and user data is critical for Transformer-based services, such as ChatGPT. While recent strides in secure two-party protocols have successfully addressed security concerns in serving Transformer models, their adoption is practically infeasible due to the prohibitive cryptographic overheads involved. Drawing insights from our hands-on experience in developing two real-world Transformer-based services, we identify the inherent efficiency bottleneck in the two-party assumption. To overcome this limitation, we propose a novel three-party threat model. Within this framework, we design a semi-symmetric permutation-based protection scheme and present STIP, the first secure Transformer inference protocol without any inference accuracy loss. Experiments on representative Transformer models in real systems show that STIP has practical security and outperforms state-of-the-art secure two-party protocols in efficiency by millions of times.

Citations (1)

View on Semantic Scholar