- Privacy-Preserving-Machine-Learning-Resources
- About
- Secure Machine Learning
- MPC
- Federated Learning
- Privacy Leakages of ML/FL
- Blogs
- Libraries and Frameworks
This is a current list of resources related to the research and development of privacy-preserving machine learning.
- 安全多方计算及其在机器学习中的应用, 计算机研究与发展'21
- Machine Learning Classification over Encrypted Data, NDSS'14
- Oblivious Multi-Party Machine Learning on Trusted Processors, USENIX SECURITY'16
- SecureML: A System for Scalable Privacy-Preserving Machine Learning, S&P'17
- MiniONN: Oblivious Neural Network Predictions via MiniONN Transformations, CCS'17
- Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications, AsiaCCS'17
- DeepSecure: Scalable Provably-Secure Deep Learning, DAC'17
- Secure Computation for Machine Learning With SPDZ, NIPS'18
- ABY3:a Mixed protocol Framework for Machine Learning, CCS'18
- SecureNN: Efficient and Private Neural Network Training, PoPETs'18
- Gazelle: A Low Latency Framework for Secure Neural Network Inference, USENIX SECURITY'18
- CHET: an optimizing compiler for fully-homomorphic neural-network inferencing, PLDI'19
- New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning, S&P'19
- Helen: Maliciously Secure Coopetitive Learning for Linear Models, S&P'19
- Efficient multi-key homomorphic encryption with packed ciphertexts with application to oblivious neural network inference. CCS'19
- XONN: XNOR-based Oblivious Deep Neural Network Inference, USENIX Security'19
- QUOTIENT: two-party secure neural network training and prediction, CCS'19
- Secure Evaluation of Quantized Neural Networks, PoPETs'20
- ASTRA: High Throughput 3PC over Rings with Application to Secure Prediction, CCSW'19
- SoK: Modular and Efficient Private Decision Tree Evaluation, PoPETs'19
- Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning, NDSS'20
- BLAZE: Blazing Fast Privacy-Preserving Machine Learning, NDSS'20
- FLASH: Fast and Robust Framework for Privacy-preserving Machine Learning, PoPETs'20
- Delphi: A Cryptographic Inference Service for Neural Networks, USENIX SECURITY'20
- ParSecureML: An Efficient Parallel Secure Machine Learning Framework on GPUs, ICPP'20
- FALCON: Honest-Majority Maliciously Secure Framework for Private Deep Learning, PoPETs'21
- MP2ML: A Mixed-Protocol Machine Learning Framework for Private Inference, ARES'20
- SANNS: Scaling Up Secure Approximate k-Nearest Neighbors Search, USENIX Security'20
- PySyft: A Generic Framework for Privacy Preserving Deep Learning
- Private Deep Learning in TensorFlow Using Secure Computation
- CryptoDL: Deep Neural Networks over Encrypted Data
- CryptoNets: Applying Neural Networks to Encrypted Data with High Throughput and Accuracy
- CrypTFlow: Secure TensorFlow Inference
- CrypTFlow2: Practical 2-Party Secure Inference, CCS'20
- ARIANN: Low-Interaction Privacy-Preserving Deep Learning via Function Secret Sharing
- Practical Privacy-Preserving K-means Clustering, PoPETs'20
- SOTERIA: In Search of Efficient Neural Networks for Private Inference, 20
- SWIFT: Super-fast and Robust Privacy-Preserving Machine Learning, USENIX Security'21
- An Efficient 3-Party Framework for Privacy-Preserving Neural Network Inference, ESORICS'20
- Secure and Verifiable Inference in Deep Neural Networks, ACSAC'20
- Privacy-preserving Density-based Clustering, AisaCCS'21
- SIRNN: A Math Library for Secure RNN Inference, S&P'21
- Let’s Stride Blindfolded in a Forest: Sublinear Multi-Client Decision Trees Evaluation, NDSS'21
- MUSE: Secure Inference Resilient to Malicious Clients, USENIX Security'21
- DeepReDuce: ReLU Reduction for Fast Private Inference, ICML'21
- Garbled Neural Networks are Practical
- GForce : GPU-Friendly Oblivious and Rapid Neural Network Inference, USENIX Security'21
- CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU, S&P'21
- GALA : Greedy ComputAtion for Linear Algebra in Privacy-Preserved Neural Networks, NDSS'21
- Fantastic Four: Honest-Majority Four-Party Secure Computation With Malicious Security, USENIX Security'21
- When homomorphic encryption marries secret sharing: secure large-scale sparse logistic regression and applications in risk control, KDD'21
- Glyph: Fast and Accurately Training Deep Neural Networks on Encrypted Data, NeurIPS'20
- Mystique: Efficient Conversions for Zero-Knowledge Proofs with Applications to Machine Learning, USENIX Security'21
- SoK: Efficient Privacy-preserving Clustering, PoPETs'21
- ZEN: Efficient Zero-Knowledge Proofs for Neural Networks
- zkCNN: Zero Knowledge Proofs for Convolutional Neural Network Predictions and Accuracy, CCS'21
- Secure Quantized Training for Deep Learning, ICML
- Cerebro: A Platform for Multi-Party Cryptographic Collaborative Learning, USENIX Security'21
- Tetrad: Actively Secure 4PC for Secure Training and Inference, NDSS'22
- Adam in Private : Secure and Fast Training of Deep Neural Networks with Adaptive Moment Estimation, PoPETs'22
- SIMC: ML Inference Secure Against Malicious Clients at Semi-Honest Cost, USENIX Security'22
- Circa : Stochastic ReLUs for Private Deep Learning, NeurIPS'21
- Banners: Binarized Neural Networks with Replicated Secret Sharing, IH&MMSec'21
- Cheetah: Lean and Fast Secure Two-Party Deep Neural Network Inference, USENIX Security'22
- Secure Poisson Regression, USENIX Security'22
- SecFloat: Accurate Floating-Point meets Secure 2-Party Computation, S&P'22
- MPClan: Protocol Suite for Privacy-Conscious Computations, IACR ePrint'22
- LLAMA: A Low Latency Math Library for Secure Inference, PoPETs'22
- Pika: Secure Computation using Function Secret Sharing over Rings, PoPETs'22
- Piranha: A GPU Platform for Secure Computation, USENIX Security'22
- Efficient Secure Three-Party Sorting with Applications to Data Analysis and Heavy Hitters, CCS'22
- Private and Reliable Neural Network Inference, CCS'22
- SortingHat: Efficient Private Decision Tree Evaluation via Homomorphic Encryption and Transciphering, CCS'22
- Iron: Private Inference on Transformers, NeurIPS '22
- Private and Reliable Neural Network Inference, CCS'22
- SecureBiNN: 3-Party Secure Computation for Binarized Neural Network Inference, ESORICS'22
- Meteor: Improved Secure 3-Party Neural Network Inference with Reducing Online Communication Costs, WWW'23
- Private, Efficient, and Accurate: Protecting Models Trained by Multi-party Learning with Differential Privacy, S&P'23
- Bicoptor: Two-round Secure Three-party Non-linear Computation without Preprocessing for Privacy-preserving Machine Learning, S&P'23
- Fusion: Efficient and Secure Inference Resilient to Malicious Servers, NDSS'23
- REDsec: Running Encrypted Discretized Neural Networks in Seconds, NDSS'23
- SoK: Cryptographic Neural-Network Computation, S&P'23
- Secure Floating-Point Training, USENIX Security'23
- Squirrel: A Scalable Secure Two-Party Computation Framework for Training Gradient Boosting Decision Tree, USENIX Security'23
- Efficient 3PC for Binary Circuits with Application to Maliciously-Secure DNN Inference, USENIX Security'23
- Level Up: Private Non-Interactive Decision Tree Evaluation using Levelled Homomorphic Encryption, CCS'23
- PUMA: Secure Inference of LLaMA-7B in Five Minutes
- Orca: FSS-based Secure Training and Inference with GPUs, S&P'24
- SIGMA: Secure GPT Inference with Function Secret Sharing, PoPTEs'24
- CipherGPT: Secure Two-Party GPT Inference
- HELiKs: HE Linear Algebra Kernels for Secure Inference, CCS'23
- MPCDiff: Testing and Repairing MPC-Hardened Deep Learning Models, NDSS'24
- Fast and Private Inference of Deep Neural Networks by Co-designing Activation Functions, USENIX Security'24
- MD-ML: Super Fast Privacy-Preserving Machine Learning for Malicious Security with a Dishonest Majority, USENIX Security'24
- 实用安全多方计算协议关键技术研究进展, 计算机研究与发展'15
- Scalable and unconditionally secure multiparty computation, Crypto'07
- Sharemind: A framework for fast privacy-preserving computations, ESORICS'08
- Secure computation with fixed-point numbers, FC'10
- Multiparty computation from somewhat homomorphic encryption, Crypto'12
- Practical covertly secure MPC for dishonest majority–or: breaking the SPDZ limits, ESORICS'13
- GMW vs. Yao? Efficient secure two-party computation with low depth circuits, FC'13
- Efficiently Verifiable Computation on Encrypted Data, CCS'14
- ABY: A Framework for Efficient Mixed-Protocol Secure Two-Party Computation, NDSS'15
- MASCOT: faster malicious arithmetic secure computation with oblivious transfer, CCS'16
- High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority, CCS'16
- High- throughput secure three-party computation for malicious adversaries and an honest majority, Crypto'17
- A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority, CCS'17
- Overdrive^2k: Making SPDZ Great Again, Eurocrypto'18
- SPDZ^2k: Efficient MPC mod 2^k for Dishonest Majority, Crypto'18
- Secure outsourced matrix computation and application to neural networks, CCS'18
- Fast large-scale honest-majority MPC for malicious adversaries, Crypto'18
- Minimising communication in honest-majority MPC by batchwise multiplication verification, ACNS'18
- PrivPy: General and Scalable Privacy-Preserving Data Mining, KDD'19
- Two-thirds honest-majority MPC for malicious adversaries at almost the cost of semi-honest, CCS'19
- Turbospeedz: Double your online SPDZ! Improving SPDZ using function dependent preprocessing, ACNS'19
- MP-SPDZ: A Versatile Framework for Multi-Party Computation, CCS'20
- Senate: A Maliciously-Secure MPC Platform for Collaborative Analytics, USENIX Security'20
- Improved primitives for mpc over mixed arithmetic-binary circuits, CRYPTO'20
- Malicious Security Comes Free in Honest-Majority MPC, ePrint'20
- MOTION - A Framework for Mixed-Protocol Multi-Party Computation, TOPS'21
- ABY2.0: Improved Mixed-Protocol Secure Two-Party Computation (Full Version), USENIX Security'21
- SynCirc: Efficient Synthesis of Depth-Optimized Circuits for Secure Computation, HOST'21
- MAGE: Nearly Zero-Cost Virtual Memory for Secure Computation, USENIX OSDI'21
- VASA : Vector AES Instructions for Security Applications, ACSAC'21
- ATLAS: Efficient and Scalable MPC in the Honest Majority Setting, CRYPTO'21
- The Cost of IEEE Arithmetic in Secure Computation, LatinCrypt'21
- Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority, CCS'22
- NFGen: Automatic Non-linear Function Evaluation Code Generator for General-purpose MPC Platforms, CCS'22
- PentaGOD: Stepping beyond Traditional GOD with Five Parties, CCS'22
- TurboPack: Honest Majority MPC with Constant Online Communication, CCS'22
- Selective MPC: Distributed Computation of Differentially Private Key-Value Statistics, CCS'22
- To Trust or Not to Trust: Hybrid Multi-party Computation with Trusted Execution Environment, NDSS'22
- Binary Search in Secure Computation, NDSS'22
- More Efficient Dishonest Majority Secure Computation over $\mathbb{Z}_{2^k}$ via Galois Rings, Crypto'22
- Sharing Transformation and Dishonest Majority MPC with Packed Secret Sharing, Crypto'22
- Le Mans: Dynamic and Fluid MPC for Dishonest Majority, Crypto'22
- Round-Optimal and Communication-Efficient Multiparty Computation, EUROCRYPT'22
- Practical Non-interactive Publicly Verifiable Secret Sharing with Thousands of Parties, EUROCRYPT'22
- Highly Efficient OT-Based Multiplication Protocols, EUROCRYPT'22
- Batch-OT with Optimal Rate, EUROCRYPT'22
- Round-Optimal Multi-Party Computation with Identifiable Abort, EUROCRYPT'22
- Secure Multiparty Computation with Free Branching, EUROCRYPT'22
- Secure Multiparty Computation with Sublinear Preprocessing, EUROCRYPT'22
- Attaining GOD Beyond Honest Majority With Friends and Foes, Asiacrypt'22
- Polymath: Low-Latency MPC via Secure Polynomial Evaluations and Its Applications, PoPETs'22
- Silph: A Framework for Scalable and Accurate Generation of Hybrid MPC Protocols, S&P'23
- Faster Secure Comparisons with Offline Phase for Efficient Private Set Intersection, NDSS'23
- FLUTE: Fast and Secure Lookup Table Evaluations, S&P'23
- Linear Communication in Malicious Majority MPC, CCS'23
- Grotto: Screaming fast (2+1)-PC or $\mathbb{Z}_{2^n}$ via (2,2)-DPFs, CCS'23
- COMBINE: COMpilation and Backend-INdependent vEctorization for Multi-Party Computation, CCS'23
- Don’t Eject the Impostor: Fast Three-Party Computation With a Known Cheater, IEEE S&P'24
- Scalable Mixed-Mode MPC, IEEE S&P'24
- Privacy-Preserving Deep Learning, CCS'15
- Prio: Private, Robust, and Scalable Computation of Aggregate Statistics, NSDI'17
- Practical Secure Aggregation for Privacy Preserving Machine Learning, CCS'17
- Privacy-Preserving Deep Learning via Additively Homomorphic Encryption, TIFS'17
- NIKE-based Fast Privacy-preserving High-dimensional Data Aggregation for Mobile Devices, CACR'18
- PrivFL: Practical Privacy-preserving Federated Regressions on High-dimensional Data over Mobile Networks, CCSW'19
- VerifyNet: Secure and verifiable federated learning, TIFS'19
- PrivColl: Practical Privacy-Preserving Collaborative Machine Learning
- NPMML: A Framework for Non-interactive Privacy-preserving Multi-party Machine Learning, TDSC'20
- SAFER: Sparse secure Aggregation for FEderated leaRning
- Secure Byzantine-Robust Machine Learning
- Secure Single-Server Aggregation with (Poly)Logarithmic Overhead, CCS'20
- Batchcrypt: Efficient homomorphic encryption for cross-silo federated learning, USENIX ATC'21
- FedSel: Federated SGD under Local Differential Privacy with Top-k Dimension Selection, DASFAA'20
- FLGUARD: Secure and Private Federated Learning, Cryptology Eprint'21
- Biscotti: A Blockchain System for Private and Secure Federated Learning, TPDS'21
- POSEIDON: Privacy-Preserving Federated Neural Network Learning, NDSS'21
- PPFL: Privacy-preserving Federated Learning with Trusted Execution Environments, MobiSys'21
- EIFFeL: Ensuring Integrity for Federated Learning, CCS'22
- Efficient Differentially Private Secure Aggregation for Federated Learning via Hardness of Learning with Errors, USENIX Security'22
- Prio+: Privacy Preserving Aggregate Statistics via Boolean Shares, SCN'22
- Local and Central Differential Privacy for Robustness and Privacy in Federated Learning, NDSS'22
- ELSA: Secure Aggregation for Federated Learning with Malicious Actors, S&P'23
- Flamingo: Multi-Round Single-Server Secure Aggregation with Applications to Private Federated Learning, SP'23
- RoFL: Robustness of Secure Federated Learning, SP'23
- Terngrad: Ternary gradients to reduce communication in distributed deep learning, NIPS'17
- The Convergence of Sparsified Gradient Methods, NIPS'18
- Machine Learning with Adversaries: Byzantine Tolerant Gradient Descent, NIPS'17
- Byzantine stochastic gradient descent, NIPS'18
- The Hidden Vulnerability of Distributed Learning in Byzantium, ICML'18
- Byzantine-Robust Distributed Learning: Towards Optimal Statistical Rates, ICML'18
- Local Model Poisoning Attacks to Byzantine-Robust Federated Learning, USENIX Security'20
- FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping, NDSS'21
- Manipulating the Byzantine: Optimizing Model Poisoning Attacks and Defenses for Federated Learning, NDSS'21
- Justinian’s GAAvernor: Robust Distributed Learning with Gradient Aggregation Agent, USENIX Security'20
- Byzantine-robust and privacy-preserving framework for FEDML, ICLR Workshop'21
- Learning from History for Byzantine Robust Optimization, ICML'21
- FLAME: Taming backdoors in federated learning, USENIX Security'22
- BayBFed: Bayesian Backdoor Defense for Federated Learning, SP'23
- Membership inference attacks against machine learning models, S&P'17
- Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning, S&P'19
- Data Poisoning Attacks Against Federated Learning Systems, ESORICS'20
- A Framework for Evaluating Client Privacy Leakages in Federated Learning, ESORICS'20
- A Critical Overview of Privacy in Machine Learning, IEEE Security & Privacy'21
- Enhanced Membership Inference Attacks against Machine Learning Models, CCS'22
- Cryptography and Machine Learning: Mixing both for private data analysis
- Building Safe A.I.: A Tutorial for Encrypted Deep Learning
- Awesome MPC: Curated List of resources for MPC
- 机器学习隐私保护
- TinyGarble: Logic Synthesis and Sequential Descriptions for Yao's Garbled Circuits
- SPDZ-2: Multiparty computation with SPDZ, MASCOT, and Overdrive offline phases
- ABY: A Framework for Efficient Mixed-Protocol Secure Two-Party Computation
- Obliv - C: C compiler for embedding privacy preserving protocols:
- TFHE: Fast Fully Homomorphic Encryption Library over the Torus
- SEAL: Simple Encypted Arithmatic Library
- PySEAL: Python interface to SEAL
- HElib: An Implementation of homomorphic encryption
- EzPC: programmable, efficient, and scalable secure two-party computation for machine learning
- CUDA-accelerated Fully Homomorphic Encryption Library
- CrypTen: A framework for Privacy Preserving Machine Learning
- tf-encrypted: A Framework for Machine Learning on Encrypted Data
- Sharemind
- PythonPaillier
- TenSEAL
- MP-SPDZ
- Securenn-public
- SecMML
- mnist-mpc
- Private-Set-Intersection
- falcon-public
- Rosetta
- Antchain-MPC
- Kunlun
- MOTION2NX
- SecureQ8
- mpc-benchmarks
- muse
- Primihub
- concrete
- SecretFlow