The High-Level Practical Overview of Open-Source Privacy-Preserving Machine Learning Solutions

Abstract

—This paper aims to provide a high-level overview of practical approaches to machine-learning respecting the privacy and confidentiality of customer information, which is called Privacy-Preserving Machine Learning . First, the security approaches in offline-learning privacy methods are assessed. Those focused on modern cryptographic methods, such as Homomor-phic Encryption and Secure Multi-Party Computation , as well as on dedicated combined hardware and software platforms like Trusted Execution Environment - Intel ® Software Guard Extensions (Intel ® SGX) . Combining the security approaches with different machine learning architectures leads to our Proof of Concept in which the accuracy and speed of the security solutions will be examined. The next step was exploring and comparing the Open-Source Python -based solutions for PPML . Four solutions were selected from almost 40 separate, state-of-the-art systems: SyMPC , TF-Encrypted , TenSEAL , and Gramine . Three different Neural Network architectures were designed to show different libraries’ capabilities. The POC solves the image classification problem based on the MNIST dataset. As the computational results show, the accuracy of all considered secure approaches is similar. The maximum difference between non-secure and secure flow does not exceed 1.2%. In terms of secure computations, the most effective Privacy-Preserving Machine Learning library is based on Trusted Execution Environment , followed by Secure Multi-Party Computation and Homomorphic Encryption . However, most of those are at least 1000 times slower than the non-secure evaluation. Unfortunately, it is not acceptable for a real-world scenario. Future work could combine different security approaches, explore other new and existing state-of-the-art libraries or implement support for hardware-accelerated secure computation.