CipherDM: Secure Three-Party Inference for Diffusion Model Sampling

arXiv - CS - Cryptography and Security Pub Date : 2024-09-09 DOI:arxiv-2409.05414

Xin Zhao, Xiaojun Chen, Xudong Chen, He Li, Tingyu Fan, Zhendong Zhao

{"title":"CipherDM: Secure Three-Party Inference for Diffusion Model Sampling","authors":"Xin Zhao, Xiaojun Chen, Xudong Chen, He Li, Tingyu Fan, Zhendong Zhao","doi":"arxiv-2409.05414","DOIUrl":null,"url":null,"abstract":"Diffusion Models (DMs) achieve state-of-the-art synthesis results in image\ngeneration and have been applied to various fields. However, DMs sometimes\nseriously violate user privacy during usage, making the protection of privacy\nan urgent issue. Using traditional privacy computing schemes like Secure\nMulti-Party Computation (MPC) directly in DMs faces significant computation and\ncommunication challenges. To address these issues, we propose CipherDM, the\nfirst novel, versatile and universal framework applying MPC technology to DMs\nfor secure sampling, which can be widely implemented on multiple DM based\ntasks. We thoroughly analyze sampling latency breakdown, find time-consuming\nparts and design corresponding secure MPC protocols for computing nonlinear\nactivations including SoftMax, SiLU and Mish. CipherDM is evaluated on popular\narchitectures (DDPM, DDIM) using MNIST dataset and on SD deployed by diffusers.\nCompared to direct implementation on SPU, our approach improves running time by\napproximately 1.084\\times \\sim 2.328\\times, and reduces communication costs by\napproximately 1.212\\times \\sim 1.791\\times.","PeriodicalId":501332,"journal":{"name":"arXiv - CS - Cryptography and Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2024-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"arXiv - CS - Cryptography and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/arxiv-2409.05414","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Diffusion Models (DMs) achieve state-of-the-art synthesis results in image generation and have been applied to various fields. However, DMs sometimes seriously violate user privacy during usage, making the protection of privacy an urgent issue. Using traditional privacy computing schemes like Secure Multi-Party Computation (MPC) directly in DMs faces significant computation and communication challenges. To address these issues, we propose CipherDM, the first novel, versatile and universal framework applying MPC technology to DMs for secure sampling, which can be widely implemented on multiple DM based tasks. We thoroughly analyze sampling latency breakdown, find time-consuming parts and design corresponding secure MPC protocols for computing nonlinear activations including SoftMax, SiLU and Mish. CipherDM is evaluated on popular architectures (DDPM, DDIM) using MNIST dataset and on SD deployed by diffusers. Compared to direct implementation on SPU, our approach improves running time by approximately 1.084\times \sim 2.328\times, and reduces communication costs by approximately 1.212\times \sim 1.791\times.

查看原文本刊更多论文

CipherDM：扩散模型采样的安全三方推论

扩散模型（Diffusion Models，DMs）在图像生成方面达到了最先进的合成效果，并已被应用于各个领域。然而，DM 有时会在使用过程中严重侵犯用户隐私，因此隐私保护成为一个亟待解决的问题。在 DM 中直接使用安全多方计算（MPC）等传统隐私计算方案面临着巨大的计算和通信挑战。为了解决这些问题，我们提出了 CipherDM，这是第一个将多方计算技术应用于 DMs 以实现安全采样的新颖、通用和普遍的框架，可以在多个基于 DM 的任务中广泛实施。我们深入分析了采样延迟分解，找到了耗时部分，并设计了相应的安全 MPC 协议，用于计算包括 SoftMax、SiLU 和 Mish 在内的非线性活动。与直接在SPU上实现相比，我们的方法将运行时间缩短了约1.084倍（sim 2.328倍），并将通信成本降低了约1.212倍（sim 1.791倍）。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

arXiv - CS - Cryptography and Security

自引率

0.00%

发文量