CrypTen: secure machine learning in PyTorch.
Project description
CrypTen is a framework for Privacy Preserving Machine Learning built on PyTorch. Its goal is to make secure computing techniques accessible to Machine Learning practitioners. It currently implements Secure Multiparty Computation as its secure computing backend and offers three main benefits to ML researchers:
-
It is machine learning first. The framework presents the protocols via a
CrypTensor
object that looks and feels exactly like a PyTorchTensor
. This allows the user to use automatic differentiation and neural network modules akin to those in PyTorch. -
CrypTen is library-based. It implements a tensor library just as PyTorch does. This makes it easier for practitioners to debug, experiment on, and explore ML models.
-
The framework is built with real-world challenges in mind. CrypTen does not scale back or oversimplify the implementation of the secure protocols.
Here is a bit of CrypTen code that encrypts and decrypts tensors and adds them
import torch
import crypten
crypten.init()
x = torch.tensor([1.0, 2.0, 3.0])
x_enc = crypten.cryptensor(x) # encrypt
x_dec = x_enc.get_plain_text() # decrypt
y_enc = crypten.cryptensor([2.0, 3.0, 4.0])
sum_xy = x_enc + y_enc # add encrypted tensors
sum_xy_dec = sum_xy.get_plain_text() # decrypt sum
It is currently not production ready and its main use is as a research framework.
Installing CrypTen
CrypTen currently runs on Linux and Mac with Python 3.7. We also support computation on GPUs. Windows is not supported.
For Linux or Mac
pip install crypten
If you want to run the examples in the examples
directory, you should also do the following
pip install -r requirements.examples.txt
Examples
To run the examples in the examples
directory, you additionally need to clone the repo and
pip install -r requirements.examples.txt
We provide examples covering a range of models in the examples
directory
- The linear SVM example,
mpc_linear_svm
, generates random data and trains a SVM classifier on encrypted data. - The LeNet example,
mpc_cifar
, trains an adaptation of LeNet on CIFAR in cleartext and encrypts the model and data for inference. - The TFE benchmark example,
tfe_benchmarks
, trains three different network architectures on MNIST in cleartext, and encrypts the trained model and data for inference. - The bandits example,
bandits
, trains a contextual bandits model on encrypted data (MNIST). - The imagenet example,
mpc_imagenet
, performs inference on pretrained models fromtorchvision
.
For examples that train in cleartext, we also provide pre-trained models in
cleartext in the model
subdirectory of each example subdirectory.
You can check all example specific command line options by doing the following;
shown here for tfe_benchmarks
:
python examples/tfe_benchmarks/launcher.py --help
How CrypTen works
We have a set of tutorials in the tutorials
directory to show how
CrypTen works. These are presented as Jupyter notebooks so please install
the following in your conda environment
conda install ipython jupyter
pip install -r requirements.examples.txt
Introduction.ipynb
- an introduction to Secure Multiparty Compute; CrypTen's underlying secure computing protocol; use cases we are trying to solve and the threat model we assume.Tutorial_1_Basics_of_CrypTen_Tensors.ipynb
- introducesCrypTensor
, CrypTen's encrypted tensor object, and shows how to use it to do various operations on this object.Tutorial_2_Inside_CrypTensors.ipynb
– delves deeper intoCrypTensor
to show the inner workings; specifically howCrypTensor
usesMPCTensor
for its backend and the two different kind of sharings, arithmetic and binary, are used for two different kind of functions. It also shows CrypTen's MPI-inspired programming model.Tutorial_3_Introduction_to_Access_Control.ipynb
- shows how to train a linear model using CrypTen and shows various scenarios of data labeling, feature aggregation, dataset augmentation and model hiding where this is applicable.Tutorial_4_Classification_with_Encrypted_Neural_Networks.ipynb
– shows how CrypTen can load a pre-trained PyTorch model, encrypt it and then do inference on encrypted data.Tutorial_5_Under_the_hood_of_Encrypted_Networks.ipynb
- examines how CrypTen loads PyTorch models, how they are encrypted and how data moves through a multilayer network.Tutorial_6_CrypTen_on_AWS_instances.ipynb
- shows how to usescrips/aws_launcher.py
to launch our examples on AWS. It can also work with your code written in CrypTen.Tutorial_7_Training_an_Encrypted_Neural_Network.ipynb
- introduces the automatic differentiation functionality ofCrypTensor
. This functionality makes it easy to train neural networks in CrypTen.
Documentation and citing
CrypTen is documented here.
The protocols and design protocols implemented in CrypTen are described in this paper. If you want to cite CrypTen in your papers (much appreciated!), you can cite it as follows:
@inproceedings{crypten2020,
author={B. Knott and S. Venkataraman and A.Y. Hannun and S. Sengupta and M. Ibrahim and L.J.P. van der Maaten},
title={CrypTen: Secure Multi-Party Computation Meets Machine Learning},
booktitle={arXiv 2109.00984},
year={2021},
}
Join the CrypTen community
Please contact us to join the CrypTen community on Slack
See the CONTRIBUTING file for how to help out.
License
CrypTen is MIT licensed, as found in the LICENSE file.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file crypten-0.4.1.tar.gz
.
File metadata
- Download URL: crypten-0.4.1.tar.gz
- Upload date:
- Size: 215.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 8c106ecc1547f892b488c560a27acd6787e216cb77bf7659a3d4e8271a1d4fb7 |
|
MD5 | 638e1d7081a0ea5ee29a8f294df5a669 |
|
BLAKE2b-256 | 59e338d581fc9f73d583b1578d4db810091659d64ed3904035940d7bf54a6275 |
File details
Details for the file crypten-0.4.1-py3-none-any.whl
.
File metadata
- Download URL: crypten-0.4.1-py3-none-any.whl
- Upload date:
- Size: 259.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.2 CPython/3.10.8
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | 26e7f4b54997b3a78d10c8c0bcb604215eef6ad7830ddbfe93a14d80c9c1dd84 |
|
MD5 | eb8001a43abb5452691a2502639973a7 |
|
BLAKE2b-256 | 34185d8c375d558d8aa72bb147d9cc833abde8c316920c1c9c5e083a0f1c28b3 |