Skip to main content

TF-Shell: Privacy preserving machine learning with Tensorflow and the SHELL encryption library, built for python 3.10.

Project description

tf-shell

The tf-shell library supports privacy preserving machine learning with homomorphic encryption via the SHELL library and tensorflow.

This is not an officially supported Google product.

Getting Started

pip install tf-shell

See ./examples/ for how to use the library.

Background

Homomorphic encryption allows computation on encrypted data. For example, given two ciphertexts a and b representing the numbers 3 and 4, respectively, one can compute a ciphertext c representing the number 7 without decrypting a or b. This is useful for privacy preserving machine learning because it allows training a model on encrypted data.

The SHELL encryption library supports homomorphic encryption with respect to addition and multiplication. This means that one can compute the sum of two ciphertexts or the product of two ciphertexts without decrypting them. SHELL does not support fully homomorphic encryption, meaning computing functions of ciphertexts with arbitrary depth. That said, because machine learning models are of bounded depth, the performance benefits of leveled schemes (without bootstrapping, e.g. SHELL) outweight limitations in circuit depth.

Design

This library has two modules, tf_shell which supports Tensorflow Tensors containing ciphertexts with homomorphic properties, and tf_shell_ml some (very) simple machine learning tools supporting privacy preserving training.

tf-shell is designed for Label-DP SGD where training data is vertically partitioned, e.g. one party holds features while another party holds labels. The party who holds the features would like to train a model without learning the labels. The resultant trained model is differentially private with respect to the labels.

Building

Build From Source

  1. Install bazel and python3 or use the devcontainer.

  2. Run the tests.

    bazel test //tf_shell/...
    bazel test //tf_shell_ml/...  # Large tests, requires 128GB of memory.
    
  3. Build the code.

    bazel build //:wheel
    bazel run //:wheel_rename
    
  4. (Optional) Install the wheel, e.g. to try out the ./examples/. You may first need to copy the wheel out of the devcontainer's filesystem.

    cp -f bazel-bin/*.whl ./  # Run in devcontainer if using.
    

    Then install.

    pip install --force-reinstall tf_shell-*.whl  # Run in target environment.
    

Note the cpython api is not compatible across minor python versions (e.g. 3.10, 3.11) so the wheel must be rebuilt for each python version.

Code Formatters and Counters

bazel run //:bazel_formatter
bazel run //:python_formatter
bazel run //:clang_formatter
cloc ./ --fullpath --not-match-d='/(bazel-.*|.*\.venv)/'

Update Python Dependencies

Update requirements.in and run the following to update the requirements files for each python version.

for ver in 3_9 3_10 3_11 3_12; do
  rm requirements_${ver}.txt
  touch requirements_${ver}.txt
  bazel run //:requirements_${ver}.update
done

bazel clean --expunge

If updating the tensorflow dependency, other dependencies may also need to change, e.g. abseil (see MODULE.bazel). This issue usually manifests as a missing symbols error in the tests when trying to import the tensorflow DSO. In this case, c++filt will help to decode the mangled symbol name and nm --defined-only .../libtensorflow_framework.so | grep ... may help find what the symbol changed to, and which dependency is causing the error.

Contributing

See CONTRIBUTING.md for details.

License

Apache 2.0; see LICENSE for details.

Disclaimer

This project is not an official Google project. It is not supported by Google and Google specifically disclaims all warranties as to its quality, merchantability, or fitness for a particular purpose.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distributions

No source distribution files available for this release.See tutorial on generating distribution archives.

Built Distributions

tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl (2.0 MB view details)

Uploaded CPython 3.11 manylinux: glibc 2.35+ x86-64

tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl (2.0 MB view details)

Uploaded CPython 3.10 manylinux: glibc 2.35+ x86-64

tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl (2.0 MB view details)

Uploaded CPython 3.9 manylinux: glibc 2.35+ x86-64

File details

Details for the file tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 a25adce8d3f69ed3b0ed745728b1267ad144090b9aa9536b4cc4bb454240750c
MD5 97035cdfa5050c1056b6c4216656058e
BLAKE2b-256 cdc94f08b8d20e22c6df6cfdf5ad2fe4d106c29f1fceaccb0c20dffcef2181d1

See more details on using hashes here.

Provenance

The following attestation bundles were made for tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl:

Publisher: wheel.yaml on google/tf-shell

Attestations:

File details

Details for the file tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 d35f8d8364966d5709b643d9e3bd8542e79a973075487f41e77a31dcbc4862e8
MD5 f05b08a3ac189cfb3970b7b861ec8794
BLAKE2b-256 6101d16492861f49b511e6917422b6c0902a37be95fc2273057058e38a23bc76

See more details on using hashes here.

Provenance

The following attestation bundles were made for tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl:

Publisher: wheel.yaml on google/tf-shell

Attestations:

File details

Details for the file tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl.

File metadata

File hashes

Hashes for tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl
Algorithm Hash digest
SHA256 aa08c650bc298d6155dee552e640a5133c7b9bd85d66bde40ff0fd7077370fdc
MD5 17aa474c72204945fdd2f45dd6ddb1b6
BLAKE2b-256 57850023543d543d0449599977c7c206662922ac20f58cd7c820c4dc1a3af702

See more details on using hashes here.

Provenance

The following attestation bundles were made for tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl:

Publisher: wheel.yaml on google/tf-shell

Attestations:

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page