TF-Shell: Privacy preserving machine learning with Tensorflow and the SHELL encryption library, built for python 3.10.
Project description
tf-shell
The tf-shell
library supports privacy preserving machine learning with
homomorphic encryption via the
SHELL library and tensorflow.
This is not an officially supported Google product.
Getting Started
pip install tf-shell
See ./examples/
for how to use the library.
Background
Homomorphic encryption allows computation on encrypted data. For example, given
two ciphertexts a
and b
representing the numbers 3
and 4
, respectively,
one can compute a ciphertext c
representing the number 7
without decrypting
a
or b
. This is useful for privacy preserving machine learning because it
allows training a model on encrypted data.
The SHELL encryption library supports homomorphic encryption with respect to addition and multiplication. This means that one can compute the sum of two ciphertexts or the product of two ciphertexts without decrypting them. SHELL does not support fully homomorphic encryption, meaning computing functions of ciphertexts with arbitrary depth. That said, because machine learning models are of bounded depth, the performance benefits of leveled schemes (without bootstrapping, e.g. SHELL) outweight limitations in circuit depth.
Design
This library has two modules, tf_shell
which supports Tensorflow Tensors
containing ciphertexts with homomorphic properties, and tf_shell_ml
some (very)
simple machine learning tools supporting privacy preserving training.
tf-shell
is designed for Label-DP SGD where training data is vertically
partitioned, e.g. one party holds features while another party holds labels. The
party who holds the features would like to train a model without learning the
labels. The resultant trained model is differentially private with respect to
the labels.
Building
Build From Source
-
Install bazel and python3 or use the devcontainer.
-
Run the tests.
bazel test //tf_shell/... bazel test //tf_shell_ml/... # Large tests, requires 128GB of memory.
-
Build the code.
bazel build //:wheel bazel run //:wheel_rename
-
(Optional) Install the wheel, e.g. to try out the
./examples/
. You may first need to copy the wheel out of the devcontainer's filesystem.cp -f bazel-bin/*.whl ./ # Run in devcontainer if using.
Then install.
pip install --force-reinstall tf_shell-*.whl # Run in target environment.
Note the cpython api is not compatible across minor python versions (e.g. 3.10, 3.11) so the wheel must be rebuilt for each python version.
Code Formatters and Counters
bazel run //:bazel_formatter
bazel run //:python_formatter
bazel run //:clang_formatter
cloc ./ --fullpath --not-match-d='/(bazel-.*|.*\.venv)/'
Update Python Dependencies
Update requirements.in and run the following to update the requirements files for each python version.
for ver in 3_9 3_10 3_11 3_12; do
rm requirements_${ver}.txt
touch requirements_${ver}.txt
bazel run //:requirements_${ver}.update
done
bazel clean --expunge
If updating the tensorflow dependency, other dependencies may also need to
change, e.g. abseil (see MODULE.bazel
). This issue usually manifests as a
missing symbols error in the tests when trying to import the tensorflow DSO. In
this case, c++filt
will help to decode the mangled symbol name and nm --defined-only .../libtensorflow_framework.so | grep ...
may help find what the
symbol changed to, and which dependency is causing the error.
Contributing
See CONTRIBUTING.md
for details.
License
Apache 2.0; see LICENSE
for details.
Disclaimer
This project is not an official Google project. It is not supported by Google and Google specifically disclaims all warranties as to its quality, merchantability, or fitness for a particular purpose.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distributions
File details
Details for the file tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl
.
File metadata
- Download URL: tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl
- Upload date:
- Size: 2.0 MB
- Tags: CPython 3.11, manylinux: glibc 2.35+ x86-64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | a25adce8d3f69ed3b0ed745728b1267ad144090b9aa9536b4cc4bb454240750c |
|
MD5 | 97035cdfa5050c1056b6c4216656058e |
|
BLAKE2b-256 | cdc94f08b8d20e22c6df6cfdf5ad2fe4d106c29f1fceaccb0c20dffcef2181d1 |
Provenance
The following attestation bundles were made for tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl
:
Publisher:
wheel.yaml
on google/tf-shell
-
Statement type:
https://in-toto.io/Statement/v1
- Predicate type:
https://docs.pypi.org/attestations/publish/v1
- Subject name:
tf_shell-0.1.13-cp311-cp311-manylinux_2_35_x86_64.whl
- Subject digest:
a25adce8d3f69ed3b0ed745728b1267ad144090b9aa9536b4cc4bb454240750c
- Sigstore transparency entry: 147909769
- Sigstore integration time:
- Predicate type:
File details
Details for the file tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl
.
File metadata
- Download URL: tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl
- Upload date:
- Size: 2.0 MB
- Tags: CPython 3.10, manylinux: glibc 2.35+ x86-64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | d35f8d8364966d5709b643d9e3bd8542e79a973075487f41e77a31dcbc4862e8 |
|
MD5 | f05b08a3ac189cfb3970b7b861ec8794 |
|
BLAKE2b-256 | 6101d16492861f49b511e6917422b6c0902a37be95fc2273057058e38a23bc76 |
Provenance
The following attestation bundles were made for tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl
:
Publisher:
wheel.yaml
on google/tf-shell
-
Statement type:
https://in-toto.io/Statement/v1
- Predicate type:
https://docs.pypi.org/attestations/publish/v1
- Subject name:
tf_shell-0.1.13-cp310-cp310-manylinux_2_35_x86_64.whl
- Subject digest:
d35f8d8364966d5709b643d9e3bd8542e79a973075487f41e77a31dcbc4862e8
- Sigstore transparency entry: 147909767
- Sigstore integration time:
- Predicate type:
File details
Details for the file tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl
.
File metadata
- Download URL: tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl
- Upload date:
- Size: 2.0 MB
- Tags: CPython 3.9, manylinux: glibc 2.35+ x86-64
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/5.1.1 CPython/3.12.7
File hashes
Algorithm | Hash digest | |
---|---|---|
SHA256 | aa08c650bc298d6155dee552e640a5133c7b9bd85d66bde40ff0fd7077370fdc |
|
MD5 | 17aa474c72204945fdd2f45dd6ddb1b6 |
|
BLAKE2b-256 | 57850023543d543d0449599977c7c206662922ac20f58cd7c820c4dc1a3af702 |
Provenance
The following attestation bundles were made for tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl
:
Publisher:
wheel.yaml
on google/tf-shell
-
Statement type:
https://in-toto.io/Statement/v1
- Predicate type:
https://docs.pypi.org/attestations/publish/v1
- Subject name:
tf_shell-0.1.13-cp39-cp39-manylinux_2_35_x86_64.whl
- Subject digest:
aa08c650bc298d6155dee552e640a5133c7b9bd85d66bde40ff0fd7077370fdc
- Sigstore transparency entry: 147909765
- Sigstore integration time:
- Predicate type: