skip to main content
10.1145/3470496.3527392acmconferencesArticle/Chapter ViewAbstractPublication PagesiscaConference Proceedingsconference-collections
research-article

PPMLAC: high performance chipset architecture for secure multi-party computation

Published: 11 June 2022 Publication History

Abstract

Privacy issue is a main concern restricting data sharing and cross-organization collaborations. While Privacy-Preserving Machine Learning techniques such as Multi-Party Computations (MPC), Homomorphic Encryption, and Federated Learning are proposed to solve this problem, no solution exists with both strong security and high performance to run large-scale, complex machine learning models. This paper presents PPMLAC, a novel chipset architecture to accelerate MPC, which combines MPC's strong security and hardware's high performance, eliminates the communication bottleneck from MPC, and achieves several orders of magnitudes speed up over software-based MPC. It is carefully designed to only rely on a minimum set of simple hardware components in the trusted domain, thus is robust against side-channel attacks and malicious adversaries. Our FPGA prototype can run mainstream large-scale ML models like ResNet in near real-time under a practical network environment with non-negligible latency, which is impossible for existing MPC solutions.

References

[1]
ACM CCS. 2021. PRIVACY PRESERVING MACHINE LEARNING, an ACM CCS 2021 Workshop. https://ppml-workshop.github.io/
[2]
Mohammad Al-Rubaie and J. Morris Chang. 2019. Privacy-Preserving Machine Learning: Threats and Solutions. IEEE Security and Privacy 17, 2 (2019), 49--58.
[3]
Ittai Anati, Shay Gueron, Simon Johnson, and Vincent Scarlata. 2013. Innovative technology for CPU based attestation and sealing. In Proceedings of the 2nd international workshop on hardware and architectural support for security and privacy, Vol. 13. ACM New York, NY, USA, 7.
[4]
ARM. 2022. TrustZone. https://www.arm.com/technologies/trustzone-for-cortex-a. Accessed: 2022-04-10.
[5]
Yuyan Bao, Kirshanthan Sundararajah, Raghav Malik, Qianchuan Ye, Christopher Wagner, Fei Wang, Mohammad Hassan Ameri, Donghang Lu, Alexander Seto, Benjamin Delaware, Roopsha Samanta, Aniket Kate, Christina Garman, Jeremiah Blocki, Pierre-David Letourneau, Benoit Meister, Jonathan Springer, Tiark Rompf, and Milind Kulkarni. 2020. HACCLE: An Ecosystem for Building Secure Multi-Party Computations. CoRR abs/2009.01489 (2020). arXiv:2009.01489 https://arxiv.org/abs/2009.01489
[6]
Donald Beaver. 1992. Efficient Multiparty Protocols Using Circuit Randomization. In Advances in Cryptology --- CRYPTO '91, Joan Feigenbaum (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 420--432.
[7]
D. Beaver, S. Micali, and P. Rogaway. 1990. The Round Complexity of Secure Protocols. In Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing (Baltimore, Maryland, USA) (STOC '90). Association for Computing Machinery, New York, NY, USA, 503--513.
[8]
Rikke Bendlin, Ivan Damgård, Claudio Orlandi, and Sarah Zakarias. 2011. Semihomomorphic Encryption and Multiparty Computation. In Advances in Cryptology - EUROCRYPT 2011, Kenneth G. Paterson (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 169--188.
[9]
Dan Bogdanov, Sven Laur, and Jan Willemson. 2008. Sharemind: A Framework for Fast Privacy-Preserving Computations. In Computer Security - ESORICS 2008, Sushil Jajodia and Javier Lopez (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 192--206.
[10]
K. A. Bonawitz, Vladimir Ivanov, Ben Kreuter, Antonio Marcedone, H. Brendan McMahan, Sarvar Patel, Daniel Ramage, Aaron Segal, and Karn Seth. 2016. Practical Secure Aggregation for Federated Learning on User-Held Data. In NIPS Workshop on Private Multi-Party Machine Learning. https://arxiv.org/abs/1611.04482
[11]
Colin Boyd and Kai Gellert. 2019. A Modern View on Forward Security. Cryptology ePrint Archive, Report 2019/1362. https://ia.cr/2019/1362.
[12]
R. Brederlow, R. Prakash, C. Paulus, and R. Thewes. 2006. A low-power true random number generator using random telegraph noise of single oxide-traps. In 2006 IEEE International Solid State Circuits Conference - Digest of Technical Papers. 1666--1675.
[13]
Ernest F. Brickell. 1990. Some Ideal Secret Sharing Schemes. In Advances in Cryptology --- EUROCRYPT '89, Jean-Jacques Quisquater and Joos Vandewalle (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 468--475.
[14]
Claudio Canella, Daniel Genkin, Lukas Giner, Daniel Gruss, Moritz Lipp, Marina Minkin, Daniel Moghimi, Frank Piessens, Michael Schwarz, Berk Sunar, Jo Van Bulck, and Yuval Yarom. 2019. Fallout: Leaking Data on Meltdown-resistant CPUs. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM.
[15]
Octavian Catrina and Amitabh Saxena. 2010. Secure Computation with Fixed-Point Numbers. In Financial Cryptography and Data Security, Radu Sion (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 35--50.
[16]
J.M. Chang, D. Zhuang, and G.D. Samaraweera. 2022. Privacy-Preserving Machine Learning. Manning.
[17]
Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H. Lai. 2018. SgxPectre Attacks: Leaking Enclave Secrets via Speculative Execution. CoRR abs/1802.09085 (2018). arXiv:1802.09085 http://arxiv.org/abs/1802.09085
[18]
Hao Chen, Miran Kim, Ilya Razenshteyn, Dragos Rotaru, Yongsoo Song, and Sameer Wagh. 2020. Maliciously Secure Matrix Multiplication with Applications to Private Deep Learning. In Advances in Cryptology - ASIACRYPT 2020, Shiho Moriai and Huaxiong Wang (Eds.). Springer International Publishing, Cham, 31--59.
[19]
Martine de Cock, Rafael Dowsley, Anderson C.A. Nascimento, and Stacey C. Newman. 2015. Fast, Privacy Preserving Linear Regression over Distributed Datasets Based on Pre-Distributed Data. In Proceedings of the 8th ACM Workshop on Artificial Intelligence and Security (Denver, Colorado, USA) (AISec '15). Association for Computing Machinery, New York, NY, USA, 3--14.
[20]
Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. Cryptology ePrint Archive, Report 2016/086. https://eprint.iacr.org/2016/086.
[21]
Victor Costan, Ilia Lebedev, and Srinivas Devadas. 2016. Sanctum: Minimal Hardware Extensions for Strong Software Isolation. In Proceedings of the 25th USENIX Conference on Security Symposium (Austin, TX, USA) (SEC'16). USENIX Association, USA, 857--874.
[22]
Ronald Cramer, Ivan Damgård, and Yuval Ishai. 2005. Share Conversion, Pseudorandom Secret-Sharing and Applications to Secure Computation. In Theory of Cryptography, Joe Kilian (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 342--362.
[23]
Ronald Cramer, Ivan Damgård, and Ueli Maurer. 2000. General Secure Multiparty Computation from any Linear Secret-Sharing Scheme. In Advances in Cryptology --- EUROCRYPT 2000, Bart Preneel (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 316--334.
[24]
Morten Dahl, Jason Mancuso, Yann Dupis, Ben Decoste, Morgan Giraud, Ian Livingstone, Justin Patriquin, and Gavin Uhma. 2018. Private Machine Learning in TensorFlow using Secure Computation. arXiv:1810.08130 [cs.CR]
[25]
Ivan Damgård, Valerio Pastro, Nigel Smart, and Sarah Zakarias. 2012. Multiparty Computation from Somewhat Homomorphic Encryption. In Advances in Cryptology - CRYPTO 2012, Reihaneh Safavi-Naini and Ran Canetti (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 643--662.
[26]
Ivan Damgård, Marcel Keller, Enrique Larraia, Christian Miles, and Nigel P. Smart. 2012. Implementing AES via an Actively/Covertly Secure Dishonest-Majority MPC Protocol. In Proceedings of the 8th International Conference on Security and Cryptography for Networks (Amalfi, Italy) (SCN'12). Springer-Verlag, Berlin, Heidelberg, 241--263.
[27]
Daniel Demmler, Thomas Schneider, and Michael Zohner. 2014. Ad-Hoc Secure Two-Party Computation on Mobile Devices using Hardware Tokens. In 23rd USENIX Security Symposium (USENIX Security 14). USENIX Association, San Diego, CA, 893--908. https://www.usenix.org/conference/usenixsecurity14/technical-sessions/presentation/demmler
[28]
Daniel Demmler, Thomas Schneider, and Michael Zohner. 2015. ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation. In 22nd Annual Network and Distributed System Security Symposium, NDSS 2015, San Diego, California, USA, February 8--11, 2015. The Internet Society. https://www.ndss-symposium.org/ndss2015/aby-fframework-efficient-mixed-protocol-secure-two-party-computation
[29]
Jia Deng, Alex Berg, Sanjeev Satheesh, H Su, Aditya Khosla, and Li Fei-Fei. 2012. Imagenet large scale visual recognition competition 2012 (ILSVRC2012). See net.org/challenges/LSVRC 41 (2012).
[30]
Tamara Dugan and Xukai Zou. 2016. A Survey of Secure Multiparty Computation Protocols for Privacy Preserving Genetic Tests. In 2016 IEEE First International Conference on Connected Health: Applications, Systems and Engineering Technologies (CHASE). 173--182.
[31]
Erhu Feng, Xu Lu, Dong Du, Bicheng Yang, Xueqiang Jiang, Yubin Xia, Binyu Zang, and Haibo Chen. 2021. Scalable Memory Protection in the PENGLAI Enclave. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21). USENIX Association, 275--294. https://www.usenix.org/conference/osdi21/presentation/feng
[32]
Andrew Ferraiuolo, Andrew Baumann, Chris Hawblitzel, and Bryan Parno. 2017. Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software. In Proceedings of the 26th Symposium on Operating Systems Principles (Shanghai, China) (SOSP '17). Association for Computing Machinery, New York, NY, USA, 287--305.
[33]
Karine Gandolfi, Christophe Mourtel, and Francis Olivier. 2001. Electromagnetic Analysis: Concrete Results. In Cryptographic Hardware and Embedded Systems --- CHES 2001. Springer Berlin Heidelberg, Berlin, Heidelberg, 251--261.
[34]
Craig Gentry. 2009. A Fully Homomorphic Encryption Scheme. Ph. D. Dissertation. Stanford, CA, USA. Advisor(s) Boneh, Dan. AAI3382729.
[35]
O. Goldreich, S. Micali, and A. Wigderson. 1987. How to Play ANY Mental Game. In Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing (New York, New York, USA) (STOC '87). Association for Computing Machinery, New York, NY, USA, 218--229.
[36]
S. Dov Gordon, Jonathan Katz, Vladimir Kolesnikov, Fernando Krell, Tal Malkin, Mariana Raykova, and Yevgeniy Vahlis. 2012. Secure Two-Party Computation in Sublinear (Amortized) Time. In Proceedings of the 2012 ACM Conference on Computer and Communications Security (Raleigh, North Carolina, USA) (CCS '12). Association for Computing Machinery, New York, NY, USA, 513--524.
[37]
Marcella Hastings, Brett Hemenway, Daniel Noble, and Steve Zdancewic. 2019. SoK: General Purpose Compilers for Secure Multi-Party Computation. 2019 IEEE Symposium on Security and Privacy (SP) (2019), 1220--1237.
[38]
Carmit Hazay, Emmanuela Orsini, Peter Scholl, and Eduardo Soria-Vazquez. 2018. Concretely Efficient Large-Scale MPC with Active Security (or, TinyKeys for TinyOT). In Advances in Cryptology - ASIACRYPT 2018, Thomas Peyrin and Steven Galbraith (Eds.). Springer International Publishing, Cham, 86--117.
[39]
Carmit Hazay, Emmanuela Orsini, Peter Scholl, and Eduardo Soria-Vazquez. 2018. TinyKeys: A New Approach to Efficient Multi-Party Computation. In Advances in Cryptology - CRYPTO 2018, Hovav Shacham and Alexandra Boldyreva (Eds.). Springer International Publishing, Cham, 3--33.
[40]
Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. 2016. Deep Residual Learning for Image Recognition. In 2016 IEEE Conference on Computer Vision and Pattern Recognition (CVPR). 770--778.
[41]
Daniel E. Holcomb, Wayne P. Burleson, and Kevin Fu. 2009. Power-Up SRAM State as an Identifying Fingerprint and Source of True Random Numbers. IEEE Trans. Comput. 58, 9 (2009), 1198--1210.
[42]
Norman P. Jouppi, Cliff Young, Nishant Patil, David Patterson, Gaurav Agrawal, Raminder Bajwa, Sarah Bates, Suresh Bhatia, Nan Boden, Al Borchers, Rick Boyle, Pierre luc Cantin, Clifford Chao, Chris Clark, Jeremy Coriell, Mike Daley, Matt Dau, Jeffrey Dean, Ben Gelb, Tara Vazir Ghaemmaghami, Rajendra Gottipati, William Gulland, Robert Hagmann, C. Richard Ho, Doug Hogberg, John Hu, Robert Hundt, Dan Hurt, Julian Ibarz, Aaron Jaffey, Alek Jaworski, Alexander Kaplan, Harshit Khaitan, Daniel Killebrew, Andy Koch, Naveen Kumar, Steve Lacy, James Laudon, James Law, Diemthu Le, Chris Leary, Zhuyuan Liu, Kyle Lucke, Alan Lundin, Gordon MacKean, Adriana Maggiore, Maire Mahony, Kieran Miller, Rahul Nagarajan, Ravi Narayanaswami, Ray Ni, Kathy Nix, Thomas Norrie, Mark Omernick, Narayana Penukonda, Andy Phelps, Jonathan Ross, Matt Ross, Amir Salek, Emad Samadiani, Chris Severn, Gregory Sizikov, Matthew Snelham, Jed Souter, Dan Steinberg, Andy Swing, Mercedes Tan, Gregory Thorson, Bo Tian, Horia Toma, Erick Tuttle, Vijay Vasudevan, Richard Walter, Walter Wang, Eric Wilcox, and Doe Hyun Yoon. 2017. In-Datacenter Performance Analysis of a Tensor Processing Unit. In 44th International Symposium on Computer Architecture (ISCA). 1--12.
[43]
Marcel Keller. 2020. MP-SPDZ: A Versatile Framework for Multi-Party Computation. In Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security (Virtual Event, USA) (CCS '20). Association for Computing Machinery, New York, NY, USA, 1575--1590.
[44]
Marcel Keller, Emmanuela Orsini, and Peter Scholl. 2016. MASCOT: Faster Malicious Arithmetic Secure Computation with Oblivious Transfer. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (Vienna, Austria) (CCS '16). Association for Computing Machinery, New York, NY, USA, 830--842.
[45]
Marcel Keller, Peter Scholl, and Nigel P. Smart. 2013. An Architecture for Practical Actively Secure MPC with Dishonest Majority. In Proceedings of the 2013 ACM SIGSAC Conference on Computer Communications Security (Berlin, Germany) (CCS '13). Association for Computing Machinery, New York, NY, USA, 549--560.
[46]
Brian Knott, Shobha Venkataraman, Awni Hannun, Shubho Sengupta, Mark Ibrahim, and Laurens van der Maaten. 2021. CrypTen: Secure Multi-Party Computation Meets Machine Learning. arXiv:2109.00984 [cs.LG]
[47]
Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In 40th IEEE Symposium on Security and Privacy (S&P'19).
[48]
Nishant Kumar, Mayank Rathee, Nishanth Chandran, Divya Gupta, Aseem Rastogi, and Rahul Sharma. 2020. CrypTFlow: Secure TensorFlow Inference. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18--21, 2020. IEEE, 336--353.
[49]
Andrei Lapets, Nikolaj Volgushev, Azer Bestavros, Frederick Jansen, and Mayank Varia. 2016. Secure multi-party computation for analytics deployed as a light-weight web application. https://open.bu.edu/handle/2144/21786
[50]
Dayeol Lee, David Kohlbrenner, Shweta Shinde, Krste Asanović, and Dawn Song. 2020. Keystone: An Open Framework for Architecting Trusted Execution Environments. In Proceedings of the Fifteenth European Conference on Computer Systems (Heraklion, Greece) (EuroSys '20). Association for Computing Machinery, New York, NY, USA, Article 38, 16 pages.
[51]
Mengyuan Li, Yinqian Zhang, Huibo Wang, Kang Li, and Yueqiang Cheng. 2021. CIPHERLEAKS: Breaking Constant-time Cryptography on AMD SEV via the Ciphertext Side Channel. In 30th USENIX Security Symposium (USENIX Security 21). USENIX Association, 717--732. https://www.usenix.org/conference/usenixsecurity21/presentation/li-mengyuan
[52]
Xun Li, Mohit Tiwari, Jason K. Oberg, Vineeth Kashyap, Frederic T. Chong, Timothy Sherwood, and Ben Hardekopf. 2011. Caisson: A Hardware Description Language for Secure Information Flow. In Proceedings of the 32nd ACM SIGPLAN Conference on Programming Language Design and Implementation (San Jose, California, USA) (PLDI '11). Association for Computing Machinery, New York, NY, USA, 109--120.
[53]
Yi Li and Wei Xu. 2019. PrivPy: General and Scalable Privacy-Preserving Data Mining. In Proceedings of the 25th ACM SIGKDD International Conference on Knowledge Discovery Data Mining (Anchorage, AK, USA) (KDD '19). Association for Computing Machinery, New York, NY, USA, 1299--1307.
[54]
Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In 27th USENIX Security Symposium (USENIX Security 18).
[55]
Chang Liu, Xiao Shaun Wang, Kartik Nayak, Yan Huang, and Elaine Shi. 2015. ObliVM: A Programming Framework for Secure Computation. In 2015 IEEE Symposium on Security and Privacy. 359--376.
[56]
Ziyao Liu, Ivan Tjuawinata, Chaoping Xing, and Kwok-Yan Lam. 2020. MPC-enabled Privacy-Preserving Neural Network Training against Malicious Attack. CoRR abs/2007.12557 (2020). arXiv:2007.12557 https://arxiv.org/abs/2007.12557
[57]
Lingjuan Lyu, Han Yu, Xingjun Ma, Lichao Sun, Jun Zhao, Qiang Yang, and Philip S. Yu. 2020. Privacy and Robustness in Federated Learning: Attacks and Defenses. CoRR abs/2012.06337 (2020). arXiv:2012.06337 https://arxiv.org/abs/2012.06337
[58]
Sanu K. Mathew, Suresh Srinivasan, Mark A. Anders, Himanshu Kaul, Steven K. Hsu, Farhana Sheikh, Amit Agarwal, Sudhir Satpathy, and Ram K. Krishnamurthy. 2012. 2.4 Gbps, 7 mW All-Digital PVT-Variation Tolerant True Random Number Generator for 45 nm CMOS High-Performance Microprocessors. IEEE Journal of Solid-State Circuits 47, 11 (2012), 2807--2821.
[59]
Microsoft. 2021. Azure network round-trip latency statistics. https://docs.microsoft.com/en-us/azure/networking/azure-network-latency.
[60]
Payman Mohassel and Peter Rindal. 2018. ABY3: A Mixed Protocol Framework for Machine Learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (Toronto, Canada) (CCS '18). Association for Computing Machinery, New York, NY, USA, 35--52.
[61]
Payman Mohassel and Yupeng Zhang. 2017. SecureML: A System for Scalable Privacy-Preserving Machine Learning. In 2017 IEEE Symposium on Security and Privacy (SP). 19--38.
[62]
Jesper Buus Nielsen, Peter Sebastian Nordholt, Claudio Orlandi, and Sai Sheshank Burra. 2012. A New Approach to Practical Active-Secure Two-Party Computation. In Advances in Cryptology - CRYPTO 2012, Reihaneh Safavi-Naini and Ran Canetti (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 681--700.
[63]
NVIDIA. 2022. CUDAGPUs. https://developer.nvidia.com/cuda-gpus. Accessed: 2022-04-10.
[64]
Adam Paszke, Sam Gross, Francisco Massa, Adam Lerer, James Bradbury, Gregory Chanan, Trevor Killeen, Zeming Lin, Natalia Gimelshein, Luca Antiga, Alban Desmaison, Andreas Kopf, Edward Yang, Zachary DeVito, Martin Raison, Alykhan Tejani, Sasank Chilamkurthy, Benoit Steiner, Lu Fang, Junjie Bai, and Soumith Chintala. 2019. PyTorch: An Imperative Style, High-Performance Deep Learning Library. In Advances in Neural Information Processing Systems, H. Wallach, H. Larochelle, A. Beygelzimer, F. d'Alché-Buc, E. Fox, and R. Garnett (Eds.), Vol. 32. Curran Associates, Inc. https://proceedings.neurips.cc/paper/2019/file/bdbca288fee7f92f2bfa9f7012727740-Paper.pdf
[65]
Hany Ragab, Alyssa Milburn, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2021. CrossTalk: Speculative Data Leaks Across Cores Are Real. In 2021 IEEE Symposium on Security and Privacy (SP). 1852--1867.
[66]
M. Sadegh Riazi, Kim Laine, Blake Pelton, and Wei Dai. 2020. HEAX: An Architecture for Computing on Encrypted Data. In Proceedings of the Twenty-Fifth International Conference on Architectural Support for Programming Languages and Operating Systems (Lausanne, Switzerland) (ASPLOS '20). Association for Computing Machinery, New York, NY, USA, 1295--1309.
[67]
M. Sadegh Riazi, Christian Weinert, Oleksandr Tkachenko, Ebrahim M. Songhori, Thomas Schneider, and Farinaz Koushanfar. 2018. Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security (Incheon, Republic of Korea) (ASIACCS '18). Association for Computing Machinery, New York, NY, USA, 707--721.
[68]
Victor Ruehle, Robert Sim, Sergey Yekhanin, Nishanth Chandran, Melissa Chase, Daniel Jones, Kim Laine, Boris Köpf, Jaime Teevan, Jim Kleewein, and Saravan Rajmohan. 2021. Privacy Preserving Machine Learning: Maintaining confidentiality and preserving trust. https://www.microsoft.com/en-us/research/blog/privacy-preserving-machine-learning-maintaining-confidentiality-and-preserving-trust/
[69]
Nikola Samardzic, Axel Feldmann, Aleksandar Krastev, Srinivas Devadas, Ronald Dreslinski, Christopher Peikert, and Daniel Sanchez. 2021. F1: A Fast and Programmable Accelerator for Fully Homomorphic Encryption. In MICRO-54: 54th Annual IEEE/ACM International Symposium on Microarchitecture (Virtual Event, Greece) (MICRO '21). Association for Computing Machinery, New York, NY, USA, 238--252.
[70]
F. Schellenberg, D. R. E. Gnad, A. Moradi, and M. B. Tahoori. 2018. An inside job: Remote power analysis attacks on FPGAs. In 2018 Design, Automation Test in Europe Conference Exhibition (DATE). 1111--1116.
[71]
Michael Schwarz, Moritz Lipp, Daniel Moghimi, Jo Van Bulck, Julian Stecklina, Thomas Prescher, and Daniel Gruss. 2019. ZombieLoad: Cross-Privilege-Boundary Data Sampling. In CCS.
[72]
Claude E Shannon. 1949. Communication theory of secrecy systems. The Bell system technical journal 28, 4 (1949), 656--715.
[73]
Elaine Shi, T.-H. Hubert Chan, Emil Stefanov, and Mingfei Li. 2011. Oblivious RAM with O((Logn)3) Worst-Case Cost. In Proceedings of the 17th International Conference on The Theory and Application of Cryptology and Information Security (Seoul, South Korea) (ASIACRYPT'11). Springer-Verlag, Berlin, Heidelberg, 197--214.
[74]
Sujoy Sinha Roy, Furkan Turan, Kimmo Jarvinen, Frederik Vercauteren, and Ingrid Verbauwhede. 2019. FPGA-Based High-Performance Parallel Architecture for Homomorphic Computing on Encrypted Data. In 2019 IEEE International Symposium on High Performance Computer Architecture (HPCA). 387--398.
[75]
Dimitrios Skarlatos, Mengjia Yan, Bhargava Gopireddy, Read Sprabery, Josep Torrellas, and Christopher W. Fletcher. 2019. MicroScope: Enabling Microarchitectural Replay Attacks. In Proceedings of the 46th International Symposium on Computer Architecture (Phoenix, Arizona) (ISCA '19). Association for Computing Machinery, New York, NY, USA, 318--331.
[76]
Sijun Tan, Brian Knott, Yuan Tian, and David J. Wu. 2021. CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU. In 42nd IEEE Symposium on Security and Privacy, SP 2021, San Francisco, CA, USA, 24--27 May 2021. IEEE, 1021--1038.
[77]
Andrew S Tanenbaum. 1989. Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway. In Computer Networks. Prentice-Hall, New Jersey, USA, 51.
[78]
Mohit Tiwari, Jason K. Oberg, Xun Li, Jonathan Valamehr, Timothy Levin, Ben Hardekopf, Ryan Kastner, Frederic T. Chong, and Timothy Sherwood. 2011. Crafting a Usable Microkernel, Processor, and I/O System with Strict and Provable Information Flow Security. In Proceedings of the 38th Annual International Symposium on Computer Architecture (San Jose, California, USA) (ISCA '11). Association for Computing Machinery, New York, NY, USA, 189--200.
[79]
Carlos Tokunaga, David Blaauw, and Trevor Mudge. 2008. True Random Number Generator With a Metastability-Based Quality Control. IEEE Journal of Solid-State Circuits 43, 1 (2008), 78--85.
[80]
Klaus v. Gleissenthall, Rami Gökhan Kici, Deian Stefan, and Ranjit Jhala. 2019. IODINE: Verifying Constant-Time Execution of Hardware. In 28th USENIX Security Symposium (USENIX Security 19). USENIX Association, Santa Clara, CA, 1411--1428. https://www.usenix.org/conference/usenixsecurity19/presentation/vongleissenthall
[81]
Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In Proceedings of the 27th USENIX Security Symposium. USENIX Association.
[82]
Jo Van Bulck, Daniel Moghimi, Michael Schwarz, Moritz Lipp, Marina Minkin, Daniel Genkin, Yarom Yuval, Berk Sunar, Daniel Gruss, and Frank Piessens. 2020. LVI: Hijacking Transient Execution through Microarchitectural Load Value Injection. In 41th IEEE Symposium on Security and Privacy (S&P'20).
[83]
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2019. RIDL: Rogue In-flight Data Load. In S&P.
[84]
Sameer Wagh, Divya Gupta, and Nishanth Chandran. 2018. SecureNN: Efficient and Private Neural Network Training. Cryptology ePrint Archive, Report 2018/442. https://ia.cr/2018/442.
[85]
Andrew C. Yao. 1982. Protocols for secure computations. In 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982). 160--164.
[86]
Xuefei Yin, Yanming Zhu, and Jiankun Hu. 2021. A Comprehensive Survey of Privacy-Preserving Federated Learning: A Taxonomy, Review, and Future Directions. ACM Comput. Surv. 54, 6, Article 131 (jul 2021), 36 pages.
[87]
Tjalling J. Ypma. 1995. Historical Development of the Newton-Raphson Method. SIAM Rev. 37, 4 (1995), 531--551. http://www.jstor.org/stable/2132904
[88]
Samee Zahur and David Evans. 2015. Obliv-C: A Language for Extensible Data-Oblivious Computation. IACR Cryptol. ePrint Arch. 2015 (2015), 1153.
[89]
Danfeng Zhang, Yao Wang, G. Edward Suh, and Andrew C. Myers. 2015. A Hardware Design Language for Timing-Sensitive Information-Flow Security. In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems (Istanbul, Turkey) (ASPLOS '15). Association for Computing Machinery, New York, NY, USA, 503--516.
[90]
Yihua Zhang, Aaron Steele, and Marina Blanton. 2013. PICCO: A General-Purpose Compiler for Private Distributed Computation. In Proceedings of the 2013 ACM SIGSAC Conference on Computer Communications Security (Berlin, Germany) (CCS '13). Association for Computing Machinery, New York, NY, USA, 813--826.
[91]
M. Zhao and G. E. Suh. 2018. FPGA-Based Remote Power Side-Channel Attacks. In 2018 IEEE Symposium on Security and Privacy (SP). 229--244.
[92]
Shijun Zhao, Qianying Zhang, Guangyao Hu, Yu Qin, and Dengguo Feng. 2014. Providing Root of Trust for ARM TrustZone Using On-Chip SRAM. In Proceedings of the 4th International Workshop on Trustworthy Embedded Devices (Scottsdale, Arizona, USA) (TrustED '14). Association for Computing Machinery, New York, NY, USA, 25--36.

Cited By

View all
  • (2025)Blockchain-Assisted Self-Sovereign Identities on Education: A SurveyBlockchains10.3390/blockchains30100033:1(3)Online publication date: 11-Feb-2025
  • (2024)MPC-PAT: A Pipeline Architecture for Beaver Triple Generation in Secure Multi-party Computation2024 IEEE International Test Conference in Asia (ITC-Asia)10.1109/ITC-Asia62534.2024.10661309(1-6)Online publication date: 18-Aug-2024
  • (2024)Secure computation protocol of Chebyshev distance under the malicious modelScientific Reports10.1038/s41598-024-67907-914:1Online publication date: 24-Jul-2024
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
ISCA '22: Proceedings of the 49th Annual International Symposium on Computer Architecture
June 2022
1097 pages
ISBN:9781450386104
DOI:10.1145/3470496
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

In-Cooperation

  • IEEE CS TCAA: IEEE CS technical committee on architectural acoustics

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 11 June 2022

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. MPC
  2. hardware accelerator
  3. privacy
  4. privacy-preserving machine learning
  5. secret sharing
  6. security
  7. side-channel protection

Qualifiers

  • Research-article

Funding Sources

  • National Natural Science Foundation of China

Conference

ISCA '22
Sponsor:

Acceptance Rates

ISCA '22 Paper Acceptance Rate 67 of 400 submissions, 17%;
Overall Acceptance Rate 543 of 3,203 submissions, 17%

Upcoming Conference

ISCA '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)237
  • Downloads (Last 6 weeks)16
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2025)Blockchain-Assisted Self-Sovereign Identities on Education: A SurveyBlockchains10.3390/blockchains30100033:1(3)Online publication date: 11-Feb-2025
  • (2024)MPC-PAT: A Pipeline Architecture for Beaver Triple Generation in Secure Multi-party Computation2024 IEEE International Test Conference in Asia (ITC-Asia)10.1109/ITC-Asia62534.2024.10661309(1-6)Online publication date: 18-Aug-2024
  • (2024)Secure computation protocol of Chebyshev distance under the malicious modelScientific Reports10.1038/s41598-024-67907-914:1Online publication date: 24-Jul-2024
  • (2024)DReP: Deep ReLU pruning for fast private inferenceJournal of Systems Architecture10.1016/j.sysarc.2024.103156152(103156)Online publication date: Jul-2024
  • (2024)Privacy preservation in Artificial Intelligence and Extended Reality (AI-XR) metaverses: A surveyJournal of Network and Computer Applications10.1016/j.jnca.2024.103989231(103989)Online publication date: Nov-2024
  • (2024)Defensive strategies against PCC attacks based on ideal (t,n)-secret sharing schemeJournal of King Saud University - Computer and Information Sciences10.1016/j.jksuci.2023.10178435:9Online publication date: 1-Feb-2024
  • (2024)Trustworthiness, Privacy, and Security in Federated LearningHandbook of Trustworthy Federated Learning10.1007/978-3-031-58923-2_1(3-38)Online publication date: 10-May-2024
  • (2023)Decentralized Graph Neural Network for Privacy-Preserving RecommendationProceedings of the 32nd ACM International Conference on Information and Knowledge Management10.1145/3583780.3614834(3494-3504)Online publication date: 21-Oct-2023
  • (2023)Poster: Towards Lightweight TEE-Assisted MPCProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3624398(3609-3611)Online publication date: 15-Nov-2023
  • (2023)Attacks Against Cross-Chain Systems and Defense Approaches: A Contemporary SurveyIEEE/CAA Journal of Automatica Sinica10.1109/JAS.2023.12364210:8(1647-1667)Online publication date: Aug-2023
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media