SPU (Secure Processing Unit) provides a provable and measurable secure computation device for privacy-preserving machine learning. It acts as a programmable backend for frameworks like SecretFlow, evaluating XLA-like tensor operations using MPC for data protection.

How It Works

SPU utilizes a secure runtime that processes XLA-like tensor operations. The core evaluation engine employs Multi-Party Computation (MPC) to ensure data privacy during computation. This approach allows for secure computation while keeping sensitive information protected.

Quick Start & Requirements

• Installation: Follow the Installation Guidelines.
• Supported Platforms: Linux x86_64, Linux aarch64, macOS Apple Silicon, Windows WSL2 (x64). CPU support is available on Linux and macOS. NVIDIA GPU support is experimental on Linux x86_64 and Windows WSL2.
• Hardware Requirements: AVX2/ARMv8 for general features, AVX2/ARMv8 for FourQ based PSI, and CUDA 11.8+ for GPU acceleration.
• Note: The distributed module is not recommended for production use.

Highlighted Details

• Provable and measurable security guarantees.
• Evaluates XLA-like tensor operations using MPC.
• Cited in USENIX ATC'23 and ICML'24 for privacy-preserving machine learning research.
• Experimental NVIDIA GPU support available.

Maintenance & Community

• Contributions are welcomed via contribution guidelines.
• Research development guidelines are available from @fionser.
• Acknowledgements include Alibaba Gemini Lab and VUL337@NISL@THU.

Licensing & Compatibility

• The license is not explicitly stated in the README.

Limitations & Caveats

• The simple distributed module is not designed for production due to security and performance concerns.
• macOS x64 prebuilt binaries are no longer available due to CI resource limitations.
• NVIDIA GPU support is experimental.