EzPC provides a comprehensive framework for secure machine learning, enabling efficient and scalable two-party computation (2PC) for deep neural networks. It targets researchers and practitioners in privacy-preserving AI, offering tools to perform inference and training on sensitive data without revealing it. The system integrates multiple components for end-to-end secure computation, including a domain-specific language (EzPC), compilers, and specialized libraries for various cryptographic protocols.

How It Works

EzPC leverages a combination of semi-honest and malicious security protocols, with a focus on optimizing performance for deep learning workloads. Key components like SCI (Secure Computation Infrastructure) provide efficient fixed-point and floating-point arithmetic for neural network operations. GPU-MPC accelerates protocols using specialized hardware, while Athos acts as a compiler from TensorFlow to MPC protocols. This layered approach allows for flexibility in choosing security guarantees and performance trade-offs, enabling practical secure inference on large datasets like ImageNet.

Quick Start & Requirements

• Install and build all components with bash ./setup_env_and_build.sh quick.
• Requires Python and a virtual environment (mpc_venv).
• GPU acceleration is supported for specific components (e.g., Orca, Sigma).
• Docker images are available via docker pull ezpc/ezpc:latest or can be built from Dockerfile_AI_Validation.
• Project webpage: https://aka.ms/ezpc
• For tutorials, refer to the blog post linked in the README.

Highlighted Details

• End-to-end secure inference for ResNet-50, DenseNet-121, and SqueezeNet on ImageNet.
• Supports both semi-honest and malicious security models.
• Includes specialized protocols for secure floating-point arithmetic and RNN inference.
• Offers a domain-specific language (EzPC) for programming secure ML computations.

Maintenance & Community

The project is associated with multiple academic publications, indicating active research and development. Issues and support requests should be directed to the GitHub issues page.

Licensing & Compatibility

The README does not explicitly state the license type. Compatibility for commercial use or closed-source linking is not specified.

Limitations & Caveats

The README directs users to individual component READMEs for specific setup instructions, suggesting potential complexity in integrating all parts. The primary focus appears to be on inference, with less emphasis on secure training, although Orca is mentioned for FSS-based secure training with GPUs.