TF Encrypted is a framework for privacy-preserving machine learning in TensorFlow, enabling training and prediction on encrypted data using secure multi-party computation and homomorphic encryption. It targets researchers and developers who want to leverage machine learning without exposing sensitive data, offering an API that closely resembles TensorFlow's ease of use.

How It Works

TF Encrypted leverages secure multi-party computation (MPC) and homomorphic encryption (HE) protocols to perform computations on encrypted data. It integrates with TensorFlow 2's eager execution and tf.function for graph building, allowing users to write privacy-preserving ML code with minimal cryptographic expertise. The framework partitions computations across multiple "players" (servers or clients), ensuring that no single party holds the plaintext data.

Quick Start & Requirements

• Install via pip: pip install tf-encrypted
• Requires Python 3.8+ and TensorFlow 2.9.1+.
• For development or specific platforms, installation from source is recommended: git clone https://github.com/tf-encrypted/tf-encrypted.git && cd tf-encrypted && pip install -e . && make build
• Official documentation: https://tf-encrypted.readthedocs.io/en/latest/
• Examples: https://github.com/tf-encrypted/tf-encrypted/tree/master/examples

Highlighted Details

• Supports TensorFlow 2's eager execution and tf.function for improved developer experience.
• Achieves competitive performance for secure inference on models like ResNet50, comparable to or faster than other secure ML frameworks.
• Provides benchmarks for secure sorting, max operations, and neural network training on MNIST, comparing performance across LAN and WAN environments.
• Offers a roadmap for higher-level APIs, tighter TensorFlow integration (TF Privacy, TF Federated), and support for third-party cryptographic libraries.

Maintenance & Community

• Developed as an open-source community project.
• Contact: contact@tf-encrypted.io
• Contribution guide available.

Licensing & Compatibility

• Licensed under Apache License, Version 2.0.
• Permissive license suitable for commercial use and integration with closed-source projects.

Limitations & Caveats

TF Encrypted is experimental software and not intended for production use. Elements of TensorFlow's networking subsystem may not be fully hardened against malicious users, requiring potential mitigation through proxies or access filtering.