Image
Abstract
WIP abstract: The recent revolution in advanced data analytics and machine learning have made it possible to extract unprecedented value from user data. However, this comes at the cost of user privacy in many application workflows. In this talk, I will discuss some ideas around building privacy-preserving inference systems via a co-design of systems and cryptography. In the first part of the talk, I will present Bolt (IEEE S&P 2024), a new system for privacy-preserving two-party inference for a large language model like BERT using secure multiparty computation (MPC). With our system, a user can safely outsource prediction to a third party without revealing their sensitive data and or learning about the third party’s proprietary model parameters. In the second part, I will talk about building systems that can enable the development of programmable privacy-preserving inference systems. In Rotom (USENIX Security 2026), we develop a compilation framework that autovectorizes tensor programs into optimized homomorphic encryption (HE) programs. Rotom systematically explores a wide range of layout assignments, applies state-of-the-art optimizations, and automatically generates an equivalent, efficient HE program.