CrypTen

A framework for Privacy Preserving Machine Learning

MIT License

Downloads
571
Stars
1.5K
Committers
35
View Code on GitHub
Ecosystems: Python

CrypTen is a framework for Privacy Preserving Machine Learning built on PyTorch. Its goal is to make secure computing techniques accessible to Machine Learning practitioners. It currently implements Secure Multiparty Computation as its secure computing backend and offers three main benefits to ML researchers:

  1. It is machine learning first. The framework presents the protocols via a CrypTensor object that looks and feels exactly like a PyTorch Tensor. This allows the user to use automatic differentiation and neural network modules akin to those in PyTorch.

  2. CrypTen is library-based. It implements a tensor library just as PyTorch does. This makes it easier for practitioners to debug, experiment on, and explore ML models.

  3. The framework is built with real-world challenges in mind. CrypTen does not scale back or oversimplify the implementation of the secure protocols.

Here is a bit of CrypTen code that encrypts and decrypts tensors and adds them

import torch
import crypten

crypten.init()

x = torch.tensor([1.0, 2.0, 3.0])
x_enc = crypten.cryptensor(x) # encrypt

x_dec = x_enc.get_plain_text() # decrypt

y_enc = crypten.cryptensor([2.0, 3.0, 4.0])
sum_xy = x_enc + y_enc # add encrypted tensors
sum_xy_dec = sum_xy.get_plain_text() # decrypt sum

It is currently not production ready and its main use is as a research framework.

Installing CrypTen

CrypTen currently runs on Linux and Mac with Python 3.7. We also support computation on GPUs. Windows is not supported.

For Linux or Mac

pip install crypten

If you want to run the examples in the examples directory, you should also do the following

pip install -r requirements.examples.txt

Examples

To run the examples in the examples directory, you additionally need to clone the repo and

pip install -r requirements.examples.txt

We provide examples covering a range of models in the examples directory

  1. The linear SVM example, mpc_linear_svm, generates random data and trains a
    SVM classifier on encrypted data.
  2. The LeNet example, mpc_cifar, trains an adaptation of LeNet on CIFAR in
    cleartext and encrypts the model and data for inference.
  3. The TFE benchmark example, tfe_benchmarks, trains three different network
    architectures on MNIST in cleartext, and encrypts the trained model and data
    for inference.
  4. The bandits example, bandits, trains a contextual bandits model on
    encrypted data (MNIST).
  5. The imagenet example, mpc_imagenet, performs inference on pretrained
    models from torchvision.

For examples that train in cleartext, we also provide pre-trained models in cleartext in the model subdirectory of each example subdirectory.

You can check all example specific command line options by doing the following; shown here for tfe_benchmarks:

python examples/tfe_benchmarks/launcher.py --help

How CrypTen works

We have a set of tutorials in the tutorials directory to show how CrypTen works. These are presented as Jupyter notebooks so please install the following in your conda environment

conda install ipython jupyter
pip install -r requirements.examples.txt
  1. Introduction.ipynb - an introduction to Secure Multiparty Compute; CrypTen's
    underlying secure computing protocol; use cases we are trying to solve and the
    threat model we assume.
  2. Tutorial_1_Basics_of_CrypTen_Tensors.ipynb - introduces CrypTensor, CrypTen's
    encrypted tensor object, and shows how to use it to do various operations on
    this object.
  3. Tutorial_2_Inside_CrypTensors.ipynb – delves deeper into CrypTensor to show
    the inner workings; specifically how CrypTensor uses MPCTensor for its
    backend and the two different kind of sharings, arithmetic and binary, are
    used for two different kind of functions. It also shows CrypTen's
    MPI-inspired
    programming model.
  4. Tutorial_3_Introduction_to_Access_Control.ipynb - shows how to train a linear
    model using CrypTen and shows various scenarios of data labeling, feature
    aggregation, dataset augmentation and model hiding where this is applicable.
  5. Tutorial_4_Classification_with_Encrypted_Neural_Networks.ipynb – shows how
    CrypTen can load a pre-trained PyTorch model, encrypt it and then do inference
    on encrypted data.
  6. Tutorial_5_Under_the_hood_of_Encrypted_Networks.ipynb - examines how CrypTen
    loads PyTorch models, how they are encrypted and how data moves through a multilayer
    network.
  7. Tutorial_6_CrypTen_on_AWS_instances.ipynb - shows how to use scrips/aws_launcher.py
    to launch our examples on AWS. It can also work with your code written in CrypTen.
  8. Tutorial_7_Training_an_Encrypted_Neural_Network.ipynb - introduces the
    automatic differentiation functionality of CrypTensor. This functionality
    makes it easy to train neural networks in CrypTen.

Documentation and citing

CrypTen is documented here.

The protocols and design protocols implemented in CrypTen are described in this paper. If you want to cite CrypTen in your papers (much appreciated!), you can cite it as follows:

@inproceedings{crypten2020,
  author={B. Knott and S. Venkataraman and A.Y. Hannun and S. Sengupta and M. Ibrahim and L.J.P. van der Maaten},
  title={CrypTen: Secure Multi-Party Computation Meets Machine Learning},
  booktitle={arXiv 2109.00984},
  year={2021},
}

Join the CrypTen community

Please contact us to join the CrypTen community on Slack

See the CONTRIBUTING file for how to help out.

License

CrypTen is MIT licensed, as found in the LICENSE file.

Package Rankings
Top 6.7% on Pypi.org
Top 26.84% on Conda-forge.org
Badges
Extracted from project README
Support Ukraine GitHub license CircleCI PRs Welcome
Related Projects
cryptography

cryptography is a package designed to expose cryptographic primitives and recipes to Python devel...

07 Aug 2013 6,265
TenSEAL

A library for doing homomorphic encryption operations on tensors

25 Jan 2020 739
tensorwatch

Debugging, monitoring and visualization for Python Machine Learning and Data Science

15 May 2019 3,366
Ciphey

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crac...

16 Jul 2019 17,595
pyflocker

Python Cryptographic (File Locking) Library

23 Apr 2020 5
TensorLayerX

TensorLayerX: A Unified Deep Learning and Reinforcement Learning Framework for All Hardwares, Bac...

03 Dec 2021 537
TensorLayer

Deep Learning and Reinforcement Learning Library for Scientists and Engineers

07 Jun 2016 7,302
innvestigate

A toolbox to iNNvestigate neural networks' predictions!

13 Dec 2017 1,228
Transcrypt

Python 3.9 to JavaScript compiler - Lean, fast, open!

13 Dec 2015 2,850
cleverhans-attacking-bnns

Source for paper "Attacking Binarized Neural Networks"

12 Dec 2017 21
concrete-ml

Concrete ML: Privacy Preserving ML framework built on top of Concrete, with bindings to tradition...

23 Mar 2022 780
accelerate

🚀 A simple way to launch, train, and use PyTorch models on almost any device and distributed conf...

30 Oct 2020 7,759
pycls

Codebase for Image Classification Research, written in PyTorch.

10 Jun 2019 2,136
tensorly

TensorLy: Tensor Learning in Python.

21 Oct 2016 1,504
NeuroTorch

Biologically based dynamics for machine learning and deep learning tools for neuroscience.

10 May 2022 15