A framework for Privacy Preserving Machine Learning
MIT License
CrypTen is a framework for Privacy Preserving Machine Learning built on PyTorch. Its goal is to make secure computing techniques accessible to Machine Learning practitioners. It currently implements Secure Multiparty Computation as its secure computing backend and offers three main benefits to ML researchers:
It is machine learning first. The framework presents the protocols via a CrypTensor
object that looks and feels exactly like a PyTorch Tensor
. This allows the user to use
automatic differentiation and neural network modules akin to those in PyTorch.
CrypTen is library-based. It implements a tensor library just as PyTorch does. This makes it easier for practitioners to debug, experiment on, and explore ML models.
The framework is built with real-world challenges in mind. CrypTen does not scale back or oversimplify the implementation of the secure protocols.
Here is a bit of CrypTen code that encrypts and decrypts tensors and adds them
import torch
import crypten
crypten.init()
x = torch.tensor([1.0, 2.0, 3.0])
x_enc = crypten.cryptensor(x) # encrypt
x_dec = x_enc.get_plain_text() # decrypt
y_enc = crypten.cryptensor([2.0, 3.0, 4.0])
sum_xy = x_enc + y_enc # add encrypted tensors
sum_xy_dec = sum_xy.get_plain_text() # decrypt sum
It is currently not production ready and its main use is as a research framework.
CrypTen currently runs on Linux and Mac with Python 3.7. We also support computation on GPUs. Windows is not supported.
For Linux or Mac
pip install crypten
If you want to run the examples in the examples
directory, you should also do the following
pip install -r requirements.examples.txt
To run the examples in the examples
directory, you additionally need to clone the repo and
pip install -r requirements.examples.txt
We provide examples covering a range of models in the examples
directory
mpc_linear_svm
, generates random data and trains ampc_cifar
, trains an adaptation of LeNet on CIFAR intfe_benchmarks
, trains three different networkbandits
, trains a contextual bandits model onmpc_imagenet
, performs inference on pretrainedtorchvision
.For examples that train in cleartext, we also provide pre-trained models in
cleartext in the model
subdirectory of each example subdirectory.
You can check all example specific command line options by doing the following;
shown here for tfe_benchmarks
:
python examples/tfe_benchmarks/launcher.py --help
We have a set of tutorials in the tutorials
directory to show how
CrypTen works. These are presented as Jupyter notebooks so please install
the following in your conda environment
conda install ipython jupyter
pip install -r requirements.examples.txt
Introduction.ipynb
- an introduction to Secure Multiparty Compute; CrypTen'sTutorial_1_Basics_of_CrypTen_Tensors.ipynb
- introduces CrypTensor
, CrypTen'sTutorial_2_Inside_CrypTensors.ipynb
– delves deeper into CrypTensor
to showCrypTensor
uses MPCTensor
for itsTutorial_3_Introduction_to_Access_Control.ipynb
- shows how to train a linearTutorial_4_Classification_with_Encrypted_Neural_Networks.ipynb
– shows howTutorial_5_Under_the_hood_of_Encrypted_Networks.ipynb
- examines how CrypTenTutorial_6_CrypTen_on_AWS_instances.ipynb
- shows how to use scrips/aws_launcher.py
Tutorial_7_Training_an_Encrypted_Neural_Network.ipynb
- introduces theCrypTensor
. This functionalityCrypTen is documented here.
The protocols and design protocols implemented in CrypTen are described in this paper. If you want to cite CrypTen in your papers (much appreciated!), you can cite it as follows:
@inproceedings{crypten2020,
author={B. Knott and S. Venkataraman and A.Y. Hannun and S. Sengupta and M. Ibrahim and L.J.P. van der Maaten},
title={CrypTen: Secure Multi-Party Computation Meets Machine Learning},
booktitle={arXiv 2109.00984},
year={2021},
}
Please contact us to join the CrypTen community on Slack
See the CONTRIBUTING file for how to help out.
CrypTen is MIT licensed, as found in the LICENSE file.