SecureNN¶

SecureNN is an implementation from the SecureNN paper. SecureNN is an extension of the Pond protocol. ie SecureNN is a superset of the SPDZ protocol. The main difference between SecureNN and SPDZ is exact Relu and Maxpooling layers. In SPDZ, Maxpooling is simply not supported, and Relu will be approximated.

Approximation can be quicker in some cases but it will break down when inputs are sufficiently large. This requires users to implement workaround techniques such as adding a Batchnorm layer before a Relu.

class tf_encrypted.protocol.securenn.SecureNN(server_0: Optional[tf_encrypted.player.player.Player] = None, server_1: Optional[tf_encrypted.player.player.Player] = None, server_2: Optional[tf_encrypted.player.player.Player] = None, prime_factory: Optional[tf_encrypted.tensor.factory.AbstractFactory] = None, odd_factory: Optional[tf_encrypted.tensor.factory.AbstractFactory] = None, **kwargs)[source]¶

Implementation of secureNN from the secureNN paper https://eprint.iacr.org/2018/442.pdf

bitwise_and(x: PondTensor, y: PondTensor) → PondTensor[source]¶

Computes the bitwise AND of the given inputs.: (x * y)

Parameters:	x – a `PondTensor` y – a `PondTensor`
Return type:	a `PondTensor`

bitwise_not(x: tf_encrypted.protocol.pond.PondTensor) → tf_encrypted.protocol.pond.PondTensor[source]¶

Computes the bitwise NOT of the input.: (1 - x)

Parameters:	x – a `PondTensor`
Return type:	a `PondTensor`

bitwise_or(x: PondTensor, y: PondTensor) → PondTensor[source]¶

Computes the bitwise OR of the given inputs.: (x + y) - (x * y)

Parameters:	x – a `PondTensor` y – a `PondTensor`
Return type:	a `PondTensor`

bitwise_xor(x: PondTensor, y: PondTensor) → PondTensor[source]¶

Compute the bitwise XOR of the given inputs.: (x + y) - (x * y * 2)

Parameters:	x – a `PondTensor` y – a `PondTensor`
Return type:	a `PondTensor`

msb(x: PondTensor) → PondTensor[source]¶

Computes the most significant bit of the provided tensor.

Parameters:	x – a `PondTensor`