{"id":"https://openalex.org/W4400382023","doi":"https://doi.org/10.56553/popets-2024-0119","title":"Efficient Privacy-Preserving Machine Learning with Lightweight Trusted Hardware","display_name":"Efficient Privacy-Preserving Machine Learning with Lightweight Trusted Hardware","publication_year":2024,"publication_date":"2024-07-06","ids":{"openalex":"https://openalex.org/W4400382023","doi":"https://doi.org/10.56553/popets-2024-0119"},"language":"en","primary_location":{"id":"doi:10.56553/popets-2024-0119","is_oa":true,"landing_page_url":"https://doi.org/10.56553/popets-2024-0119","pdf_url":"https://petsymposium.org/popets/2024/popets-2024-0119.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"hybrid","oa_url":"https://petsymposium.org/popets/2024/popets-2024-0119.pdf","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5011098652","display_name":"Pengzhi Huang","orcid":"https://orcid.org/0000-0002-9591-0618"},"institutions":[{"id":"https://openalex.org/I205783295","display_name":"Cornell University","ror":"https://ror.org/05bnh6r87","country_code":"US","type":"education","lineage":["https://openalex.org/I205783295"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Pengzhi Huang","raw_affiliation_strings":["Cornell University"],"affiliations":[{"raw_affiliation_string":"Cornell University","institution_ids":["https://openalex.org/I205783295"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5064857808","display_name":"Thang Hoang","orcid":"https://orcid.org/0000-0003-2229-3863"},"institutions":[{"id":"https://openalex.org/I859038795","display_name":"Virginia Tech","ror":"https://ror.org/02smfhw86","country_code":"US","type":"education","lineage":["https://openalex.org/I859038795"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Thang Hoang","raw_affiliation_strings":["Virginia Tech"],"affiliations":[{"raw_affiliation_string":"Virginia Tech","institution_ids":["https://openalex.org/I859038795"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100760432","display_name":"Yueying Li","orcid":"https://orcid.org/0000-0002-8896-1548"},"institutions":[{"id":"https://openalex.org/I205783295","display_name":"Cornell University","ror":"https://ror.org/05bnh6r87","country_code":"US","type":"education","lineage":["https://openalex.org/I205783295"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Yueying Li","raw_affiliation_strings":["Cornell University"],"affiliations":[{"raw_affiliation_string":"Cornell University","institution_ids":["https://openalex.org/I205783295"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089202539","display_name":"Elaine Shi","orcid":"https://orcid.org/0000-0002-5605-1048"},"institutions":[{"id":"https://openalex.org/I74973139","display_name":"Carnegie Mellon University","ror":"https://ror.org/05x2bcf33","country_code":"US","type":"education","lineage":["https://openalex.org/I74973139"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Elaine Shi","raw_affiliation_strings":["Carnegie Mellon University"],"affiliations":[{"raw_affiliation_string":"Carnegie Mellon University","institution_ids":["https://openalex.org/I74973139"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5000795197","display_name":"G. Edward Suh","orcid":null},"institutions":[{"id":"https://openalex.org/I1304085615","display_name":"Nvidia (United Kingdom)","ror":"https://ror.org/02kr42612","country_code":"GB","type":"company","lineage":["https://openalex.org/I1304085615","https://openalex.org/I4210127875"]},{"id":"https://openalex.org/I205783295","display_name":"Cornell University","ror":"https://ror.org/05bnh6r87","country_code":"US","type":"education","lineage":["https://openalex.org/I205783295"]}],"countries":["GB","US"],"is_corresponding":false,"raw_author_name":"G. Edward Suh","raw_affiliation_strings":["NVIDIA / Cornell University"],"affiliations":[{"raw_affiliation_string":"NVIDIA / Cornell University","institution_ids":["https://openalex.org/I1304085615","https://openalex.org/I205783295"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5064857808"],"corresponding_institution_ids":["https://openalex.org/I859038795"],"apc_list":null,"apc_paid":null,"fwci":2.1264,"has_fulltext":true,"cited_by_count":6,"citation_normalized_percentile":{"value":0.8879758,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":98,"max":99},"biblio":{"volume":"2024","issue":"4","first_page":"327","last_page":"348"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9918000102043152,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9918000102043152,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12122","display_name":"Physical Unclonable Functions (PUFs) and Hardware Security","score":0.9887999892234802,"subfield":{"id":"https://openalex.org/subfields/1708","display_name":"Hardware and Architecture"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.9829000234603882,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7481421232223511},{"id":"https://openalex.org/keywords/direct-anonymous-attestation","display_name":"Direct Anonymous Attestation","score":0.7283074855804443},{"id":"https://openalex.org/keywords/trusted-platform-module","display_name":"Trusted Platform Module","score":0.5797950029373169},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.5194665789604187},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.4531557559967041},{"id":"https://openalex.org/keywords/computer-hardware","display_name":"Computer hardware","score":0.444938987493515},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4048720896244049},{"id":"https://openalex.org/keywords/trusted-computing","display_name":"Trusted Computing","score":0.35884660482406616}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7481421232223511},{"id":"https://openalex.org/C169796023","wikidata":"https://www.wikidata.org/wiki/Q3708936","display_name":"Direct Anonymous Attestation","level":3,"score":0.7283074855804443},{"id":"https://openalex.org/C202775310","wikidata":"https://www.wikidata.org/wiki/Q1140366","display_name":"Trusted Platform Module","level":2,"score":0.5797950029373169},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.5194665789604187},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.4531557559967041},{"id":"https://openalex.org/C9390403","wikidata":"https://www.wikidata.org/wiki/Q3966","display_name":"Computer hardware","level":1,"score":0.444938987493515},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4048720896244049},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.35884660482406616}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.56553/popets-2024-0119","is_oa":true,"landing_page_url":"https://doi.org/10.56553/popets-2024-0119","pdf_url":"https://petsymposium.org/popets/2024/popets-2024-0119.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.56553/popets-2024-0119","is_oa":true,"landing_page_url":"https://doi.org/10.56553/popets-2024-0119","pdf_url":"https://petsymposium.org/popets/2024/popets-2024-0119.pdf","source":{"id":"https://openalex.org/S4210183172","display_name":"Proceedings on Privacy Enhancing Technologies","issn_l":"2299-0984","issn":["2299-0984"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310320322","host_organization_name":"De Gruyter Open","host_organization_lineage":["https://openalex.org/P4310320322","https://openalex.org/P4310313990"],"host_organization_lineage_names":["De Gruyter Open","De Gruyter"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings on Privacy Enhancing Technologies","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G6755165505","display_name":null,"funder_award_id":"award","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G7564846446","display_name":null,"funder_award_id":"2118709","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"},{"id":"https://openalex.org/G848032724","display_name":null,"funder_award_id":"Science","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"}],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4400382023.pdf","grobid_xml":"https://content.openalex.org/works/W4400382023.grobid-xml"},"referenced_works_count":78,"referenced_works":["https://openalex.org/W44936433","https://openalex.org/W1499934958","https://openalex.org/W1542455165","https://openalex.org/W1614298861","https://openalex.org/W1686810756","https://openalex.org/W1782747875","https://openalex.org/W1969009977","https://openalex.org/W1997859100","https://openalex.org/W2087080998","https://openalex.org/W2088492763","https://openalex.org/W2099001231","https://openalex.org/W2117539524","https://openalex.org/W2122122437","https://openalex.org/W2150620897","https://openalex.org/W2155441237","https://openalex.org/W2182396527","https://openalex.org/W2194775991","https://openalex.org/W2204310803","https://openalex.org/W2336864643","https://openalex.org/W2460441129","https://openalex.org/W2473418344","https://openalex.org/W2507840786","https://openalex.org/W2577421826","https://openalex.org/W2593994116","https://openalex.org/W2606606368","https://openalex.org/W2606774910","https://openalex.org/W2614104334","https://openalex.org/W2618530766","https://openalex.org/W2701059868","https://openalex.org/W2727025244","https://openalex.org/W2759479718","https://openalex.org/W2765200655","https://openalex.org/W2805074088","https://openalex.org/W2809372447","https://openalex.org/W2888798936","https://openalex.org/W2889518255","https://openalex.org/W2899435347","https://openalex.org/W2900510844","https://openalex.org/W2917560727","https://openalex.org/W2930957133","https://openalex.org/W2950168363","https://openalex.org/W2952511938","https://openalex.org/W2963752132","https://openalex.org/W2964261135","https://openalex.org/W2979826702","https://openalex.org/W2979858137","https://openalex.org/W2985947210","https://openalex.org/W2990952738","https://openalex.org/W3016063723","https://openalex.org/W3034162411","https://openalex.org/W3080934051","https://openalex.org/W3101942154","https://openalex.org/W3106542468","https://openalex.org/W3108146280","https://openalex.org/W3141585064","https://openalex.org/W3155184874","https://openalex.org/W3157720338","https://openalex.org/W3165750456","https://openalex.org/W3175329822","https://openalex.org/W3185585177","https://openalex.org/W3186649517","https://openalex.org/W3203684970","https://openalex.org/W3203851772","https://openalex.org/W3212030079","https://openalex.org/W3216987697","https://openalex.org/W3217809002","https://openalex.org/W4225647100","https://openalex.org/W4225654613","https://openalex.org/W4286989576","https://openalex.org/W4287184734","https://openalex.org/W4287366256","https://openalex.org/W4297952240","https://openalex.org/W4298110978","https://openalex.org/W4298422451","https://openalex.org/W4300641634","https://openalex.org/W4318719586","https://openalex.org/W4385245566","https://openalex.org/W4399929809"],"related_works":["https://openalex.org/W2355956995","https://openalex.org/W2354645290","https://openalex.org/W2168345601","https://openalex.org/W2390768934","https://openalex.org/W2695299078","https://openalex.org/W2372678089","https://openalex.org/W2365715481","https://openalex.org/W1497930374","https://openalex.org/W2374998183","https://openalex.org/W104943326"],"abstract_inverted_index":{"In":[0,92],"this":[1,175],"paper,":[2],"we":[3],"propose":[4],"a":[5,14,61,69,151],"new":[6],"secure":[7,148,185],"machine":[8],"learning":[9],"inference":[10],"platform":[11,36,126],"assisted":[12],"by":[13,144],"small":[15,62],"dedicated":[16],"security":[17,63,71,82,128],"processor,":[18],"which":[19],"will":[20],"be":[21,192,204],"easier":[22],"to":[23,28,51,68,87,180,194],"protect":[24],"and":[25,106,109,153,162],"deploy":[26],"compared":[27,50],"today's":[29],"TEEs":[30,172],"integrated":[31],"into":[32],"high-performance":[33,171],"processors.":[34],"Our":[35,125,139],"provides":[37],"three":[38],"main":[39],"advantages":[40],"over":[41],"the":[42,75,88,93,121,145,168,178,201],"state-of-the-art:":[43],"(i)":[44],"We":[45,114],"achieve":[46,115],"significant":[47],"performance":[48,118,190],"improvements":[49,119],"state-of-the-art":[52],"distributed":[53,197],"Privacy-Preserving":[54],"Machine":[55],"Learning":[56],"(PPML)":[57],"protocols,":[58],"with":[59,96,129,187],"only":[60],"processor":[64],"that":[65,182],"is":[66,100,141],"comparable":[67],"discrete":[70],"chip":[72],"such":[73],"as":[74],"Trusted":[76],"Platform":[77],"Module":[78],"(TPM)":[79],"or":[80],"on-chip":[81],"subsystems":[83],"in":[84,120,150,173],"SoCs":[85],"similar":[86],"Apple":[89],"enclave":[90],"processor.":[91],"semi-honest":[94],"setting":[95],"WAN/GPU,":[97],"our":[98],"scheme":[99],"4X-63X":[101],"faster":[102],"than":[103],"Falcon":[104],"(PoPETs'21)":[105],"AriaNN":[107],"(PoPETs'22)":[108],"3.8X-12X":[110],"more":[111],"communication":[112],"efficient.":[113],"even":[116,183],"higher":[117],"malicious":[122,132],"setting.":[123],"(ii)":[124],"guarantees":[127],"abort":[130],"against":[131],"adversaries":[133],"under":[134],"honest":[135],"majority":[136],"assumption.":[137],"(iii)":[138],"technique":[140],"not":[142],"limited":[143,189],"size":[146],"of":[147,170],"memory":[149],"TEE":[152],"can":[154,191,203],"support":[155],"high-capacity":[156],"modern":[157],"neural":[158],"networks":[159],"like":[160],"ResNet18":[161],"Transformer.":[163],"While":[164],"previous":[165],"work":[166,176],"investigated":[167],"use":[169],"PPML,":[174],"represents":[177],"first":[179],"show":[181],"tiny":[184],"hardware":[186],"very":[188],"leveraged":[193],"significantly":[195],"speed-up":[196],"PPML":[198],"protocols":[199],"if":[200],"protocol":[202],"carefully":[205],"designed":[206],"for":[207],"lightweight":[208],"trusted":[209],"hardware.":[210]},"counts_by_year":[{"year":2025,"cited_by_count":6}],"updated_date":"2026-03-20T23:20:44.827607","created_date":"2024-07-07T00:00:00"}