Co-Prime: A Co-design Framework for Privacy Preserving Machine Learning on FPGA

In enormous privacy-sensitive machine learning application domains with collaborative data acquisition from multiple participants, secure multi-party computation (MPC) becomes a promising solution for privacy-preserving machine learning (PPML). Secret sharing protocols is a prevalent MPC strategy, where frequent data distribution and recombination are applied to uphold the confidentiality of participants' data. A key challenge for practical deployment of secret sharing protocols in PPML is the massive and unbalanced computation and communication workloads occurred in various linear and non-linear stages of machine learning. The imbalance could be further amplified when powerful hardware accelerators are designed to reduce the computation latency. In this work, we propose Co-Prime, an FPGA-based 3PC framework for efficient PPML without assistance from a secure third party. Co-Prime integrates protocol and hardware co-optimizations to mitigate the communication bottlenecks in secret sharing schemes. Particularly, Co-Prime proposes a novel protocol conversion technique that seamlessly converts data formats to adaptively adopt preferred protocols in various stages of PPML. Accelerator-friendly MPC primitives and system-level design space exploration schemes are designed to achieve latency hiding through overlapping computation and network communication. Finally, it enables direct interaction with data streams via network communication modules on FPGAs to further reduce the network communication overhead. Experimental results demonstrate significant performance improvements over existing privacy-preserving machine learning frameworks, with 2-18x speedup in inference latency across various LAN/WAN environments and neural network models.