Pysyft: Implement Functional Encryption in PySyft

📝 Description

Functional Encryption is a technique which relates to Homomorphic Encryption since it performs computations over encrypted data, but it also provides automatic decryption of the ciphered result, which allows for interesting non-interactive scenarios. Put formally, given a function f and an encrypted value Enc(x), it outputs f(x). One classical example of Functional Encryption is _spam filtering_: Alice wants to send a confidential email to Bob, and the email server should analyse whether the email is spam without reading it before forwarding it or not to Bob.

This project will consist of re-implementing the Functional Encryption algorithm proposed in this Neurips 2019 paper. It relies on a crypto c++ based library named _charm_ and introduces some crypto primitives that are hard to re-implement from scratch in Python. Therefore, the main focus of this project will be first to provide a user-friendly Tensor abstraction for Functional Encryption in PySyft, and make sure having charm as a dependency is not burdensome. Re-implementing those primitives from scratch will be a second (challenging) part for people with more crypto background.

📣 Context

I'm the author of the paper linked above and have already provided elements to perform the implementation in this repo. I'm also leading the Crypto Team, whose roadmap is available here and I'm very keen to discuss alternative Function Encryption schemes if you have ideas!

🙋‍♀️ Required Skills:

• Knowledge of Deep Learning (TensorFlow, PyTorch or JAX)
• Familiarity (or willingness to become familiar) with PySyft
• Familiarity with Linear Algebra, to understand the mathematics of Functional Encryption.
• Autonomy and willingness to take proactive steps

Difficulty: Intermediate to Advanced

To be clear, this project is not about cleaning my first implementations! The main challenge is that FE currently allows only quadratic operations: for example x + 2, x * 3, x * y, 2(x-1)*y + 1 are valid operations but x*x*y is not. Therefore, the computations written by the end user should not be executed eagerly. Instead they should be buffered and organized to fit as a quadratic computation when possible. Using PySyft Plans is an excellent way of doing this. When high orders computations will be required, we will also consider the following trick which consists of encrypting higher orders monomials (for example encrypting xy alongside x and y allows to compute in a quadratic way x*(x*y))

Providing an easy-to-use, robust and flexible interface will be a guaranty of success for this project.

🔗 Useful Links

• PySyft - https://github.com/OpenMined/PySyft
• Google Summer of Code - https://summerofcode.withgoogle.com
  
  
  
  • Timeline
  
  
  • Student Guide
  
  
  • OpenMined Org.
  
  

_List of all GSoC project ideas here._

🎯 Milestones

1. Setup for Functional Encryption

• [ ] Do the installation steps as explained here in the README (_This is a bit complicated but will be done only once! Troubleshooting on slack_) This includes installing the crypto libraries, set up a database for the discrete logarithm pre-computations and testing the setup.

  2. Manual conversion of a model to Functional Encryption

• [ ] Setup up the same experiment as it done at the end of the Collateral Learning tutorials ie training a small quadratic pytorch neural network.

• [ ] Transform the weights of the model to discrete values ready to be used for FE

• [ ] Import them manually in the FE code to have the model run encrypted, as it done at the end of the Collateral Learning tutorials. This requires to look closer at the FE library (maybe ml_test.py)

  3. Automate the conversion

• [ ] Identify the relevant code for discretization from the collateral-learning tutorials and the most important parts of code from the FE library

• [ ] Extract it and put it in a new module syft/frameworks/torch/fe. Create the functions to automatically discretize a model, to encrypt it, and to encrypt the inputs. For the naming of objects, try to stay close to the paper ("functional keys", "encrypt", etc)

• [ ] Add the libraries used for this project and the setup steps from 1. to the syft setup. People should be able to pip install syft and have all the crypto libs installed + the discrete log pre-computations. (You can ask the community for help about python packaging!)

  4. Tensorize functional encryption

• [ ] Build an functional encryption tensor which provides a simple API to use the FE tools you've just build

• [ ] Add a computation tracker that prevents computations that are more than quadratic

• [ ] Allow support for Plans to perform FE (it will use the tracker)

  5. Computation graph analysis and input encryption scheduler

• [ ] Plans should be analyzed to check that computation are indeed polynomial. When higher orders computations than quadratic will be required, we will also consider the following trick which consists of encrypting higher orders monomials (for example encrypting xy alongside x and y allows to compute in a quadratic way x*(x*y)). The analyzer should determine which monomials needs to be encrypted (what I call the "input encryption scheduler").

• [ ] Allow running high order polynomial Plans using the previous tools with a simple and user-friendly API

🔔 If you like this project, please join the #gsoc_functional_encryption channel on slack! 🔔