spu
Project description
SPU: Secure Processing Unit
SPU (Secure Processing Unit) aims to be a provable, measurable secure computation device,
which provides computation ability while keeping your private data protected.
SPU could be treated as a programmable device, it's not designed to be used directly. Normally we use SecretFlow framework, which use SPU as the underline secure computing device.
Currently, we mainly focus on provable security. It contains a secure runtime that evaluates
XLA-like tensor operations,
which use MPC as the underline
evaluation engine to protect privacy information.
SPU python package also contains a simple distributed module to demo SPU usage, but it's NOT designed for production due to system security and performance concerns, please DO NOT use it directly in production.
Contribution Guidelines
If you would like to contribute to SPU, please check Contribution guidelines.
If you would like to use SPU for research purposes, please check research development guidelines from @fionser.
This documentation also contains instructions for build and testing.
Installation Guidelines
Supported platforms
| Linux x86_64 | Linux aarch64 | macOS x64 | macOS Apple Silicon | Windows x64 | Windows WSL2 x64 | |
|---|---|---|---|---|---|---|
| CPU | yes | yes | yes1 | yes | no | yes |
| NVIDIA GPU | experimental | no | no | n/a | no | experimental |
- Due to CI resource limitation, macOS x64 prebuild binary is no longer available.
Instructions
Please follow Installation Guidelines to install SPU.
Hardware Requirements
| General Features | FourQ based PSI | GPU |
|---|---|---|
| AVX/ARMv8 | AVX2/ARMv8 | CUDA 11.8+ |
Citing SPU
If you think SPU is helpful for your research or development, please consider citing our papers:
@inproceedings {spu,
author = {Junming Ma and Yancheng Zheng and Jun Feng and Derun Zhao and Haoqi Wu and Wenjing Fang and Jin Tan and Chaofan Yu and Benyu Zhang and Lei Wang},
title = {{SecretFlow-SPU}: A Performant and {User-Friendly} Framework for {Privacy-Preserving} Machine Learning},
booktitle = {2023 USENIX Annual Technical Conference (USENIX ATC 23)},
year = {2023},
isbn = {978-1-939133-35-9},
address = {Boston, MA},
pages = {17--33},
url = {https://www.usenix.org/conference/atc23/presentation/ma},
publisher = {USENIX Association},
month = jul,
}
@inproceedings{ditto,
title = {Ditto: Quantization-aware Secure Inference of Transformers upon {MPC}},
author = {Wu, Haoqi and Fang, Wenjing and Zheng, Yancheng and Ma, Junming and Tan, Jin and Wang, Lei},
booktitle = {Proceedings of the 41st International Conference on Machine Learning},
pages = {53346--53365},
year = {2024},
editor = {Salakhutdinov, Ruslan and Kolter, Zico and Heller, Katherine and Weller, Adrian and Oliver, Nuria and Scarlett, Jonathan and Berkenkamp, Felix},
volume = {235},
series = {Proceedings of Machine Learning Research},
month = {21--27 Jul},
publisher = {PMLR},
pdf = {https://raw.githubusercontent.com/mlresearch/v235/main/assets/wu24d/wu24d.pdf},
url = {https://proceedings.mlr.press/v235/wu24d.html},
abstract = {Due to the rising privacy concerns on sensitive client data and trained models like Transformers, secure multi-party computation (MPC) techniques are employed to enable secure inference despite attendant overhead. Existing works attempt to reduce the overhead using more MPC-friendly non-linear function approximations. However, the integration of quantization widely used in plaintext inference into the MPC domain remains unclear. To bridge this gap, we propose the framework named Ditto to enable more efficient quantization-aware secure Transformer inference. Concretely, we first incorporate an MPC-friendly quantization into Transformer inference and employ a quantization-aware distillation procedure to maintain the model utility. Then, we propose novel MPC primitives to support the type conversions that are essential in quantization and implement the quantization-aware MPC execution of secure quantized inference. This approach significantly decreases both computation and communication overhead, leading to improvements in overall efficiency. We conduct extensive experiments on Bert and GPT2 models to evaluate the performance of Ditto. The results demonstrate that Ditto is about $3.14\sim 4.40\times$ faster than MPCFormer (ICLR 2023) and $1.44\sim 2.35\times$ faster than the state-of-the-art work PUMA with negligible utility degradation.}
}
Acknowledgement
We thank the significant contributions made by Alibaba Gemini Lab and security advisories made by VUL337@NISL@THU.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distributions
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file spu-0.9.5-cp311-none-manylinux_2_28_aarch64.whl.
File metadata
- Download URL: spu-0.9.5-cp311-none-manylinux_2_28_aarch64.whl
- Upload date:
- Size: 76.2 MB
- Tags: CPython 3.11, manylinux: glibc 2.28+ ARM64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
0d6e2cea344301d2b5840800d1de2d45f96ada454484fbcf9c61f5d54459ea2d
|
|
| MD5 |
b610cccbc13fb146a69a15715b0389c9
|
|
| BLAKE2b-256 |
3fd6799e3fac78b9e5fa5e66e5a912c0fe10b0cfa90c26acf59bbb160a5bb926
|
File details
Details for the file spu-0.9.5-cp311-none-manylinux_2_17_x86_64.whl.
File metadata
- Download URL: spu-0.9.5-cp311-none-manylinux_2_17_x86_64.whl
- Upload date:
- Size: 75.5 MB
- Tags: CPython 3.11, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
b3003406dc3ed5fb2223723179918d33287f6231cff29c2319ff6b40f15a4c3c
|
|
| MD5 |
aba3e03b853d3ec163ffeb85c94c3b6b
|
|
| BLAKE2b-256 |
fd2af034ca6e499d6c17eb8414a609adb4958c1af45988bcf6bdeddcf4c5e267
|
File details
Details for the file spu-0.9.5-cp311-none-macosx_14_0_arm64.whl.
File metadata
- Download URL: spu-0.9.5-cp311-none-macosx_14_0_arm64.whl
- Upload date:
- Size: 73.8 MB
- Tags: CPython 3.11, macOS 14.0+ ARM64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.11.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
69c686ca0f8b91b84f6146a293ab2e6a67054ed08d3a58edfa517cf928a8b633
|
|
| MD5 |
ee48a955843815fc979085cc821e6057
|
|
| BLAKE2b-256 |
b139bf71dfb16f148c73b57a24d74c7173712ff02c79947f1d8a6ef7e57ecd46
|
File details
Details for the file spu-0.9.5-cp310-none-manylinux_2_28_aarch64.whl.
File metadata
- Download URL: spu-0.9.5-cp310-none-manylinux_2_28_aarch64.whl
- Upload date:
- Size: 76.2 MB
- Tags: CPython 3.10, manylinux: glibc 2.28+ ARM64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
ef9bf3aaece441de3144c56f0b94680c6df82733faa70677e42101b23f3a152f
|
|
| MD5 |
42dc5c5d6ed532fbb1cc56d8acaf6312
|
|
| BLAKE2b-256 |
416ad9f79bde05263ec22da5783f871bd5d53085dcb7b2f2d0339bd355aa19ec
|
File details
Details for the file spu-0.9.5-cp310-none-manylinux_2_17_x86_64.whl.
File metadata
- Download URL: spu-0.9.5-cp310-none-manylinux_2_17_x86_64.whl
- Upload date:
- Size: 75.5 MB
- Tags: CPython 3.10, manylinux: glibc 2.17+ x86-64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.18
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
91b92843170e09fee3ba5e7654e4597b9864cd2b4e6e2a24c83d0e64ed335309
|
|
| MD5 |
e6e61dd2573293cea6e1bf53587c0c00
|
|
| BLAKE2b-256 |
3eb8bb07369806750d9c8ff25c44f9a12377034902b65e2a86a1b2e5db2580b9
|
File details
Details for the file spu-0.9.5-cp310-none-macosx_14_0_arm64.whl.
File metadata
- Download URL: spu-0.9.5-cp310-none-macosx_14_0_arm64.whl
- Upload date:
- Size: 73.8 MB
- Tags: CPython 3.10, macOS 14.0+ ARM64
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.10.19
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
d139b80847fcb58b5544be43cdda1d12bf36e4ae1b4730fd65661a763e44fd2a
|
|
| MD5 |
d59da62825bf68b7823f8c0acc2acf83
|
|
| BLAKE2b-256 |
30063c88724c740a43f39c50757ee32a1a579ac1fad5d629d4d37c0fab24a6b9
|
