Secure AI workloads using fully homomorphic encrypted data

For decades, the industry has benefitted from modern cryptography to protect sensitive data in transit and at rest. However, it has been impossible to keep the data protected while it is being processed. IBM Research is closing this gap with the release of HElayers, a software development kit (SDK) for the practical and efficient execution of secure AI workloads using fully homomorphic encrypted (FHE) data.

HElayers promises to address a primary concern in computing security, enabling the ability to use data safely without exposing any sensitive information, a key enabler for migrating compute to the cloud. HElayers provides encryption schemes and methods that allow specific operations to be performed on encrypted data without decrypting that data and any intermediate values computed, allowing for maximum utility of the data while preserving privacy and security. Foundational areas for applying FHE include:

Highly regulated industries can now reap the benefits of outsourcing storage and computation even to unsecured cloud environments without compromising privacy or security. The technology will revolutionize the way users, data scientists, and analytics gain access and share data sets that are often tightly controlled. FHE technology will lower data governance costs and promote a wider use of important data to create increased insights, drive data-driven value creation, and enable simpler deployment methods.

HElayers

HElayers is written in C++ and includes a Python API that enables application developers and data scientists to use the power of FHE by supporting a wide array of analytics such as linear regression, logistic regression, and neural networks. HElayers has been designed with a layered set of capabilities that are coupled with appropriate APIs so that users can fully utilize the services provided by the SDK. HElayers is delivered as an open platform that is capable of using the latest FHE implementations for a given use case. It is enabled with patented optimization and performance-boosting innovation for computation, AI innovation, and use case requirements that facilitate the practical use of a wide variety of AI workloads over FHE data.

Tutorials and Jupyter Notebooks

HElayers ships with a rich set of sample applications and tutorials through Jupyter Notebooks that highlight how to use this technology in useful ways. These examples include:

• Hebase tutorials: Basic layer 1 (hebase – the “Wrappers” layer) tutorial. It demonstrates HElayer’s low-level API for manipulating ciphertexts directly.
• Neural network tutorials: Step-by-step tutorials on how to use the C++ or Python APIs for neural network inference. The tutorials include demonstrations with the MNIST data set, credit card fraud detection, heart disease detection, 20 newsgroup text classification, and large-scale, 50K RBG encrypted image classification using AlexNet.
• Linear regression: Compute linear regression using an encrypted model and data.
• Logistic regression inference on a credit card fraud detection data set: Build a logistic regression model encrypted under HE and run inference of encrypted samples from a data set of credit card transactions.
• Nearest neighbor: Encrypt a set of centroids and find the nearest neighbor under homomorphic encryption. Given an encrypted sample, we compute the distance between each sample and each centroid under encryption. On the client side, the results are decrypted and automatically post-processed to obtain the nearest neighbor.
• Bitwise tutorial: Tutorial explaining the bitwise API (implemented with the BGV scheme).
• Decision tree inference: Decision tree inference for credit card fraud detection.
• Tile tensor demo: Demo of the “Computation” layer. It demonstrates an easy and efficient API for working with tensors, over which many new AI applications can be built.
• BGV world country db lookup: Encrypted query over an encrypted database. This uses the BGV scheme and Fermat’s little theorem to compute equality over the modular arithmetic supplied by the scheme.
• Extensions for easy integration: A recent extension to the Python API allows for easy integration with scikit-learn/Keras libraries. A regular scitkit-learn- or Keras-based Python script can be converted to FHE using a single import instruction.

HElayers – Community Edition through Docker Hub

To download the HElayers Community Edition Docker Container, including sample applications, tutorials in Jupyter Notebooks, and documentation for Windows, Linux®, macOS, and Linux on IBM Z mainframes, use the following links.

Python kits for x86 and s390x architectures, respectively:

C++ kits for x86 and s390x architectures, respectively:

Detailed documentation of the HElayers APIs is available inside the image.

We are interested in your potential use cases and the broader factors driving exploration of FHE. The following survey is available for describing these interests: https://www.surveygizmo.com/s3/6494169/IBM-HElayers-SDK-Survey

You can find more information on HElayers or FHE in general at: https://www.ibm.com/support/z-content-solutions/fully-homomorphic-encryption

HElayers – Premium Edition

Customers who want to work directly with IBM Research, access advanced features, and plan for commercial-grade deployment using HElayers can engage through the Premium Edition Program.

For more information on this program, HElayers, or FHE overall, please contact us at [email protected].

Research publications