ReDCrypt: RealTime Privacy Preserving Deep Learning Using FPGAs

Artificial Intelligence (AI) is increasingly incorporated into the cloud business to improve the functionality of the service. The adoption of AI as a cloud service raises serious privacy concerns in applications where the risk of data leakage is not acceptable. Examples of such applications include scenarios where clients hold potentially sensitive private information such as medical records, financial data, and/or location. This paper proposes ReDCrypt, the first reconfigurable hardware-accelerated framework that empowers privacy-preserving execution of deep learning models in cloud servers. ReDCrypt is well-suited for streaming settings where clients need to dynamically analyze their data as it is collected over time without having to queue the samples to meet a certain batch size. Unlike prior work, ReDCrypt neither requires to change how AI models are trained nor relies on two non-colluding servers to perform. The secure computation in ReDCrypt is executed using Yao’s Garbled Circuit (GC) protocol. We implement high-throughput and power-efficient functional APIs for efficient realization of GC protocol on cloud servers supporting FPGA accelerators. Our API provides support for the GC-optimized implementation of various computational layers used in deep learning. Proof-of-concept evaluations for different DL applications demonstrate up to 57-fold higher throughput per core compared to the prior-art.