New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to only encrypte the ML model and make local model predictions based on the encrypted model #81
Comments
Hello @Daihongwei1900 . Could you be a bit more precise on what the "feature request" is and what is the "motivation". Thank you |
Ok, currently concrete uses plaintext training models. Then, by encrypting the input parameters, the model prediction calculation is compiled into a Fhe calculation circuit. so the predict algorithm is fixed, the circuit is also fixed. But there is the following scenario, alice has a model but does not want to expose it to bob, so she wants to encrypt the model and send it to bob, bob makes predictions based on the encrypted model, and bob can also use sparse matrix to filter type 0 data, but the problem is if Assuming that the model weight is used as an encrypted input, bob data can only be compiled into an FHE circuit when it is certain, but the data that bob needs to predict it‘s be uncertain, and it is impossible to predict once and then need to compile a new fhe circuit. |
|
Hello @Daihongwei1900,
What you seem to be afraid of is that Bob might always need to compile before being able to compute the predictions, but is not possible because the weights are encrypted. Am I right ? 🙂 If so, then there are a few things to comment here. The short answer is that, in theory, your use case could be done as Bob will never need to compile, but it's not available in Concrete ML. Also, Bob won't be able to decrypt the model's predictions, only Alice will. More precisely :
Hope this helps ! |
Thank you very much, your answer solved my problem very well, I need to implement clear inputs and encrypted weights. |
Feature request
[edit by @bcm-at-zama]: info are given by @Daihongwei1900 here
Motivation
[edit by @bcm-at-zama]: info are given by @Daihongwei1900 here
The text was updated successfully, but these errors were encountered: