A New PPML Paradigm for Quantized Models
Tianpei Lu
Network and Distributed System Security (NDSS) Symposium 2025 · Day 2 · ML Security
This talk introduces a groundbreaking new paradigm for **Privacy-Preserving Machine Learning (PPML)** specifically tailored for **quantized models**. Presented by Bingshan from Jan University, the work, a collaboration with Tianpei Lu, Shiaan, and Quiran, addresses a critical gap in the secure computation landscape. The core challenge in PPML, particularly for model inference where a server holds a private model and a client holds private data, has long been the prohibitive computational cost associated with cryptographic techniques like **multi-party computation (MPC)**. While existing PPML solutions strive to protect the confidentiality of both the model weights (`w`) and the client's input data (`x`) during the computation of `M(w, x)`, they often struggle with the inherent complexities of floating-point or fixed-point arithmetic.
AI review
Solid applied cryptography research that solves a real, underappreciated problem: the impedance mismatch between quantized ML inference and MPC's fixed-point arithmetic requirements. The LUT-based paradigm is a genuinely clever architectural sidestep rather than incremental optimization, and the performance claims — 10-1000x depending on network conditions, CPU beating GPU-accelerated alternatives — are substantial enough to matter for practitioners.