def main(server): num_rows = 7000 num_features = 32 num_epoch = 5 batch_size = 200 num_batches = (num_rows // batch_size) * num_epoch #who shall receive the output model_owner = ModelOwner('alice') data_schema0 = DataSchema([tf.float64] * 16, [0.0] * 16) data_schema1 = DataSchema([tf.int64] + [tf.float64] * 16, [0] + [0.0] * 16) data_owner_0 = DataOwner('alice', 'aliceTrainFile.csv', data_schema0, batch_size=batch_size) data_owner_1 = DataOwner('bob', 'bobTrainFileWithLabel.csv', data_schema1, batch_size=batch_size) tfe.set_protocol( tfe.protocol.Pond( tfe.get_config().get_player(data_owner_0.player_name), tfe.get_config().get_player(data_owner_1.player_name))) x_train_0 = tfe.define_private_input(data_owner_0.player_name, data_owner_0.provide_data) x_train_1 = tfe.define_private_input(data_owner_1.player_name, data_owner_1.provide_data) y_train = tfe.gather(x_train_1, 0, axis=1) y_train = tfe.reshape(y_train, [batch_size, 1]) #Remove bob's first column (which is label) x_train_1 = tfe.strided_slice(x_train_1, [0, 1], [x_train_1.shape[0], x_train_1.shape[1]], [1, 1]) x_train = tfe.concat([x_train_0, x_train_1], axis=1) model = LogisticRegression(num_features) reveal_weights_op = model_owner.receive_weights(model.weights) with tfe.Session() as sess: sess.run(tfe.global_variables_initializer(), tag='init') start_time = time.time() model.fit(sess, x_train, y_train, num_batches) end_time = time.time() # TODO(Morten) # each evaluation results in nodes for a forward pass being added to the graph; # maybe there's some way to avoid this, even if it means only if the shapes match model.evaluate(sess, x_train, y_train, data_owner_0) model.evaluate(sess, x_train, y_train, data_owner_1) print(sess.run(reveal_weights_op, tag='reveal'), ((end_time - start_time) * 1000))
def _assert_successful_conversion(prot, graph_def, actual, *input_fns, decimals=3, **kwargs): prot.clear_initializers() converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, registry(), 'input-provider', list(input_fns)) with tfe.Session() as sess: sess.run(tf.global_variables_initializer()) if not isinstance(x, (list, tuple)): x = [x] actual = [actual] else: assert isinstance( actual, (list, tuple)), "expected output to be tensor sequence" try: output = sess.run([xi.reveal().decode() for xi in x], tag='reveal') except AttributeError: # assume all xi are all public output = sess.run([xi for xi in x], tag='reveal') for o_i, a_i in zip(output, actual): np.testing.assert_array_almost_equal(o_i, a_i, decimal=decimals)
def _assert_successful_conversion( prot, graph_def, actual, *input_fns, decimals=3, **kwargs, # pylint: disable=unused-argument ): converter = Converter( registry(), config=tfe.get_config(), protocol=prot, model_provider="model-provider", ) x = converter.convert(graph_def, "input-provider", list(input_fns)) with tfe.Session() as sess: sess.run(tf.global_variables_initializer()) if not isinstance(x, (list, tuple)): x = [x] actual = [actual] else: assert isinstance( actual, (list, tuple) ), "expected output to be tensor sequence" try: output = sess.run([xi.reveal().decode() for xi in x], tag="reveal") except AttributeError: # assume all xi are all public output = sess.run(x, tag="reveal") for o_i, a_i in zip(output, actual): np.testing.assert_array_almost_equal(o_i, a_i, decimal=decimals)
def _assert_successful_conversion(prot, graph_def, actual, *input_fns, **kwargs): prot.clear_initializers() converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, register(), 'input-provider', list(input_fns)) with tfe.Session() as sess: sess.run(tf.global_variables_initializer()) output = sess.run(x.reveal(), tag='reveal') np.testing.assert_array_almost_equal(output, actual, decimal=3)
def test_factory_share(self): with tfe.protocol.Pond(tfe.get_config().get_players('server0, server1, crypto_producer')) as prot: shares = prot._share(self.primetensor) out = prot._reconstruct(*shares) with tfe.Session() as sess: sess.run(tf.global_variables_initializer()) final = sess.run(out) np.testing.assert_array_equal(final, self.primetensor.value)
def __init__(self, player_name, local_data_file, model, loss, optimizer=None): self.player_name = player_name self.local_data_file = local_data_file self.loss = loss self.optimizer = optimizer device_name = tfe.get_config().get_player(player_name).device_name self.device = tf.device(device_name) with self.device: self.model = tf.keras.models.clone_model(model) self.dataset = iter(build_data_pipeline(local_data_file, 256))
def __init__(self, player_name, local_data_file, model, loss, optimizer=None): self.player_name = player_name self.optimizer = optimizer self.loss = loss device_name = tfe.get_config().get_player(player_name).device_name self.device = tf.device(device_name) with self.device: # TODO: don't assume it's a tf.keras model self.model = tf.keras.models.clone_model(model) # clone the model, get new weights self.evaluation_dataset = iter(build_data_pipeline(local_data_file, 50))
def test_empty_model(self): test_input = np.ones([1, 8, 8, 1]) graph_def, prot_class = self._construct_empty_conversion_test( 'empty_model', protocol='SecureNN') with prot_class() as prot: input_fn = self.ndarray_input_fn(test_input) prot.clear_initializers() converter = Converter( registry(), config=tfe.get_config(), protocol=prot, model_provider='model-provider', ) self.assertRaises(ValueError, converter.convert, graph_def, 'input-provider', input_fn)
def test_empty_model(self): test_input = np.ones([1, 8, 8, 1]) graph_def, prot_class = self._construct_empty_conversion_test( "empty_model", protocol="SecureNN" ) with prot_class() as prot: input_fn = self.ndarray_input_fn(test_input) converter = Converter( registry(), config=tfe.get_config(), protocol=prot, model_provider="model-provider", ) self.assertRaises( ValueError, converter.convert, graph_def, "input-provider", input_fn, )
def test_stack_convert(self): tf.reset_default_graph() global global_filename global_filename = "stack.pb" input1 = np.array([1, 4]) input2 = np.array([2, 5]) input3 = np.array([3, 6]) path = export_stack(global_filename, input1.shape) tf.reset_default_graph() graph_def = read_graph(path) tf.reset_default_graph() actual = run_stack(input1, input2, input3) tf.reset_default_graph() with tfe.protocol.Pond() as prot: prot.clear_initializers() def provide_input1() -> tf.Tensor: return tf.constant(input1) def provide_input2() -> tf.Tensor: return tf.constant(input2) def provide_input3() -> tf.Tensor: return tf.constant(input3) inputs = [provide_input1, provide_input2, provide_input3] converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, register(), 'input-provider', inputs) with tfe.Session() as sess: sess.run(prot.initializer, tag='init') output = sess.run(x.reveal(), tag='reveal') np.testing.assert_array_almost_equal(output, actual, decimal=3)
def test_strided_slice_convert(self): tf.reset_default_graph() global global_filename global_filename = "strided_slice.pb" path = export_strided_slice(global_filename) tf.reset_default_graph() graph_def = read_graph(path) tf.reset_default_graph() input = [[[1, 1, 1], [2, 2, 2]], [[3, 3, 3], [4, 4, 4]], [[5, 5, 5], [6, 6, 6]]] actual = run_strided_slice(input) tf.reset_default_graph() with tfe.protocol.Pond() as prot: prot.clear_initializers() def provide_input(): return tf.constant([[[1, 1, 1], [2, 2, 2]], [[3, 3, 3], [4, 4, 4]], [[5, 5, 5], [6, 6, 6]]]) converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, register(), 'input-provider', provide_input) with tfe.Session() as sess: sess.run(prot.initializer, tag='init') output = sess.run(x.reveal(), tag='reveal') np.testing.assert_array_almost_equal(output, actual, decimal=3)
def test_mul_convert(self): tf.reset_default_graph() global global_filename global_filename = "mul.pb" input_shape = [4, 1] path = export_mul(global_filename, input_shape) tf.reset_default_graph() graph_def = read_graph(path) tf.reset_default_graph() actual = run_mul(input_shape) tf.reset_default_graph() with tfe.protocol.Pond() as prot: prot.clear_initializers() def provide_input(): return tf.constant( np.array([1.0, 2.0, 3.0, 4.0]).reshape(input_shape)) converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, register(), 'input-provider', provide_input) with tfe.Session() as sess: sess.run(prot.initializer, tag='init') output = sess.run(x.reveal(), tag='reveal') np.testing.assert_array_almost_equal(output, actual, decimal=3)
def test_argmax_convert(self): tf.reset_default_graph() global global_filename global_filename = "argmax.pb" input_shape = [5] input = [1, 2, 3, 4, 5] path = export_argmax(global_filename, input_shape, 0) tf.reset_default_graph() graph_def = read_graph(path) tf.reset_default_graph() actual = run_argmax(input, 0) tf.reset_default_graph() with tfe.protocol.SecureNN() as prot: prot.clear_initializers() def provide_input(): return tf.constant(np.ones(input_shape)) converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, register(), 'input-provider', provide_input) with tfe.Session() as sess: sess.run(tf.global_variables_initializer()) output = sess.run(x.reveal(), tag='reveal') np.testing.assert_array_almost_equal(output, actual, decimal=3)
def test_cnn_NHWC_convert(self): tf.reset_default_graph() global global_filename global_filename = "cnn_nhwc.pb" input_shape = [1, 28, 28, 1] path = export_cnn(global_filename, input_shape, data_format="NHWC") tf.reset_default_graph() graph_def = read_graph(path) tf.reset_default_graph() actual = run_cnn(input_shape, data_format="NHWC") tf.reset_default_graph() with tfe.protocol.Pond() as prot: prot.clear_initializers() def provide_input(): return tf.constant(np.ones(input_shape)) converter = Converter(tfe.get_config(), prot, 'model-provider') x = converter.convert(graph_def, register(), 'input-provider', provide_input) with tfe.Session() as sess: sess.run(prot.initializer, tag='init') output = sess.run(x.reveal(), tag='reveal') np.testing.assert_array_almost_equal(output, actual, decimal=3)
num_batches = (training_set_size // batch_size) * 10 model_owner = ModelOwner('model-owner') data_owner_0 = DataOwner('data-owner-0', num_features, training_set_size, test_set_size, batch_size // 2) data_owner_1 = DataOwner('data-owner-1', num_features, training_set_size, test_set_size, batch_size // 2) tfe.set_protocol(tfe.protocol.Pond( tfe.get_config().get_player(data_owner_0.player_name), tfe.get_config().get_player(data_owner_1.player_name) )) x_train_0, y_train_0 = data_owner_0.provide_training_data() x_train_1, y_train_1 = data_owner_1.provide_training_data() x_test_0, y_test_0 = data_owner_0.provide_testing_data() x_test_1, y_test_1 = data_owner_1.provide_testing_data() x_train = tfe.concat([x_train_0, x_train_1], axis=0) y_train = tfe.concat([y_train_0, y_train_1], axis=0) model = LogisticRegression(num_features) reveal_weights_op = model_owner.receive_weights(model.weights)
from common import DataOwner, ModelOwner, LogisticRegression num_features = 10 training_set_size = 2000 test_set_size = 100 batch_size = 100 num_batches = (training_set_size // batch_size) * 10 model_owner = ModelOwner('model-owner') data_owner_0 = DataOwner('data-owner-0', num_features, training_set_size, test_set_size, batch_size // 2) data_owner_1 = DataOwner('data-owner-1', num_features, training_set_size, test_set_size, batch_size // 2) tfe.set_protocol( tfe.protocol.Pond(tfe.get_config().get_player(data_owner_0.player_name), tfe.get_config().get_player(data_owner_1.player_name))) x_train_0, y_train_0 = tfe.define_private_input( data_owner_0.player_name, data_owner_0.provide_training_data) x_train_1, y_train_1 = tfe.define_private_input( data_owner_1.player_name, data_owner_1.provide_training_data) x_test_0, y_test_0 = tfe.define_private_input( data_owner_0.player_name, data_owner_0.provide_testing_data) x_test_1, y_test_1 = tfe.define_private_input( data_owner_1.player_name, data_owner_1.provide_testing_data) x_train = tfe.concat([x_train_0, x_train_1], axis=0) y_train = tfe.concat([y_train_0, y_train_1], axis=0)
if len(sys.argv) >= 2: # config file was specified config_file = sys.argv[1] config = tfe.config.load(config_file) else: # default to using local config config = tfe.LocalConfig([ 'server0', 'server1', 'crypto-producer', 'model-trainer', 'prediction-client' ]) tfe.set_config(config) tfe.set_protocol(tfe.protocol.SecureNN(*tfe.get_config().get_players(['server0', 'server1', 'crypto-producer']))) def weight_variable(shape, gain): """weight_variable generates a weight variable of a given shape.""" if len(shape) == 2: fan_in, fan_out = shape elif len(shape) == 4: h, w, c_in, c_out = shape fan_in = h * w * c_in fan_out = h * w * c_out r = gain * math.sqrt(6 / (fan_in + fan_out)) initial = tf.random_uniform(shape, minval=-r, maxval=r) return tf.Variable(initial)
if len(sys.argv) >= 2: # config file was specified config_file = sys.argv[1] config = tfe.config.load(config_file) else: # default to using local config config = tfe.LocalConfig([ 'server0', 'server1', 'crypto-producer', 'model-trainer', 'prediction-client' ]) tfe.set_config(config) tfe.set_protocol(tfe.protocol.SecureNN( *tfe.get_config().get_players(['server0', 'server1', 'crypto-producer']))) def weight_variable(shape, gain): """weight_variable generates a weight variable of a given shape.""" if len(shape) == 2: fan_in, fan_out = shape elif len(shape) == 4: h, w, c_in, c_out = shape fan_in = h * w * c_in fan_out = h * w * c_out r = gain * math.sqrt(6 / (fan_in + fan_out)) initial = tf.random_uniform(shape, minval=-r, maxval=r) return tf.Variable(initial)
def __init__(self, player_name): self.player_name = player_name with tf.device(tfe.get_config().get_player(player_name).device_name): self._initialize_weights()
import numpy as np import random as ran def provide_data(features): dataset = tf.data.Dataset.from_tensor_slices(features) dataset = dataset.repeat() dataset = dataset.batch(10) iterator = dataset.make_one_shot_iterator() batch = iterator.get_next() batch = tf.reshape(batch, [10, 784]) return batch remote_config = tfe.RemoteConfig.load("config.json") tfe.set_config(remote_config) tfe.set_protocol(tfe.protocol.Pond()) players = remote_config.players server0 = remote_config.server(players[0].name) tfe.set_protocol( tfe.protocol.Pond(tfe.get_config().get_player("alice"), tfe.get_config().get_player("bob"))) mnist = input_data.read_data_sets('MNIST_data', one_hot=True) train_data = mnist.train.images[:100, :] train_labels = mnist.train.labels[:100] x_train_0 = tfe.define_private_input("alice", lambda: provide_data(train_data))
import numpy as np import tf_encrypted as tfe config = tfe.get_config() with tfe.protocol.SecureNN( *config.get_players("server0, server1, crypto-producer")) as prot: a = prot.define_constant(np.array([0, 0, 1, 1]), apply_scaling=False) b = prot.define_constant(np.array([0, 1, 0, 1]), apply_scaling=False) c = prot.bitwise_or(a, b) x = prot.define_constant(np.array([0.0, 1.0, 2.0, 3.0])) y = prot.define_constant(np.array([0.0, 1.0, 2.0, 3.0])) z = (x * c) * y with tfe.Session() as sess: print(sess.run(z, tag="res"))
# tfe.set_tfe_events_flag(True) if len(sys.argv) >= 2: # config file was specified config_file = sys.argv[1] config = tfe.config.load(config_file) else: # default to using local config config = tfe.LocalConfig([ "server0", "server1", "crypto-producer", "model-trainer", "prediction-client" ]) tfe.set_config(config) tfe.set_protocol( tfe.protocol.SecureNN(*tfe.get_config().get_players( ["server0", "server1", "crypto-producer"]))) session_target = sys.argv[2] if len(sys.argv) > 2 else None class ModelTrainer: """Contains code meant to be executed by a model training Player.""" BATCH_SIZE = 256 ITERATIONS = 60000 // BATCH_SIZE EPOCHS = 3 LEARNING_RATE = 3e-3 IN_DIM = 28 KERNEL = 5 STRIDE = 2 IN_CHANNELS = 1
# tfe.set_tfe_events_flag(True) if len(sys.argv) >= 2: # config file was specified config_file = sys.argv[1] config = tfe.config.load(config_file) else: # default to using local config config = tfe.LocalConfig([ 'server0', 'server1', 'crypto-producer', 'model-trainer', 'prediction-client' ]) tfe.set_config(config) players = ['server0', 'server1', 'crypto-producer'] prot = tfe.protocol.SecureNN(*tfe.get_config().get_players(players)) tfe.set_protocol(prot) class ModelTrainer(): """Contains code meant to be executed by a model training Player.""" BATCH_SIZE = 256 ITERATIONS = 60000 // BATCH_SIZE EPOCHS = 3 LEARNING_RATE = 3e-3 IN_N = 28 * 28 HIDDEN_N = 128 OUT_N = 10 def cond(self, i: tf.Tensor, max_iter: tf.Tensor, nb_epochs: tf.Tensor,