The two companies want to cooperate and develop a product jointly based on their respective advantages. How to efficiently realize joint computing between the two parties in the form of "privacy computing" while protecting privacy has become the key to solving this problem.
Recently, the Cheetah secure two-party computing framework newly developed by Alibaba Security has greatly improved the overall performance of the two-party computing. The fastest computing solution is more than 5 times faster than Microsoft CryptFlow2, the world's best computing solution. It is applied in the field of risk control, and the relevant research results have been accepted by USENIX Security Symposium 2022, one of the top four international security conferences.
Caption: In the field of privacy computing, Ali is the only Chinese company that has published a paper on USENIX Sec22
The "millionaire problem" is a typical two-party calculation scenario: two millionaires want to compare who has more wealth, but neither wants to tell the other their wealth figures. In order to ensure this security goal, complex and expensive cryptographic protocols need to be designed in a targeted manner, resulting in large ciphertext volume and slow computing speed.
Hong Cheng, a senior security expert at Alibaba Security, introduced that, taking the image recognition service that protects user privacy as an example, if customer A has a picture, server B needs to perform AI recognition on the picture to determine whether it contains non-compliant content, but for privacy reasons Protection requirements, and can not view the picture itself. Tested with Microsoft's CryptFlow2, which performed the best before, it takes hundreds of seconds to complete a picture recognition, while "Cheetah" makes the speed 5 times faster and can be done in tens of seconds under the premise of ensuring the same provable security. , a big step forward from practicality.
Privacy computing-related technologies have attracted great attention from the industry and the capital community. Last year, related startups also completed nearly 200 million yuan in Series A financing, setting a new record for single-round A round financing on the privacy computing track. "The two-party computing framework is launched on the open source platform.
Caption: "Cheetah" two-party computing framework launched on the open source platform
Hong Cheng explained: "At present, my country's privacy computing industry lacks the measurement standards and best practices for 'security', and some users are more exposed to non-provably secure privacy computing solutions represented by federated learning. There is a lack of awareness of the importance and difficulty of security, so it is often wrong to overestimate the ability of privacy computing and underestimate its difficulty. For example, we have previously found some security vulnerabilities in the encryption algorithms used in open source federated learning frameworks.”
He believes that the open source "Cheetah" that can truly achieve provable security will help strengthen the industry's understanding of the status quo of privacy computing, establish best practice standards for secure two-party computing, and promote the healthy development of privacy computing technology. The first-generation security architecture has landed in an industry that builds a security system from the source.
The open source address is attached: GitHub - Alibaba-Gemini-Lab/OpenCheetah