Workshop

Privacy Preserving Machine Learning

Adria Gascon ⋅ Aurélien Bellet ⋅ Niki Kilbertus ⋅ Olga Ohrimenko ⋅ Mariana Raykova ⋅ Adrian Weller

Project Page

Abstract

Website

Description

This one day workshop focuses on privacy preserving techniques for training, inference, and disclosure in large scale data analysis, both in the distributed and centralized settings. We have observed increasing interest of the ML community in leveraging cryptographic techniques such as Multi-Party Computation (MPC) and Homomorphic Encryption (HE) for privacy preserving training and inference, as well as Differential Privacy (DP) for disclosure. Simultaneously, the systems security and cryptography community has proposed various secure frameworks for ML. We encourage both theory and application-oriented submissions exploring a range of approaches, including:

- secure multi-party computation techniques for ML
- homomorphic encryption techniques for ML
- hardware-based approaches to privacy preserving ML
- centralized and decentralized protocols for learning on encrypted data
- differential privacy: theory, applications, and implementations
- statistical notions of privacy including relaxations of differential privacy
- empirical and theoretical comparisons between different notions of privacy
- trade-offs between privacy and utility

We think it will be very valuable to have a forum to unify different perspectives and start a discussion about the relative merits of each approach. The workshop will also serve as a venue for networking people from different communities interested in this problem, and hopefully foster fruitful long-term collaboration.

Video

Chat is not available.

Schedule

Timezone: America/Los_Angeles

5:30 AM

Welcom and introduction

5:50 AM

Invited talk 1: Scalable PATE and the Secret Sharer

Ian Goodfellow

6:40 AM

Invited talk 2: Machine Learning and Cryptography: Challenges and Opportunities

Shafi Goldwasser

7:30 AM

Coffee Break 1

8:00 AM

Contributed talk 1: Privacy Amplification by Iteration

Vitaly Feldman

8:15 AM

Contributed talk 2: Subsampled Renyi Differential Privacy and Analytical Moments Accountant

Yu-Xiang Wang

8:30 AM

Contributed talk 3: The Power of The Hybrid Model for Mean Estimation

Yatharth A Dubey

8:45 AM

Contributed talk 4: Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity

Úlfar Erlingsson

9:00 AM

Lunch Break

10:30 AM

Invited talk 3: Challenges in the Privacy-Preserving Analysis of Structured Data

Kamalika Chaudhuri

11:20 AM

Invited talk 4: Models for private data analysis of distributed data

Adam Smith

12:10 PM

Coffee Break 2

12:30 PM

Contributed talk 5: DP-MAC: The Differentially Private Method of Auxiliary Coordinates for Deep Learning

Frederik Harder

12:45 PM

Contributed talk 6: Slalom: Fast, Verifiable and Private Execution of Neural Networks in Trusted Hardware

Florian Tramer

1:00 PM

Contributed talk 7: Secure Two Party Distribution Testing

Negev Shekel Nosatzki

1:15 PM

Contributed talk 8: Private Machine Learning in TensorFlow using Secure Computation

Morten Dahl

1:30 PM

Spotlight talks

2:15 PM

Poster Session

Phillipp Schoppmann ⋅ Patrick Yu ⋅ Valerie Chen ⋅ Travis Dick ⋅ Marc Joye ⋅ Ningshan Zhang ⋅ Frederik Harder ⋅ Olli Saarikivi ⋅ Théo Ryffel ⋅ Yunhui Long ⋅ Théo JOURDAN ⋅ Di Wang ⋅ Antonio Marcedone ⋅ Negev Shekel Nosatzki ⋅ Yatharth A Dubey ⋅ Antti Koskela ⋅ Peter Bloem ⋅ Aleksandra Korolova ⋅ Martin Bertran ⋅ Hao Chen ⋅ Galen Andrew ⋅ Natalia Martinez ⋅ Janardhan Kulkarni ⋅ Jonathan Passerat-Palmbach ⋅ Guillermo Sapiro ⋅ Amrita Roy Chowdhury

3:15 PM

Wrap up