Awesome Privacy Computing

1 Secure Multiparty Computation (SMPC)

1.1 Primitive

1.1.1 Oblivious Transfer (OT)

• Precomputing Oblivious Transfer, CRYPTO'95, Bea95
• Efficient Oblivious Transfer Protocols, SODA'01, NP01
• Extending Oblivious Transfers Efficiently, CRYPTO'03, IKNP03
• More Efficient Oblivious Transfer and Extensions for Faster Secure Computation, CCS'13, slide, ALSZ13
• Improved OT Extension for Transferring Short Secrets, CRYPTO'13, KK13
• Actively Secure OT Extension with Optimal Overhead, CRYPTO'15, KOS15
• MASCOT: Faster Malicious Arithmetic Secure Computation with Oblivious Transfer, CCS'16
• Fast Actively Secure OT Extension for Short Secrets, NDSS'17, slide, video
• Efficient Pseudorandom Correlation Generators: Silent OT Extension and More, CRYPTO'19
• Efficient two-round OT extension and silent non-interactive secure computation, CCS'19
• Ferret: Fast Extension for Correlated OT with Small Communication, CCS'20
• Silver: Silent VOLE and Oblivious Transfer from Hardness of Decoding Structured LDPC Codes, CRYPTO'21

1.1.2 Garbled Circuit

• Protocols for Secure Computations (Extended Abstract), FOCS'82
• How to generate and exchange secrets, FOCS'86
• Improved Garbled Circuit: Free XOR Gates and Applications, ICALP'08
• FairplayMP – A System for Secure Multi-Party Computation, CCS'08
• Secure Two-Party Computation Is Practical, ASIACRYPT'09
• Foundations of Garbled Circuits, CCS'12
• FleXOR: Flexible Garbling for XOR Gates That Beats Free-XOR, CRYPTO'14
• Two Halves Make a Whole: Reducing Data Transfer in Garbled Circuits using Half Gates, EUROCRYPT'15
• Fast and Secure Three-party Computation: The Garbled Circuit Approach, CCS'15
• Three Halves Make a Whole? Beating the Half-Gates Lower Bound for Garbled Circuits, CRYPTO'21

1.1.3 Arithmetic/Boolean Circuit

• How to play ANY mental game, STOC'87, GMW
• Scalable and unconditionally secure multiparty computation, CRYPTO'07
• Perfectly-secure MPC with linear communication complexity, TCC'08
• Sharemind: A framework for fast privacy-preserving computations, ESORICS'08
• Multiparty Computation from Somewhat Homomorphic Encryption, IACR ePrint'11
• Practical Covertly Secure MPC for Dishonest Majority Or: Breaking the SPDZ Limits, ESORICS'13
• High-Throughput Semi-Honest Secure Three-Party Computation with an Honest Majority, CCS'16
• High-throughput secure three-party computation for malicious adversaries and an honest majority, CRYPTO'17
• A Framework for Constructing Fast MPC over Arithmetic Circuits with Malicious Adversaries and an Honest-Majority, CCS'17
• SPDZ2k: Efficient MPC mod 2k for Dishonest Majority, CRYPTO'18
• Yet another compiler for active security or: Efficient MPC over arbitrary rings, CRYPTO'18
• Overdrive^2k: Making SPDZ Great Again, Eurocrypto'18
• An end-to-end system for large scale P2P MPC-as-a-service and low-bandwidth MPC for weak participants, CCS'18
• Fast large-scale honest-majority MPC for malicious adversaries, CRYPTO'18
• Minimising communication in honest-majority MPC by batchwise multiplication verification, ACNS'18
• Two-thirds honest-majority MPC for malicious adversaries at almost the cost of semi-honest, CCS'19
• Efficient Information-Theoretic Secure Multiparty Computation over Z/pkZ via Galois Rings, TCC'19
• Malicious Security Comes Free in Honest-Majority MPC, IACR ePrint'20
• Use Your Brain! Arithmetic 3PC for Any Modulus with Active Security, ITC'20
• ATLAS: Efficient and Scalable MPC in the Honest Majority Setting, CRYPTO'21
• The Cost of IEEE Arithmetic in Secure Computation, LatinCrypt'21
• Rabbit: Efficient Comparison for Secure Multi-Party Computation, FC'21
• Honest Majority MPC with Abort with Minimal Online Communication, Latincrypt'21
• CostCO: An automatic cost modeling framework for secure multi-party computation, Euro S&P'22
• Fast Fully Secure Multi-Party Computation over Any Ring with Two-Thirds Honest Majority, CCS'22
• More Efficient Dishonest Majority Secure Computation over Z2k via Galois Rings, CRYPTO'22

1.1.5 A/B/Y Shares Conversion

• ABY: A Framework for Effificient Mixed-Protocol Secure Two-Party Computation, NDSS'15
• ABY3: A Mixed Protocol Framework for Machine Learning, CCS'18
• Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning, NDSS'20
• MP-SPDZ: A versatile framework for multi-party computation, CCS'20
• Improved primitives for mpc over mixed arithmetic-binary circuits, CRYPTO'20
• ABY2.0: Improved Mixed-Protocol Secure Two-Party Computation, USENIX Security'21
• MOTION – A Framework for Mixed-Protocol Multi-Party Computation, TOPS'22
• Tetrad: Actively Secure 4PC for Secure Training and Inference, NDSS'22

1.1.6 PSI

• Faster Private Set Intersection based on OT Extension, USENIX Security'14, code: PSI
• Efficient Batched Oblivious PRF with Applications to Private Set Intersection, CCS'16, code: BaRK-OPRF
• Actively Secure 1-out-of-N OT Extension with Application to Private Set Intersection, CT-RSA'17
• Practical Multi-party Private Set Intersection from Symmetric-Key Techniques, CCS'17, code: MultipartyPSI
• Scalable Private Set Intersection Based on OT Extension, TOPS'18
• Labeled PSI from Fully Homomorphic Encryption with Malicious Security, CCS'18
• An Algebraic Approach to Maliciously Secure Private Set Intersection, EUROCRYPT'19
• SpOT-Light: Lightweight Private Set Intersection from Sparse OT Extension, CRYPTO'19
• PSI from PaXoS: Fast, Malicious Private Set Intersection, EUROCRYPT'20
• Private Set Intersection in the Internet Setting from Lightweight Oblivious PRF, CRYPTO'20
• Labeled PSI from homomorphic encryption with reduced computation and communication, CCS'21
• Efficient Linear Multiparty PSI and Extensions to Circuit/Quorum PSI, CCS'21
• VOLE-PSI: Fast OPRF and Circuit-PSI from Vector-OLE, EUROCRYPT'21
• Private Set Operations from Oblivious Switching, PKC'21
• Multi-party Threshold Private Set Intersection with Sublinear Communication, PKC'21
• Oblivious Key-Value Stores and Amplification for Private Set Intersection, CRYPTO'21
• Circuit-PSI With Linear Complexity via Relaxed Batch OPPRF, PoPETS'22
• Structure-Aware Private Set Intersection, With Applications to Fuzzy Matching, CRYPTO'22, code: FuzzyPSI
• Blazing Fast PSI from Improved OKVS and Subfield VOLE, ePrint'22
• A Plug-n-Play Framework for Scaling Private Set Intersection to Billion-sized Sets, ePrint'22
• LibPSI

1.1.7 PIR (Private Information Retrieval)

• Private Information Retrieval, JACM'97
• XPIR: Private Information Retrieval for Everyone, PETS'16
• PIR with Compressed Queries and Amortized Query Processing, S&P'18, code: SealPIR
• Private Stateful Information Retrieval, CCS'18
• SHECS-PIR: Somewhat Homomorphic Encryption-Based Compact and Scalable Private Information Retrieval, ESORICS 2020
• Communication–Computation Trade-offs in PIR, USENIX Security'21
• Constant-weight PIR: Constant-weight PIR: Single-round Keyword PIR via Constant-weight Equality Operators, USENIX Security'22, code
• OnionPIR: OnionPIR: Response Efficient Single-Server PIR, CCS'21
• Pantheon: Private Retrieval from Public Key-Value Store, VLDB'22
• One Server for the Price of Two: Simple and Fast Single-Server Private Information Retrieval, USENIX Security'23, code
• FrodoPIR: Simple, Scalable, Single-Server Private Information Retrieval, PETS'23, code

1.1.8 Multiparty ECDSA signing

• Fast Secure Multiparty ECDSA with Practical Distributed Key Generation and Applications to Cryptocurrency Custody, CCS'18, code: Blockchain-Crypto-MPC
• Threshold ECDSA from ECDSA Assumptions: The Multiparty Case, S&P'19, code: MPECDSA

1.1.9 Function Secret Sharing

• Secure Computation with Preprocessing via Function Secret Sharing, TCC'19
• Function Secret Sharing for Mixed-Mode and Fixed-Point Secure Computation, EUROCRYPT'21

1.2 Survey

• Secure Multiparty Computation (MPC), Yehuda Lindell.
• How to Simulate It - A Tutorial on the Simulation Proof Technique, Yehuda Lindell.
• Secure Multi-Party Computation, Manoj Prabhakaran, Amit Sahai.
• An Introduction to Secret-Sharing-Based Secure Multiparty Computation, Daniel Escudero.
• 实用安全多方计算协议关键技术研究进展, 计算机研究与发展'15

1.3 Books

• The Foundations of Cryptography - Volume 1: Basic Tools, Oded Goldreich. 2001.
• The Foundations of Cryptography - Volume 2: Basic Applications, Oded Goldreich. 2003.
• Efficient secure two-party protocols: Techniques and constructions, Carmit Hazay, Yehuda Lindell. 2010.
• Engineering Secure Two-Party Computation Protocols, Thomas Schneider. 2012.
• Secure Multiparty Computation and Secret Sharing, Ronald Cramer, Ivan Bjerre Damgård, Jesper Buus Nielsen. 2015.
• Applications of Secure Multiparty Computation, Peeter Laud, Liina Kamm. 2015.
• A Pragmatic Introduction to Secure Multi-Party Computation, David Evans, Vladimir Kolesnikov, Mike Rosulek. 2018.

1.4 Courses

• Cryptographic Computing Course
• FHE-MPC Advanced Grad Course
• Secure Computation
• Secure Multi-Party Computation at Scale
• The 1st BIU Winter School on Secure Computation and Efficiency
• The 5th BIU Winter School on Advances in Practical Multiparty Computation
• The 12th BIU Winter School on Cryptography
• The Universal Composability Framework

1.5 Open Source Framework

• ABY, NDSS'15.
• ABY3, CCS'18, 2019/518.
• BatchDualEx, eprint: 2016/632.
• CrypTen, link
• EMP-toolkit, (emp-[ag2pc|m2pc|agmpc]) | eprint: 2017/189, 2016/762, 2017/030.
• Fancy-Garbling, 2016/969.
• FRESCO , Practice'15.
• HoneyBadgerMPC
• JIFF, link.
• MP-SPDZ, documentation | eprint: 2020/512
• MPyC, TPMPC'18.
• Obliv-C, 2015/1153.
• SCALE-MAMBA, link.
• Sharemind, Cyber'13.
• swanky, Tf-encrypted

2 Federated Learning (FL)

• Privacy-Preserving Deep Learning, CCS'15
• Practical Secure Aggregation for Privacy Preserving Machine Learning, CCS'17
• Privacy-Preserving Deep Learning via Additively Homomorphic Encryption, TIFS'17
• NIKE-based Fast Privacy-preserving High-dimensional Data Aggregation for Mobile Devices, CACR'18
• PrivFL: Practical Privacy-preserving Federated Regressions on High-dimensional Data over Mobile Networks, CCSW'19
• VerifyNet: Secure and verifiable federated learning, TIFS'19
• PrivColl: Practical Privacy-Preserving Collaborative Machine Learning
• NPMML: A Framework for Non-interactive Privacy-preserving Multi-party Machine Learning, TDSC'20
• SAFER: Sparse secure Aggregation for FEderated leaRning
• Secure Byzantine-Robust Machine Learning
• Secure Single-Server Aggregation with (Poly)Logarithmic Overhead, CCS'20
• FedSel: Federated SGD under Local Differential Privacy with Top-k Dimension Selection, DASFAA'20
• Batchcrypt: Efficient homomorphic encryption for cross-silo federated learning, USENIX ATC'21
• FLGUARD: Secure and Private Federated Learning, Cryptology Eprint'21
• Biscotti: A Blockchain System for Private and Secure Federated Learning, TPDS'21
• POSEIDON: Privacy-Preserving Federated Neural Network Learning, NDSS'21

3 Trusted Execution Environment (TEE)

4 Homomorphic Encryption (HE)

4.1 FHE Libraries

Libraries that can be used to implement applications using (Fully) Homomorphic Encryption.

• Microsoft SEAL - C++ FHE library implementing BFV and CKKS schemes.
• HEAAN - Scheme with native support for fixed point approximate arithmetic.
• HElib - BGV scheme with bootstrapping and the Approximate Number CKKS scheme.
• lattigo - Go library for lattice-based crypto that implements various schemes.
• PALISADE - lattice encryption library.
• tfhe - Faster fully HE: Bootstrapping in less than 0.1 seconds.
• FHEW - A Fully HE library based on FHEW: Bootstrapping Homomorphic Encryption in less than a second.
• concrete - Rust FHE library that implements Zama's variant of TFHE.
• Cupcake - Facebook's Rust library for the (additive version of the) Fan-Vercauteren scheme.
• HEhub - A library for homomorphic encryption and its applications

4.2 FHE Applications

• OpenMined - Decentralized data ownership & intelligence based on HE and deep / federated learning.
  • KotlinSyft - Kotlin library for the Android part of the OpenMined's open-source ecosystem.
  • PySyft - Python library for the server/IoT part of the OpenMined's open-source ecosystem.
  • SwiftSyft - Swift library for the iOS part of the OpenMined's open-source ecosystem.
  • syft.js - JavaScript library for the web part of the OpenMined's open-source ecosystem.
• Rosetta - A privacy-preserving framework based on TensorFlow.
• tf-encrypted - Bridge between TensorFlow and the Microsoft SEAL library.

4.3 FHE Papers

• Fully homomorphic encryption using ideal lattices, STOC'99.
• Fully homomorphic encryption from ring-LWE and security for key dependent messages, CRYPTO'11.
• Homomorphic Evaluation of the AES Circuit, CRYPTO'12.
• Fully homomorphic encryption with polylog overhead, EUROCRYPT'12.
• Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP, CRYPTO'12.
• Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based, CRYPTO'13
• Algorithms in HElib, CRYPTO'14
• FHEW: Bootstrapping Homomorphic Encryption in Less Than a Second, EUROCRYPT'15
• Faster Fully Homomorphic Encryption: Bootstrapping in Less Than 0.1 Seconds, ASIACRYPT'16
• Faster packed homomorphic operations and efficient circuit bootstrapping for TFHE, ASIACRYPT'17
• Homomorphic Encryption for Arithmetic of Approximate Numbers, ASIACRYPT'17
• A Full RNS Variant of FV Like Somewhat Homomorphic Encryption Schemes, SAC'17
• Faster packed homomorphic operations and efficient circuit bootstrapping for TFHE, ASIACRYPT'17
• Faster homomorphic linear transformations in HElib, CRYPTO'18
• Bootstrapping for Approximate Homomorphic Encryption, EUROCRYPT'18
• An Improved RNS Variant of the BFV Homomorphic Encryption Scheme, CT-RSA'19
• TFHE: Fast Fully Homomorphic Encryption Over the Torus, JOC'20
• Efficient Homomorphic Comparison Methods with Optimal Complexity, ASIACRYPT'20
• PEGASUS: Bridging polynomial and non-polynomial evaluations in homomorphic encryption, S&P'21
• General Bootstrapping Approach for RLWE-based Homomorphic Encryption, ePrint'21
• On the Security of Homomorphic Encryption on Approximate Numbers, EUROCRYPT'21
• Efficient Bootstrapping for Approximate Homomorphic Encryption with Non-sparse Keys, EUROCRYPT'21
• Efficient Homomorphic Conversion Between (Ring) LWE Ciphertexts, ACNS'21
• OpenFHE: Open-Source Fully Homomorphic Encryption Library, ePrint'22

5 Differential Privacy (DP)

5.1 DP Papers

• Randomized Response: A Survey Technique for Eliminating Evasive Answer Bias, JASA'65
• Mechanism Design via Differential Privacy, FOCS'07
• How Much Is Enough? Choosing ε for Differential Privacy, ISC'11
• Differentially Private Empirical Risk Minimization, JMLR'11
• Personal privacy vs population privacy, KDD'11
• Functional Mechanism: Regression Analysis under Differential Privacy, VLDB'12
• Stochastic gradient descent with differentially private updates, GlobalSIP'13
• RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response, CCS'14
• Efficient Per-Example Gradient Computations, arXiv'15
• Privacy-Preserving Deep Learning, CCS'15
• Concentrated Differential Privacy, arXiv'16
• Deep Learning with Differential Privacy, CCS'16
• Differentially Private Password Frequency Lists, NDSS'16
• Concentrated Differential Privacy: Simplifications, Extensions, and Lower Bounds, TCC'16
• Rényi Differential Privacy, CSF'17
• Semi-supervised Knowledge Transfer for Deep Learning from Private Training Data, ICLR'17
• Locally differentially private protocols for frequency estimation, USENIX Security'17
• Understanding the sparse vector technique for differential privacy, VLDB'17
• Detecting Violations of Differential Privacy, CCS'18
• Privacy Risk in Machine Learning: Analyzing the Connection to Overfitting, CSF'18
• Privacy Amplification by Iteration, FOCS'18
• Learning Differentially Private Recurrent Language Models, ICLR'18
• Scalable private learning with pate, ICLR'18
• Differential Privacy: A Primer for a Non-Technical Audience, SSRN'18
• Rényi Differential Privacy of the Sampled Gaussian Mechanism, arXiv'19
• That which we call private, arXiv'19
• Differential Privacy in Practice: Expose your Epsilons!, JPC'19
• Understanding Gradient Clipping in Private SGD: A Geometric Perspective, NeurIPS'20
• Locally Differentially Private Frequency Estimation with Consistency, NDSS'20
• Automatic Discovery of Privacy–Utility Pareto Fronts, PETS'20
• Differential Privacy in the Shuffle Model: A Survey of Separations, arXiv'21
• Tempered Sigmoid Activations for Deep Learning with Differential Privacy, AAAI'21
• Differentially Private Learning Needs Better Features (or Much More Data), ICLR'21
• Differentially Private Learning with Adaptive Clipping, NeurIPS'21
• Enabling Fast Differentially Private SGD via Just-in-Time Compilation and Vectorization, NeurIPS'21
• Scaling up Differentially Private Deep Learning with Fast Per-Example Gradient Clipping, PETS'21
• Automatic Clipping: Differentially Private Deep Learning Made Easier and Stronger, arXiv'22
• Scalable and Efficient Training of Large Convolutional Neural Networks with Differential Privacy, NeurIPS'22

5.2 DP Books

• The Algorithmic Foundations of Differential Privacy, by Cynthia Dwork and Aaron Roth
• The Complexity of Differential Privacy, by Salil Vadhan
• Differential Privacy: From Theory to Practice, by Ninghui Li, Min Lyu, Dong Su, Weining Yang

5.3 DP Courses

• Algorithms for Private Data Analysis, taught by Gautam Kamath, Youtube, Bilibili
• Privacy in Statistics and Machine Learning, taught by Adam Smith and Jonathan Ullman

5.4 DP Libraries

• TensorFlow Privacy - Training TensorFlow models with differential privacy
• Opacus - Training PyTorch models with differential privacy
• Google DP Library - Google's differential privacy libraries
• IBM DP Library - IBM's differential privacy library
• PyDP - OpenMined's Python DP library built on top of Google's
• PipelineDP - OpenMined's library for applying DP aggregations to large datasets
• OpenDP - A modular collection of algorithms for building privacy-preserving applications

6 Zero-Knowledge Proof (ZKP)

• 简洁非交互零知识证明综述, 密码学报'22
• zk mooc

7 Privacy-Preserving Machine Learning (PPML)

7.1 Papers

• Machine Learning Classification over Encrypted Data, NDSS'14
• Oblivious Multi-Party Machine Learning on Trusted Processors, USENIX SECURITY'16
• CryptoNets: Applying Neural Networks to Encrypted Data with High Throughput and Accuracy, ICML'16
• CryptoDL: Deep Neural Networks over Encrypted Data, arXiv'17
• Prio: Private, Robust, and Scalable Computation of Aggregate Statistics, NSDI'17
• SecureML: A System for Scalable Privacy-Preserving Machine Learning, S&P'17
• MiniONN: Oblivious Neural Network Predictions via MiniONN Transformations, CCS'17
• Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications, AsiaCCS'17
• DeepSecure: Scalable Provably-Secure Deep Learning, DAC'17
• Secure Computation for Machine Learning With SPDZ, NIPS'18
• PySyft: A Generic Framework for Privacy Preserving Deep Learning, arXiv'18
• ABY3: A Mixed protocol Framework for Machine Learning, CCS'18
• SecureNN: Efficient and Private Neural Network Training, PoPETs'18
• Gazelle: A Low Latency Framework for Secure Neural Network Inference, USENIX SECURITY'18
• Private Machine Learning in TensorFlow using Secure Computation, arXiv'18
• CHET: an optimizing compiler for fully-homomorphic neural-network inferencing, PLDI'19
• New Primitives for Actively-Secure MPC over Rings with Applications to Private Machine Learning, S&P'19
• Helen: Maliciously Secure Coopetitive Learning for Linear Models, S&P'19
• Efficient multi-key homomorphic encryption with packed ciphertexts with application to oblivious neural network inference. CCS'19
• XONN: XNOR-based Oblivious Deep Neural Network Inference, USENIX Security'19
• QUOTIENT: two-party secure neural network training and prediction, CCS'19
• ASTRA: High Throughput 3PC over Rings with Application to Secure Prediction, CCSW'19
• SoK: Modular and Efficient Private Decision Tree Evaluation, PoPETs'19
• Garbled Neural Networks are Practical, IACR ePrint'19
• Trident: Efficient 4PC Framework for Privacy Preserving Machine Learning, NDSS'20
• BLAZE: Blazing Fast Privacy-Preserving Machine Learning, NDSS'20
• FLASH: Fast and Robust Framework for Privacy-preserving Machine Learning, PoPETs'20
• Secure Evaluation of Quantized Neural Networks, PoPETs'20
• Delphi: A Cryptographic Inference Service for Neural Networks, USENIX SECURITY'20
• MP2ML: A Mixed-Protocol Machine Learning Framework for Private Inference, ARES'20
• SANNS: Scaling Up Secure Approximate k-Nearest Neighbors Search, USENIX Security'20
• CrypTen: Secure multi-party computation meets machine learning, NeurIPS'20
• An Efficient 3-Party Framework for Privacy-Preserving Neural Network Inference, ESORICS'20
• Secure and Verifiable Inference in Deep Neural Networks, ACSAC'20
• Glyph: Fast and Accurately Training Deep Neural Networks on Encrypted Data, NeurIPS'20
• CrypTFlow: Secure TensorFlow Inference, S&P'20
• CrypTFlow2: Practical 2-Party Secure Inference, CCS'20
• ARIANN: Low-Interaction Privacy-Preserving Deep Learning via Function Secret Sharing, arXiv'20
• Practical Privacy-Preserving K-means Clustering, PoPETs'20
• ABY2.0: Improved Mixed-Protocol Secure Two-Party Computation (Full Version), USENIX Security'21
• SWIFT: Super-fast and Robust Privacy-Preserving Machine Learning, USENIX Security'21
• Privacy-preserving Density-based Clustering, AisaCCS'21
• SIRNN: A Math Library for Secure RNN Inference, S&P'21
• Let’s Stride Blindfolded in a Forest: Sublinear Multi-Client Decision Trees Evaluation, NDSS'21
• MUSE: Secure Inference Resilient to Malicious Clients, USENIX Security'21
• DeepReDuce: ReLU Reduction for Fast Private Inference, USENIX Security'21
• GForce: GPU-Friendly Oblivious and Rapid Neural Network Inference, USENIX Security'21
• CryptGPU: Fast Privacy-Preserving Machine Learning on the GPU, S&P'21
• GALA: Greedy ComputAtion for Linear Algebra in Privacy-Preserved Neural Networks, NDSS'21
• Fantastic Four: Honest-Majority Four-Party Secure Computation With Malicious Security, USENIX Security'21
• When homomorphic encryption marries secret sharing: secure large-scale sparse logistic regression and applications in risk control, KDD'21
• Circa: Stochastic ReLUs for Private Deep Learning, NeurIPS'21
• Mystique: Efficient Conversions for Zero-Knowledge Proofs with Applications to Machine Learning, USENIX Security'21
• FALCON: Honest-Majority Maliciously Secure Framework for Private Deep Learning, PoPETs'21
• SoK: Efficient Privacy-preserving Clustering, PoPETs'21
• ZEN: Efficient Zero-Knowledge Proofs for Neural Networks, IACR ePrint'21
• zkCNN: Zero Knowledge Proofs for Convolutional Neural Network Predictions and Accuracy, CCS'21
• Adam in Private : Secure and Fast Training of Deep Neural Networks with Adaptive Moment Estimation, arXiv'21
• Cerebro: A Platform for Multi-Party Cryptographic Collaborative Learning, USENIX Security'21
• Tetrad: Actively Secure 4PC for Secure Training and Inference, NDSS'22
• SIMC: ML Inference Secure Against Malicious Clients at Semi-Honest Cost, USENIX Security'22
• SIMC 2.0: Improved Secure ML Inference Against Malicious Clients, arXiv'22
• Cheetah: Lean and Fast Secure Two-Party Deep Neural Network Inference, USENIX Security'22
• Secure Poisson Regression, USENIX Security'22
• SecFloat: Accurate Floating-Point meets Secure 2-Party Computation, S&P'22
• MPClan: Protocol Suite for Privacy-Conscious Computations, IACR ePrint'22
• LLAMA: A Low Latency Math Library for Secure Inference, PoPETs'22
• Pika: Secure Computation using Function Secret Sharing over Rings, PoPETs'22
• Piranha: A GPU platform for secure computation, USENIX Security'22
• Secure Quantized Training for Deep Learning, ICML'22
• Prio+: Privacy Preserving Aggregate Statistics via Boolean Shares, ePrint'22

7.2 Survey

• 机器学习隐私保护研究综述, 软件学报'20
• 安全多方计算及其在机器学习中的应用, 计算机研究与发展'21

7.3 Videos

• Microsoft Research. Videos from SEAL/CKKS talks at Microsoft's Private AI Bootcamp.