GGrantIndex
← Search

SHF: Small: Practical Privacy-preserving AI Offloading with Hybridizing Multi-party Computing and Strongly-secure Hardware

$600,000FY2025CSENSF

Pennsylvania State Univ University Park, University Park PA

Investigators

Abstract

When users interact with modern artificial intelligence (AI) services, they often transmit their data to the service provider. For example, individuals seeking to enhance their resumes using tools like ChatGPT must upload their resumes to the service. Those using AI-powered health monitoring devices send their biomedical signals to the provider's AI model. These interactions pose significant privacy risks, as the service provider gains access to potentially sensitive information, such as the user's address in the resume or the user's biomedical data. Existing solutions to mitigate these risks are either too slow and costly or insufficiently secure. This project will develop a hybrid solution that integrates the strengths of current approaches, realizing a secure and efficient AI experience. The outcome of this project will enable users to benefit from AI services without compromising privacy, with applications spanning from everyday tasks to critical sectors like healthcare and national defense. The project will explore a hybrid approach that combines two existing fields of research: multi-party computing (MPC), which offers strong cryptographic security but suffers from slow performance, and trusted hardware, which is much faster but weaker in security. The core idea is to design specialized hardware that accelerates only the subset of operations where MPC is slow, while maintaining a strong focus on security through a minimalist, security-first hardware design. The complementary use of the new hardware and MPC will significantly improve performance compared to standard MPC due to its selective hardware acceleration, while offering greater security than typical trusted hardware due to its security-oriented hardware design. The project will address three main challenges. First, the new hardware and the surrounding MPC system will be co-designed to balance security and performance, with various workload split strategies between the two being explored. Second, existing AI models will be adapted to better suit the unique properties of the hybrid system. Third, novel techniques will be developed to ensure the strong security of both the new hardware and the integrated MPC system. Both empirical methods and formal analysis will be employed to a degree not possible for traditional trusted hardware, thanks to the minimalist, security-oriented design. This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

View original record on NSF Award Search →