Consider encrypted AI. You ask a question under encryption. The remote calculates the answer, which is still under encryption. This is the critical point; the remote cannot see the question and answer. It only calculates. Once you receive the answer, you decrypt it and see the answer; only you see the answer.
It'll be very useful for even local setups when the data needs to be confidential. Look at the research related to medical training of llms (ignore their current lack of direct usefulness/trustworthiness, those are potentially solvable), with a homomorphically encrypted session, the large inference servers never see hipaa protected data in a way that exposes it if the server is compromised even if its an on premises setup in your doctors office processing the data, reducing risk of the data leaking anywhere.
Thanks a lot. Though encrypted AI chat bot is not far ahead, do not think of that as the primary target of today. Instead, there are many untapped applications (e.g. inter-bank transfers, industry, healthcare) where regulations, privacy laws and compliance requirements restrict institutions from touching data. These will initially be our key enablers, and over time we hope to extend the range of applications.
Have you considered that maybe the computation itself on the private data, no matter how you put it, even if encrypted, was designed to protect the consumer?
I.E., gaining any sort of insight a transaction of protected information is what the protections were in place for.
So is FHE more about skirting regulations and privacy laws? Or, is it a new frontier of an untapped data source that has some red tape around it?
To me, something was simply not encrypted properly if you are able to draw conclusions/learn insights/detect anything about the data. It's in conflict with the idea of what secure encryption means to me.
That 90% only measures images already known to be one of CIFAR-10’s ten classes. There is no “none of the above,” so even a perfect benchmark score would still force a calculator into one of those labels.
Big if true! One of the caveats here is that the file size seems to balloon 341 times.
That's a exceptional tradeoff. Even 3000x is noteworthy as long as processing time does not go to the moon wrt HE/FHE
It's pretty confident this calculator is a cat.
https://i.postimg.cc/90WGjk8t/results.png
What's the use case for this?
Consider encrypted AI. You ask a question under encryption. The remote calculates the answer, which is still under encryption. This is the critical point; the remote cannot see the question and answer. It only calculates. Once you receive the answer, you decrypt it and see the answer; only you see the answer.
Ah, that sounds impossible. Good luck, sir...Also, who wants this if you can just run a local model?
It'll be very useful for even local setups when the data needs to be confidential. Look at the research related to medical training of llms (ignore their current lack of direct usefulness/trustworthiness, those are potentially solvable), with a homomorphically encrypted session, the large inference servers never see hipaa protected data in a way that exposes it if the server is compromised even if its an on premises setup in your doctors office processing the data, reducing risk of the data leaking anywhere.
Thanks a lot. Though encrypted AI chat bot is not far ahead, do not think of that as the primary target of today. Instead, there are many untapped applications (e.g. inter-bank transfers, industry, healthcare) where regulations, privacy laws and compliance requirements restrict institutions from touching data. These will initially be our key enablers, and over time we hope to extend the range of applications.
Have you considered that maybe the computation itself on the private data, no matter how you put it, even if encrypted, was designed to protect the consumer?
I.E., gaining any sort of insight a transaction of protected information is what the protections were in place for.
So is FHE more about skirting regulations and privacy laws? Or, is it a new frontier of an untapped data source that has some red tape around it?
To me, something was simply not encrypted properly if you are able to draw conclusions/learn insights/detect anything about the data. It's in conflict with the idea of what secure encryption means to me.
I think calculator is not part of the labels in cifar-10. Pretty normal as it has ‘only’ 90% accuracy. Things could improve quickly though
That 90% only measures images already known to be one of CIFAR-10’s ten classes. There is no “none of the above,” so even a perfect benchmark score would still force a calculator into one of those labels.
From the webpage:
> Image classification without the server seeing the image.
The value is in being able to get the prediction from the model without ever giving unencrypted data to somebody you don’t trust.
You could have an LLM generate code for you without ever giving the operator your proprietary source code.