Where is the encryption (of inputs) and decryption (of results) for FHE models?

The compiler handles the encryption and decryption process when .predict is called with execute_in_fhe set to True . It firsts encrypts the inputs, then runs the inference on them in FHE and finally decrypts the results.

For now, it is not yet possible to manually call each one of those steps separately. However, Concrete ML’s next release will make this feature available. Until then, you can still test several models using FHE, as this aforementioned process is done transparently.

More information in the documentation.

Hello, has there been any update on this ? I am excited to use this in a more applicative context and was going to put this as a question but see it is already of much interest.

Hello @dalvi,

Glad to hear that you are having fun with Concrete-ML :slight_smile:

Previous release had to be delayed and so this thread is still relevant today unfortunately. However, we are closer than ever to do the next release.

A client/server API will allow you to do all the needed operations to deploy your model such serialization of encrypted data and model to be sent to a server, decryption of results, …

Once the release is live, we will be happy to help you if you have any trouble to setting up your application!

1 Like

Thank you for your reply. Awaiting the next release quite enthusiastically.

One follow up question; I do understand the current abstraction has it the way that client is where the data is hosted and the server is where the model is hosted, whereby the client sends the encrypted data in by serialisation and the server applies the model and sends back the result. This has an obvious flaw of trust being given to the server.

Would it also be possible to reverse the scenario whereby the server is where the data is hosted, and client is with the model, and the client sends the encrypted model for the server to test?

The first scenario you describe is the most straightforward one that will be available in the next release. I am not sure what trust you would have to put in the server? Client’s data is encrypted and so are the results returned from the server.

That being said, the second use case you mention is also possible but not yet available in Concrete-ML. If you think this is something you would like to see in Concrete-ML, please don’t hesitate to open a new thread explaining the need!

1 Like

New version of Concrete-ML (v0.3): now, you have client/server support, see Production Deployment - Concrete ML