EVA-S2PMLP: Secure and Scalable Two-Party MLP via Spatial Transformation

TL;DR

EVA-S2PMLP is a secure, scalable framework for privacy-preserving neural network training in vertically partitioned settings, offering high accuracy and reduced communication costs through spatial transformation techniques.

Contribution

It introduces a novel spatial-scale optimization and transformation pipeline for secure two-party MLP training, enhancing privacy and efficiency.

Findings

Achieves up to 12.3x reduction in communication overhead.

Maintains high inference accuracy on benchmark datasets.

Provides a secure, verifiable framework suitable for sensitive applications.

Abstract

Privacy-preserving neural network training in vertically partitioned scenarios is vital for secure collaborative modeling across institutions. This paper presents \textbf{EVA-S2PMLP}, an Efficient, Verifiable, and Accurate Secure Two-Party Multi-Layer Perceptron framework that introduces spatial-scale optimization for enhanced privacy and performance. To enable reliable computation under real-number domain, EVA-S2PMLP proposes a secure transformation pipeline that maps scalar inputs to vector and matrix spaces while preserving correctness. The framework includes a suite of atomic protocols for linear and non-linear secure computations, with modular support for secure activation, matrix-vector operations, and loss evaluation. Theoretical analysis confirms the reliability, security, and asymptotic complexity of each protocol. Extensive experiments show that EVA-S2PMLP achieves high inference accuracy and significantly reduced communication overhead, with up to $12.3\times$ improvement over baselines. Evaluation on benchmark datasets demonstrates that the framework maintains model utility while ensuring strict data confidentiality, making it a practical solution for privacy-preserving neural network training in finance, healthcare, and cross-organizational AI applications.