SecMoE: Communication-Efficient Secure MoE Inference via Select-Then-Compute

TL;DR

SecMoE introduces a communication-efficient, privacy-preserving MoE inference framework that significantly scales model size and reduces communication overhead while maintaining privacy in two-party settings.

Contribution

It proposes a novel Select-Then-Compute approach that enhances privacy and efficiency in secure MoE inference, enabling larger models with less communication and computation.

Findings

Scales to 63× larger models with only 15.2× runtime increase.

Reduces communication by 1.8× to 7.1× compared to SOTA.

Achieves 1.3× to 3.8× speedup over existing protocols.

Abstract

Privacy-preserving Transformer inference has gained attention due to the potential leakage of private information. Despite recent progress, existing frameworks still fall short of practical model scales, with gaps up to a hundredfold. A possible way to close this gap is the Mixture of Experts (MoE) architecture, which has emerged as a promising technique to scale up model capacity with minimal overhead. However, given that the current secure two-party (2-PC) protocols allow the server to homomorphically compute the FFN layer with its plaintext model weight, under the MoE setting, this could reveal which expert is activated to the server, exposing token-level privacy about the client's input. While naively evaluating all the experts before selection could protect privacy, it nullifies MoE sparsity and incurs the heavy computational overhead that sparse MoE seeks to avoid. To address the privacy and efficiency limitations above, we propose a 2-PC privacy-preserving inference framework, \SecMoE. Unifying per-entry circuits in both the MoE layer and piecewise polynomial functions, \SecMoE obliviously selects the extracted parameters from circuits and only computes one encrypted entry, which we refer to as Select-Then-Compute. This makes the model for private inference scale to 63$\times$ larger while only having a 15.2$\times$ increase in end-to-end runtime. Extensive experiments show that, under 5 expert settings, \SecMoE lowers the end-to-end private inference communication by 1.8$\sim$7.1$\times$ and achieves 1.3$\sim$3.8$\times$ speedup compared to the state-of-the-art (SOTA) protocols.