Ágnes Kiss,Masoud Naderpour,Jian Liu,N. Asokan,Thomas Schneider

DOI: https://doi.org/10.2478/popets-2019-0026

2019-01-01

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract Decision trees and random forests are widely used classifiers in machine learning. Service providers often host classification models in a cloud service and provide an interface for clients to use the model remotely. While the model is sensitive information of the server, the input query and prediction results are sensitive information of the client. This motivates the need for private decision tree evaluation, where the service provider does not learn the client’s input and the client does not learn the model except for its size and the result. In this work, we identify the three phases of private decision tree evaluation protocols: feature selection, comparison, and path evaluation. We systematize constant-round protocols for each of these phases to identify the best available instantiations using the two main paradigms for secure computation: garbling techniques and homomorphic encryption. There is a natural tradeoff between runtime and communication considering these two paradigms: garbling techniques use fast symmetric-key operations but require a large amount of communication, while homomorphic encryption is computationally heavy but requires little communication. Our contributions are as follows: Firstly, we systematically review and analyse state-of-the-art protocols for the three phases of private decision tree evaluation. Our methodology allows us to identify novel combinations of these protocols that provide better tradeoffs than existing protocols. Thereafter, we empirically evaluate all combinations of these protocols by providing communication and runtime measures, and provide recommendations based on the identified concrete tradeoffs.

Jianli Bai,Xiangfu Song,Shujie Cui,Ee-Chien Chang,Giovanni Russello

DOI: https://doi.org/10.48550/arXiv.2205.01284

2022-05-03

Cryptography and Security

Abstract:Private decision tree evaluation (PDTE) allows a decision tree holder to run a secure protocol with a feature provider. By running the protocol, the feature provider will learn a classification result. Nothing more is revealed to either party. In most existing PDTE protocols, the required communication grows exponentially with the tree's depth $d$, which is highly inefficient for large trees. This shortcoming motivated us to design a sublinear PDTE protocol with $O(d)$ communication complexity. The core of our construction is a shared oblivious selection (SOS) functionality, allowing two parties to perform a secret-shared oblivious read operation from an array. We provide two SOS protocols, both of which achieve sublinear communication and propose optimizations to further improve their efficiency. Our sublinear PDTE protocol is based on the proposed SOS functionality and we prove its security under a semi-honest adversary. We compare our protocol with the state-of-the-art, in terms of communication and computation, under various network settings. The performance evaluation shows that our protocol is practical and more scalable over large trees than existing solutions.

Jianli Bai,Xiangfu Song,Xiaowu Zhang,Qifan Wang,Shujie Cui,Ee-Chien Chang,Giovanni Russello

DOI: https://doi.org/10.48550/arXiv.2309.17124

2023-09-29

Abstract:A private decision tree evaluation (PDTE) protocol allows a feature vector owner (FO) to classify its data using a tree model from a model owner (MO) and only reveals an inference result to the FO. This paper proposes Mostree, a PDTE protocol secure in the presence of malicious parties with sublinear communication. We design Mostree in the three-party honest-majority setting, where an (untrusted) computing party (CP) assists the FO and MO in the secure computation. We propose two low-communication oblivious selection (OS) protocols by exploiting nice properties of three-party replicated secret sharing (RSS) and distributed point function. Mostree combines OS protocols with a tree encoding method and three-party secure computation to achieve sublinear communication. We observe that most of the protocol components already maintain privacy even in the presence of a malicious adversary, and what remains to achieve is correctness. To ensure correctness, we propose a set of lightweight consistency checks and seamlessly integrate them into Mostree. As a result, Mostree achieves sublinear communication and malicious security simultaneously. We implement Mostree and compare it with the state-of-the-art. Experimental results demonstrate that Mostree is efficient and comparable to semi-honest PDTE schemes with sublinear communication. For instance, when evaluated on the MNIST dataset in a LAN setting, Mostree achieves an evaluation using approximately 768 ms with communication of around 168 KB.

Cryptography and Security

Rasoul Akhavan Mahdavi,Haoyan Ni,Dimitry Linkov,Florian Kerschbaum

DOI: https://doi.org/10.48550/arXiv.2309.06496

2023-09-13

Abstract:As machine learning as a service continues gaining popularity, concerns about privacy and intellectual property arise. Users often hesitate to disclose their private information to obtain a service, while service providers aim to protect their proprietary models. Decision trees, a widely used machine learning model, are favoured for their simplicity, interpretability, and ease of training. In this context, Private Decision Tree Evaluation (PDTE) enables a server holding a private decision tree to provide predictions based on a client's private attributes. The protocol is such that the server learns nothing about the client's private attributes. Similarly, the client learns nothing about the server's model besides the prediction and some hyperparameters. In this paper, we propose two novel non-interactive PDTE protocols, XXCMP-PDTE and RCC-PDTE, based on two new non-interactive comparison protocols, XXCMP and RCC. Our evaluation of these comparison operators demonstrates that our proposed constructions can efficiently evaluate high-precision numbers. Specifically, RCC can compare 32-bit numbers in under 10 milliseconds. We assess our proposed PDTE protocols on decision trees trained over UCI datasets and compare our results with existing work in the field. Moreover, we evaluate synthetic decision trees to showcase scalability, revealing that RCC-PDTE can evaluate a decision tree with over 1000 nodes and 16 bits of precision in under 2 seconds. In contrast, the current state-of-the-art requires over 10 seconds to evaluate such a tree with only 11 bits of precision.

Cryptography and Security

Zhixiang Zhang,Hanlin Zhang,Xiangfu Song,Jie Lin,Fanyu Kong

DOI: https://doi.org/10.1109/tdsc.2024.3372505

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Decision tree classifiers are pervasively applied in a wide range of areas, such as healthcare, credit-risk assessment, spam detection, and many more. To ensure effectiveness and efficiency, clients usually choose to adopt classification services that are offered by model providers. However, the required data interactions in the evaluation process raise privacy concerns for both the provider and the client, indicating an imminent need for private decision tree evaluation (PDTE). Recently, some works, e.g., [1] (ESORICS'19) and [2] (NDSS'21), try to achieve PDTE by secure outsourcing computation. However, to hide the decision tree structure, [1] and [2] require non-complete decision trees to be made complete by padding dummy nodes, which lead to exponential (provider-side and cloud-side) computation and communication complexity in the depth of the decision tree. This is especially impractical for deep but sparse decision trees. In this paper, we propose a secure and efficient outsourced PDTE protocol with a focus on sparse trees. We avoid padding dummy nodes by vector dot products in outsourcing settings. Through experiments, we show the competitive performance of our design. Compared with [2] on Spambase dataset in the cloud-side, we are 486× more communication efficient in offline phase and 15× more communication efficient in online phase.

Guopeng Lin,Weili Han,Wenqiang Ruan,Ruisheng Zhou,Lushan Song,Bingshuai Li,Yunfeng Shao

DOI: https://doi.org/10.1145/3658644.3670274

2024-07-03

Abstract:Multi-party training frameworks for decision trees based on secure multi-party computation enable multiple parties to train high-performance models on distributed private data with privacy preservation. The training process essentially involves frequent dataset splitting according to the splitting criterion (e.g. Gini impurity). However, existing multi-party training frameworks for decision trees demonstrate communication inefficiency due to the following issues: (1) They suffer from huge communication overhead in securely splitting a dataset with continuous attributes. (2) They suffer from huge communication overhead due to performing almost all the computations on a large ring to accommodate the secure computations for the splitting criterion. In this paper, we are motivated to present an efficient three-party training framework, namely Ents, for decision trees by communication optimization. For the first issue, we present a series of training protocols based on the secure radix sort protocols to efficiently and securely split a dataset with continuous attributes. For the second issue, we propose an efficient share conversion protocol to convert shares between a small ring and a large ring to reduce the communication overhead incurred by performing almost all the computations on a large ring. Experimental results from eight widely used datasets show that Ents outperforms state-of-the-art frameworks by $5.5\times \sim 9.3\times$ in communication sizes and $3.9\times \sim 5.3\times$ in communication rounds. In terms of training time, Ents yields an improvement of $3.5\times \sim 6.7\times$. To demonstrate its practicality, Ents requires less than three hours to securely train a decision tree on a widely used real-world dataset (Skin Segmentation) with more than 245,000 samples in the WAN setting.

Cryptography and Security,Artificial Intelligence

Nishanth Chandran,Divya Gupta,Divyanshu Bhardwaj,Sandhya Saravanan

Abstract:Decision trees are an important class of supervised learning algorithms. When multiple entities contribute data to train a decision tree (e.g. for fraud detection in the financial sector), data privacy concerns necessitate the use of a privacy-enhancing technology such as secure multi-party computation (MPC) in order to secure the underlying training data. Prior state-of-the-art (Hamada et al. [18]) construct an MPC protocol for decision tree training with a communication of O( ℎ𝑚𝑁 log 𝑁 ) , when building a decision tree of height ℎ for a training dataset of 𝑁 samples, each having 𝑚 attributes. In this work, we significantly reduce the communication complexity of secure decision tree training. We construct a protocol with communication complexity O( 𝑚𝑁 log 𝑁 + ℎ𝑚𝑁 + ℎ𝑁 log 𝑁 ) , thereby achieving an improvement of ≈ min ( ℎ,𝑚, log 𝑁 ) over [18]. At the core of our technique is an improved protocol to regroup sorted private elements further into additional groups (according to a flag vector) while maintaining their relative ordering. We implement our protocol in the MP-SPDZ framework [1, 22] and show that it requires 10 × lesser communication and is 9 × faster than [18].

Computer Science

Hanxiao Chen,Hongwei Li,Yingzhe Wang,Meng Hao,Guowen Xu,Tianwei Zhang

DOI: https://doi.org/10.1109/tifs.2022.3231784

IF: 7.231

2023-01-07

IEEE Transactions on Information Forensics and Security

Abstract:Privacy-preserving decision trees (DTs) in vertical federated learning are one of the most effective tools to facilitate various privacy-critical applications in reality. However, the main bottleneck of current solutions is their huge overhead, mainly due to the adoption of communication-heavy bit decomposition to realize complex non-linear operations, such as comparison and division. In this paper, we present PriVDT, an efficient two-party framework for private vertical DT training and inference in the offline/online paradigm. Specifically, we customize several cryptographic building blocks based on an advanced primitive, Function Secret Sharing (FSS). First, we construct an optimized comparison protocol to improve the efficiency via reducing the invocation of FSS evaluations. Second, we devise an efficient and privacy-enhanced division protocol without revealing the range of divisors, which utilizes the above comparison protocol and more importantly new designed FSS-based secure range and digital decomposition protocols. Besides, we further reduce the overhead of linear operations by employing lightweight pseudorandom function-based Beaver's triple techniques. Building on the above efficient components, we implement the PriVDT framework and evaluate it on 5 real-world datasets on both LAN and WAN. Experimental results show that the end-to-end runtime of PriVDT outperforms the prior art by on LAN and on WAN. Moreover, PriVDT provides comparable accuracy to the non-private setting.

computer science, theory & methods,engineering, electrical & electronic

Qizhi Zhang,Bingsheng Zhang,Lichun Li,Shan Yin,Juanjuan Sun

2021-01-01

Abstract:Secure computation enables two or more parties to jointly evaluate a function without revealing to each other their private input.G-module is an abelian groupM,where the groupG acts compatibly with the abelian group structure onM. In this work, we present several secure computation protocols forG-module operations in the online/offline mode. We then show how to instantiate those protocols to implement many widely used secure computation primitives in privacy-preserving machine learning and data mining, such as oblivious cyclic shift, oneround shared OT, oblivious permutation, oblivious shuffle, secure comparison,oblivious selection,DReLU,andReLU,etc. All the proposed protocols are constant-round, and they are 2X 10X more efficient than the-state-of-the-art constant-round protocols in terms of communication complexity.

Kexin Xu,Benjamin Hong Meng Tan,Li-Ping Wang,Khin Mi Mi Aung,Huaxiong Wang

DOI: https://doi.org/10.1016/j.jisa.2023.103582

IF: 4.96

2023-08-24

Journal of Information Security and Applications

Abstract:A decision tree is a common algorithm in machine learning, which performs classification prediction based on a tree structure. In real-world scenarios, input attribute values may be sensitive and tree models are usually private, thus the computation potentially incurs security and privacy risks. In this paper, we focus on how to retain privacy when outsourcing decision tree evaluation. Leveraging homomorphic encryption, our construction achieves data confidentiality against semi-honest adversaries while enabling both the client (who provides the attributes) and the model holder to be offline during evaluation. Based on an unbalanced-computational-ability two-server model, we achieve single-branch evaluation, which is exponentially less computation than previous schemes that evaluated the entire decision tree. A proof-of-concept implementation demonstrates this. Additionally, with multi-key encryption and joint decryption, our protocol easily supports multi-client scenarios.

computer science, information systems

Yi Sun,Jun Wu,Guofang Zhang,Lei Zhang,Ran Li

DOI: https://doi.org/10.1016/j.egyr.2023.04.210

IF: 5.2

2023-09-01

Energy Reports

Abstract:The computational efficiency of unit commitment (UC) is important for power system operations. Traditionally the unit commitment problem is solved per hour in a day, but with the scale of the power system and the electricity market continuing to expand, the large-scale UC problem will be hard to be solved within 1 h which will affect the power system operation and market clearing. To reduce the solving time of the large-scale UC problem, an ultra-fast optimization algorithm of neural branching for unit commitment (NBUC) is proposed. NBUC learns the branch and bound (B&B) decision made by full strong branching (FSB), which can generate the perfect B&B order to minimize the iterative process but take a lot of time to decide the perfect order by using graph convolutional neural network according to the historical data, and then makes the perfect order prediction with a certain precision without spending a lot of time to make B&B decision which minimizes the solving time including the iteration time and decision time in order to solve the large-scale UC problem quickly. A modified RTS-96 bus system is used to validate the effectiveness of the proposed NBUC. The results show 9.3% and 23.2% reductions in computational time compared with commercial software CPLEX and SCIP.

energy & fuels

Satsuya Ohata,Koji Nuida

DOI: https://doi.org/10.48550/arXiv.1907.03415

2020-01-04

Abstract:Secure multi-party computation (MPC) allows a set of parties to compute a function jointly while keeping their inputs private. Compared with the MPC based on garbled circuits,some recent research results show that MPC based on secret sharing (SS) works at a very high speed. Moreover, SS-based MPC can be easily vectorized and achieve higher throughput. In SS-based MPC, however, we need many communication rounds for computing concrete protocols like equality check, less-than comparison, etc. This property is not suited for large-latency environments like the Internet (or WAN). In this paper, we construct semi-honest secure communication-efficient two-party protocols. The core technique is Beaver triple extension, which is a new tool for treating multi-fan-in gates, and we also show how to use it efficiently. We mainly focus on reducing the number of communication rounds, and our protocols also succeed in reducing the number of communication bits (in most cases). As an example, we propose a less-than comparison protocol (under practical parameters) with three communication rounds. Moreover, the number of communication bits is also $38.4\%$ fewer. As a result, total online execution time is $56.1\%$ shorter than the previous work adopting the same settings. Although the computation costs of our protocols are more expensive than those of previous work, we confirm via experiments that such a disadvantage has small effects on the whole online performance in the typical WAN environments.

Cryptography and Security

Liang Xue,Dongxiao Liu,Cheng Huang,Xiaodong Lin,Xuemin(Sherman)Shen

DOI: https://doi.org/10.23919/jcin.2020.9055107

2020-01-01

Journal of Communications and Information Networks

Abstract:As a widely-used machine-learning classifier, a decision tree model can be trained and deployed at a service provider to provide classification services for clients, e.g., remote diagnostics. To address privacy concerns regarding the sensitive information in these services (i.e., the clients' inputs, model parameters, and classification results), we propose a privacy-preserving decision tree classification scheme (PDTC) in this paper. Specifically, we first tailor an additively homomorphic encryption primitive and a secret sharing technique to design a new secure two-party comparison protocol, where the numeric inputs of each party can be privately compared as a whole instead of doing that in a bit-by-bit manner. Then, based on the comparison protocol, we exploit the structure of the decision tree to construct PDTC, where the input of a client and the model parameters of a service provider are concealed from the counterparty and the classification result is only revealed to the client. A formal simulation-based security model and the security proof demonstrate that PDTC achieves desirable security properties. In addition, performance evaluation shows that PDTC achieves a lower communication and computation overhead compared with existing schemes.

Zoe Lin Jiang,Songjiang Shi,Hongxiao Wang,Peng Yang,Xuan Wang,Yulin Wu,Yantao Zhong,Yan Jia

DOI: https://doi.org/10.1109/icdis55630.2022.00008

2022-01-01

Abstract:Secure honest-majority four-party computation (4PC) protocol was proposed for four mutually-distrusting parties to jointly evaluate a complex function on their private inputs with private robustness by cheater identification. This capability has great potential for distributed private computation, such as distributed privacy-preserving machine learning. However, the adoption of secure 4PC is hampered mainly by the computation and communication costs of online phase of protocol. In this work we propose an efficient secure 4PC protocol with private robustness. Specifically, by transferring hash verification operation for cheating detection to the fourth party, and with the help of the mutual constraint between the four parties, the communication rounds and communication costs of joint message passing primitive can be reduced. To further reduce communication cost, this paper proposes to divide the four parties into two groups and applies the method of two-party multiplication with truncation to avoid multiplication overflow. We implement secure 4PC protocol and demonstrate the efficiency of computation and communication in MNIST multi-class classification training. It achieves $2.1\times$ reduction in computation cost and $2.5\times$ reduction in communication cost compared to prior works.

Gioni Mexi,Somayeh Shamsi,Mathieu Besançon,Pierre Le Bodic

2024-04-05

Abstract:Strong Branching (SB) is a cornerstone of all modern branching rules used in the Branch-and-Bound (BnB) algorithm, which is at the center of Mixed-Integer Programming solvers. In its full form, SB evaluates all variables to branch on and then selects the one producing the best relaxation, leading to small trees, but high runtimes. State-of-the-art branching rules therefore use SB with working limits to achieve both small enough trees and short run times. So far, these working limits have been established empirically. In this paper, we introduce a theoretical approach to guide how much SB to use at each node within the BnB. We first define an abstract stochastic tree model of the BnB algorithm where the geometric mean dual gains of all variables follow a given probability distribution. This model allows us to relate expected dual gains to tree sizes and explicitly compare the cost of sampling an additional SB candidate with the reward in expected tree size reduction. We then leverage the insight from the abstract model to design a new stopping criterion for SB, which fits a distribution to the dual gains and, at each node, dynamically continues or interrupts SB. This algorithm, which we refer to as Probabilistic Lookahead Strong Branching, improves both the tree size and runtime over MIPLIB instances, providing evidence that the method not only changes the amount of SB, but allocates it better.

Optimization and Control

Ye Li,Zoe L. Jiang,Lin Yao,Xuan Wang,S. M. Yiu,Zhengan Huang

DOI: https://doi.org/10.1007/s10586-017-1019-9

2017-01-01

Cluster Computing

Abstract:Many companies want to share data for data-mining tasks. However, privacy and security concerns have become a bottleneck in the data-sharing field. The secure multiparty computation (SMC)-based privacy-preserving data mining has emerged as a solution to this problem. However, there is heavy computation cost at user side in traditional SMC solutions. This study introduces an outsourcing method to reduce the computation cost of the user side. We also preserve the privacy of the shared databy proposing an outsourced privacy-preserving C4.5 algorithm over horizontally and vertically partitioned data for multiple parties based on the outsourced privacy preserving weighted average protocol (OPPWAP) and outsourced secure set intersection protocol (OSSIP). Consequently, we have found that our method can achieve a result same the original C4.5 decision tree algorithm while preserving data privacy. Furthermore, we also implement the proposed protocols and the algorithms. It shows that a sublinear relationship exists between the computational cost of the user side and the number of participating parties.

Koki Hamada,Dai Ikarashi,Ryo Kikuchi,Koji Chida

DOI: https://doi.org/10.48550/arXiv.2112.12906

2021-12-24

Abstract:We propose a secure multi-party computation (MPC) protocol that constructs a secret-shared decision tree for a given secret-shared dataset. The previous MPC-based decision tree training protocol (Abspoel et al. 2021) requires $O(2^hmn\log n)$ comparisons, being exponential in the tree height $h$ and with $n$ and $m$ being the number of rows and that of attributes in the dataset, respectively. The cause of the exponential number of comparisons in $h$ is that the decision tree training algorithm is based on the divide-and-conquer paradigm, where dummy rows are added after each split in order to hide the number of rows in the dataset. We resolve this issue via secure data structure that enables us to compute an aggregate value for every group while hiding the grouping information. By using this data structure, we can train a decision tree without adding dummy rows while hiding the size of the intermediate data. We specifically describes a decision tree training protocol that requires only $O(hmn\log n)$ comparisons when the input attributes are continuous and the output attribute is binary. Note that the order is now \emph{linear} in the tree height $h$. To demonstrate the practicality of our protocol, we implement it in an MPC framework based on a three-party secret sharing scheme. Our implementation results show that our protocol trains a decision tree with a height of 5 in 33 seconds for a dataset of 100,000 rows and 10 attributes.

Cryptography and Security

Chen Wang,Jian Xu,Shanru Tan,Long Yin

DOI: https://doi.org/10.1016/j.csi.2023.103818

IF: 3.721

2023-12-04

Computer Standards & Interfaces

Abstract:Outsourcing decision tree classification services to the cloud is highly beneficial, yet raises critical privacy problems. In order to preserve data privacy, data owners may choose to upload encrypted data rather than raw data to the classification services. However, these solutions adopted today for encrypted data classification not only fall short in system flexibility and scalability, but also face the single point of failure problem. In this paper, we design, implement, and evaluate a secure decision tree classification scheme that allows decentralized authorization and access control service (SDTC-DAAC). Firstly, we propose a new framework that decouples data encryption and data computation logic to achieve the separation of data storage and computation, which significantly improves upon the flexibility and effectiveness, thus achieving cross-system compatibility requirements. Secondly, we present an end-to-end encrypted access control mechanism which enables authorized users from different parties to participate in calculations together. Finally, we further devise a scheme which serves decentralized storage service of data access control policies and access authorization without trusted intermediaries. Extensive property and performance analysis shows that SDTC-DAAC is effectiveness, as well as satisfying the security requirements for data privacy in an outsourcing environment.

computer science, software engineering, hardware & architecture

Ayman Chaouki,Jesse Read,Albert Bifet

2024-10-04

Abstract:Decision Tree (DT) Learning is a fundamental problem in Interpretable Machine Learning, yet it poses a formidable optimisation challenge. Despite numerous efforts dating back to the early 1990's, practical algorithms have only recently emerged, primarily leveraging Dynamic Programming (DP) and Branch & Bound (B&B) techniques. These methods fall into two categories: algorithms like DL8.5, MurTree and STreeD utilise an efficient DP strategy but lack effective bounds for pruning the search space; while algorithms like OSDT and GOSDT employ more efficient pruning bounds but at the expense of a less refined DP strategy. We introduce Branches, a new algorithm that combines the strengths of both approaches. Using DP and B&B with a novel analytical bound for efficient pruning, Branches offers both speed and sparsity optimisation. Unlike other methods, it also handles non-binary features. Theoretical analysis shows its lower complexity compared to existing methods, and empirical results confirm that Branches outperforms the state-of-the-art in speed, iterations, and optimality.

Machine Learning

Mark Abspoel,Daniel Escudero,Nikolaj Volgushev

DOI: https://doi.org/10.2478/popets-2021-0010

2020-11-09

Proceedings on Privacy Enhancing Technologies

Abstract:Abstract We apply multiparty computation (MPC) techniques to show, given a database that is secret-shared among multiple mutually distrustful parties, how the parties may obliviously construct a decision tree based on the secret data. We consider data with continuous attributes (i.e., coming from a large domain), and develop a secure version of a learning algorithm similar to the C4.5 or CART algorithms. Previous MPC-based work only focused on decision tree learning with discrete attributes (De Hoogh et al. 2014). Our starting point is to apply an existing generic MPC protocol to a standard decision tree learning algorithm, which we then optimize in several ways. We exploit the fact that even if we allow the data to have continuous values, which a priori might require fixed or floating point representations, the output of the tree learning algorithm only depends on the relative ordering of the data. By obliviously sorting the data we reduce the number of comparisons needed per node to O ( N log 2 N ) from the naive O ( N 2 ), where N is the number of training records in the dataset, thus making the algorithm feasible for larger datasets. This does however introduce a problem when duplicate values occur in the dataset, but we manage to overcome this problem with a relatively cheap subprotocol. We show a procedure to convert a sorting network into a permutation network of smaller complexity, resulting in a round complexity of O (log N ) per layer in the tree. We implement our algorithm in the MP-SPDZ framework and benchmark our implementation for both passive and active three-party computation using arithmetic modulo 2 64 . We apply our implementation to a large scale medical dataset of ≈ 290 000 rows using random forests, and thus demonstrate practical feasibility of using MPC for privacy-preserving machine learning based on decision trees for large datasets.