Secure XGBoost Documentation#

Secure XGBoost is a library for secure training and inference of XGBoost models. It allows users to train models on their data in an untrusted cloud environment, while ensuring that the cloud provider only sees encrypted data. In particular, it facilitates secure collaborative learning – where mutually distrustful data owners can jointly train a model on their data, but without revealing their data to each other.

At its core, Secure XGBoost uses secure hardware enclaves (such as Intel SGX) to protect the data and computation even in the presence of a hostile cloud environment. On top of the enclaves, we add a second layer of security that additionally protects the data and computation against a large class of side-channel attacks. For a more in-depth technical overview, please check out our blog post or our CCS PPMLP paper.

This project is currently under development as part of the broader MC^2 project by the UC Berkeley RISE Lab.

Secure XGBoost is open source, and we welcome contributions to our work here. For questions, please open an issue.

Contents#