{"id":13641414,"url":"https://github.com/mc2-project/secure-xgboost","last_synced_at":"2026-01-17T14:37:53.508Z","repository":{"id":35586154,"uuid":"242250914","full_name":"mc2-project/secure-xgboost","owner":"mc2-project","description":"Secure collaborative training and inference for XGBoost.","archived":false,"fork":false,"pushed_at":"2022-10-25T20:21:46.000Z","size":18615,"stargazers_count":105,"open_issues_count":28,"forks_count":31,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-04-20T07:41:13.742Z","etag":null,"topics":["collaborative-learning","data-science","enclave","machine-learning","privacy","security","xgboost"],"latest_commit_sha":null,"homepage":"https://mc2-project.github.io/secure-xgboost/","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"dmlc/xgboost","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mc2-project.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2020-02-21T23:51:46.000Z","updated_at":"2024-09-07T13:44:08.000Z","dependencies_parsed_at":"2023-01-16T00:31:15.248Z","dependency_job_id":null,"html_url":"https://github.com/mc2-project/secure-xgboost","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/mc2-project/secure-xgboost","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mc2-project%2Fsecure-xgboost","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mc2-project%2Fsecure-xgboost/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mc2-project%2Fsecure-xgboost/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mc2-project%2Fsecure-xgboost/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mc2-project","download_url":"https://codeload.github.com/mc2-project/secure-xgboost/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mc2-project%2Fsecure-xgboost/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28510152,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T13:38:16.342Z","status":"ssl_error","status_checked_at":"2026-01-17T13:37:44.060Z","response_time":85,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["collaborative-learning","data-science","enclave","machine-learning","privacy","security","xgboost"],"created_at":"2024-08-02T01:01:20.548Z","updated_at":"2026-01-17T14:37:53.499Z","avatar_url":"https://github.com/mc2-project.png","language":"C++","readme":"# Secure XGBoost\n\n[![Build Status](https://travis-ci.org/mc2-project/secure-xgboost.svg?branch=master)](https://travis-ci.org/mc2-project/secure-xgboost)\n![Documentation Status](https://github.com/mc2-project/secure-xgboost/actions/workflows/docs.yml/badge.svg)\n![Contributions welcome](https://img.shields.io/badge/contributions-welcome-orange.svg)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n[\u003cimg src=\"https://img.shields.io/badge/slack-contact%20us-blueviolet?logo=slack\"\u003e](https://join.slack.com/t/mc2-project/shared_invite/zt-rt3kxyy8-GS4KA0A351Ysv~GKwy8NEQ)\n[![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.0-4baaaa.svg)](CODE_OF_CONDUCT.md)\n\nSecure XGBoost is a library that leverages secure enclaves and data-oblivious algorithms to enable the **collaborative training of and inference using [XGBoost](https://github.com/dmlc/xgboost) models on encrypted data**. \n\nData owners can use Secure XGBoost to train a model on a remote server, e.g., the cloud, _without_ revealing the underlying data to the remote server. Collaborating data owners can use the library to jointly train a model on their collective data without exposing their individual data to each other.\n![Alt Text](doc/images/workflow.gif)\n\nThis project is currently under development as part of the broader [**MC\u003csup\u003e2\u003c/sup\u003e** effort](https://github.com/mc2-project/mc2) (i.e., **M**ultiparty **C**ollaboration and **C**oopetition) by the UC Berkeley [RISE Lab](https://rise.cs.berkeley.edu/).\n\n**NOTE:** The Secure XGBoost library is a research prototype, and has not yet received independent code review. \n\n## Table of Contents\n* [Installation](#installation)\n* [Docker build for local development](#docker-build-for-local-development)\n* [Usage](#usage)\n* [Documentation](#documentation)\n* [Additional Resources](#additional-resources)\n* [Getting Involved](#getting-involved)\n\n## Installation\nThe following instructions will create an environment from scratch. Note that Secure XGBoost has only been tested on Ubuntu 18.04, so **we recommend that you install everything on Ubuntu 18.04**.\n\n1. Install the Open Enclave SDK (0.17.1) and the Intel SGX DCAP driver by following [these instructions](https://github.com/openenclave/openenclave/blob/master/docs/GettingStartedDocs/install_oe_sdk-Ubuntu_18.04.md). In Step 3 of the instructions, install Open Enclave version 0.17.1 by specifying the version:\n\n    ```sh\n    sudo apt -y install clang-8 libssl-dev gdb libsgx-enclave-common libsgx-quote-ex libprotobuf10 libsgx-dcap-ql libsgx-dcap-ql-dev az-dcap-client open-enclave=0.17.1\n\n    ```\n\n2. Configure the required environment variables.\n\n    ```sh\n    source /opt/openenclave/share/openenclave/openenclaverc\n    ```\n\n3. Install CMake and other Secure XGBoost dependencies.\n\n    ```sh\n    wget https://github.com/Kitware/CMake/releases/download/v3.15.6/cmake-3.15.6-Linux-x86_64.sh\n    sudo bash cmake-3.15.6-Linux-x86_64.sh --skip-license --prefix=/usr/local\n\n    sudo apt-get install -y libmbedtls-dev python3-pip\n    pip3 install numpy pandas sklearn numproto grpcio grpcio-tools requests\n    ```\n\n4. Clone Secure XGBoost.\n\n    ```sh\n    git clone https://github.com/mc2-project/secure-xgboost.git\n    ```\n\n5. Before building, you may choose to configure the [build parameters](https://mc2-project.github.io/secure-xgboost/build.html#building-the-targets) in `CMakeLists.txt`, e.g., whether to perform training and inference obliviously. In particular, if running Secure XGBoost on a machine without enclave support, you'll have to set the `OE_DEBUG` parameter to `1` and the `SIMULATE` parameter to `ON`. \n\n6. Build Secure XGBoost and install the Python package.\n\n    ```sh\n    cd secure-xgboost\n    mkdir build\n\n    cd build\n    cmake ..\n    make -j4\n\n    cd ../python-package\n    sudo python3 setup.py install\n    ```\n\n## Docker build for local development\nYou can use the provided [Docker image](https://hub.docker.com/repository/docker/mc2project/ubuntu-oe0.9) if you want to run everything in simulation mode locally. \n\n1. Clone Secure XGBoost.\n\n    ```sh\n    git clone https://github.com/mc2-project/secure-xgboost.git\n    ``` \n\n2. Pull the Docker image.\n    ```sh\n    docker pull mc2project/ubuntu-oe0.9:v1\n    ```\n\n3. Run the Docker image with the cloned directory mounted to the container's `/root/secure-xgboost/` directory [using the `-v` flag](https://stackoverflow.com/questions/23439126/how-to-mount-a-host-directory-in-a-docker-container) when starting the container.\n\n    ```sh\n    docker run -it -v \u003cpath/to/secure-xgboost\u003e:/root/secure-xgboost mc2project/ubuntu-oe0.9:v1 /bin/bash\n    ```\n\n4. Install Open Enclave within the image.\n    ```sh\n    sudo apt update\n    sudo apt -y install open-enclave\n    ```\n\n5. Before building, you may choose to configure the [build parameters](https://mc2-project.github.io/secure-xgboost/build.html#building-the-targets) in `CMakeLists.txt`, e.g., whether to perform training and inference obliviously. In particular, if running Secure XGBoost on a machine without enclave support, you'll have to set the `OE_DEBUG` parameter to `1` and the `SIMULATE` parameter to `ON`. \n\n6. Build Secure XGBoost and install the Python package.\n\n    ```sh\n    cd secure-xgboost\n    mkdir build\n\n    cd build\n    cmake ..\n    make -j4\n\n    cd ../python-package\n    sudo python3 setup.py install\n    ```\n\n\n## Usage\nTo use Secure XGBoost, replace the XGBoost import.\n\n```python\n# import xgboost as xgb\nimport securexgboost as xgb\n```\n\nFor ease of use, the Secure XGBoost API mirrors that of XGBoost as much as possible. While the below block demonstrates usage on a single machine, Secure XGBoost is meant for the client-server model of computation. More information can be found [here](https://mc2-project.github.io/secure-xgboost/about.html#system-architecture).\n\n**Note**: If running Secure XGBoost in simulation mode, pass in `verify=False` to the `attest()` function.\n\n```python\n# Generate a key and use it to encrypt data\nKEY_FILE = \"key.txt\"\nxgb.generate_client_key(KEY_FILE)\nxgb.encrypt_file(\"demo/data/agaricus.txt.train\", \"demo/data/train.enc\", KEY_FILE)\nxgb.encrypt_file(\"demo/data/agaricus.txt.test\", \"demo/data/test.enc\", KEY_FILE)\n\n# Initialize client and connect to enclave\nxgb.init_client(user_name=\"user1\",\n\t\t\t\tsym_key_file=\"key.txt\",\n\t\t\t\tpriv_key_file=\"config/user1.pem\",\n\t\t\t\tcert_file=\"config/user1.crt\")\nxgb.init_server(enclave_image=\"build/enclave/xgboost_enclave.signed\", client_list=[\"user1\"])\n\n# Remote attestation to authenticate enclave\n# If running in simulation mode, pass in `verify=False` below\nxgb.attest(verify=True)\n\n# Load the encrypted data and associate it with your user\ndtrain = xgb.DMatrix({\"user1\": \"demo/data/train.enc\"})\ndtest = xgb.DMatrix({\"user1\": \"demo/data/test.enc\"})\n\nparams = {\n\t\"objective\": \"binary:logistic\",\n\t\"gamma\": \"0.1\",\n\t\"max_depth\": \"3\"\n}\n\n# Train a model \nnum_rounds = 5\nbooster = xgb.train(params, dtrain, num_rounds)\n\n# Get encrypted predictions and decrypt them\npredictions, num_preds = booster.predict(dtest)\n```\n\n## Documentation\nFor more background on enclaves and data-obliviousness, additional tutorials, and more details on build parameters and usage, please refer to the [documentation](https://mc2-project.github.io/secure-xgboost/).\n\n## Additional Resources\n* [CCS PPMLP Paper](https://arxiv.org/pdf/2010.02524.pdf)\n* [Blog Post](https://towardsdatascience.com/secure-collaborative-xgboost-on-encrypted-data-ac7bc0ec7741)\n* RISE Camp 2020 [Tutorial](https://github.com/mc2-project/risecamp/tree/risecamp2020) and [Walkthrough](https://youtu.be/-kK-YCjqABs?t=312)\n\n## Getting Involved\n* mc2-dev@googlegroups.com: For questions and general discussion\n* [Slack](https://join.slack.com/t/mc2-project/shared_invite/zt-rt3kxyy8-GS4KA0A351Ysv~GKwy8NEQ): A more informal setting for discussion\n* [GitHub Issues](https://github.com/mc2-project/secure-xgboost/issues): For bug reports and feature requests.\n* [Pull Requests](https://github.com/mc2-project/secure-xgboost/pulls): For code contributions.\n","funding_links":[],"categories":["Machine Learning"],"sub_categories":["Library OSes and SDKs"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmc2-project%2Fsecure-xgboost","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmc2-project%2Fsecure-xgboost","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmc2-project%2Fsecure-xgboost/lists"}