Securely computing graph convolutional networks (GCNs) is critical for applying their analytical capabilities to privacy-sensitive data like social/credit networks. Multiplying a sparse yet large adjacency matrix of a graph in GCN--a core operation in training/inference--poses a performance bottleneck in secure GCNs. Consider a GCN with nodes and edges; it incurs a large communication overhead. Modeling bipartite graphs and leveraging the monotonicity of non-zero entry locations, we propose a co-design harmonizing secure multi-party computation (MPC) with matrix sparsity. Our sparse matrix decomposition transforms an arbitrary sparse matrix into a product of structured matrices. Specialized MPC protocols for oblivious permutation and selection multiplication are then tailored, enabling our secure sparse matrix multiplication () protocol, optimized for secure multiplication of these structured matrices. Together, these techniques take communication in constant rounds. Supported by , we present Virgos, a secure 2-party framework that is communication-efficient and memory-friendly on standard vertically-partitioned graph datasets. Performance of Virgos has been empirically validated across diverse network conditions.
View on arXiv@article{zheng2025_2502.09808,
title={ VIRGOS: Secure Graph Convolutional Network on Vertically Split Data from Sparse Matrix Decomposition },
author={ Yu Zheng and Qizhi Zhang and Lichun Li and Kai Zhou and Shan Yin },
journal={arXiv preprint arXiv:2502.09808},
year={ 2025 }
}