Recently, private inference (PI) has addressed the rising concern over data
and model privacy in machine learning inference as a service. However, existing
PI frameworks suffer from high computational and communication costs due to the
expensive multi-party computation (MPC) protocols. Existing literature has
developed lighter MPC protocols to yield more efficient PI schemes. We, in
contrast, propose to lighten them by introducing an empirically-defined privacy
evaluation. To that end, we reformulate the threat model of PI and use
inference data privacy attacks (IDPAs) to evaluate data privacy. We then
present an enhanced IDPA, named distillation-based inverse-network attack
(DINA), for improved privacy evaluation. Finally, we leverage the findings from
DINA and propose C2PI, a two-party PI framework presenting an efficient
partitioning of the neural network model and requiring only the initial few
layers to be performed with MPC protocols. Based on our experimental
evaluations, relaxing the formal data privacy guarantees C2PI can speed up
existing PI frameworks, including Delphi [1] and Cheetah [2], up to 2.89x and
3.88x under LAN and WAN settings, respectively, and save up to 2.75x
communication costs