How to encrypt a trained model on local file system

Hi, y’all

We have a model that gets pulled from s3 to the local file system. This is a security vulnerability. How do we keep the model in memory or encode it somehow so that it cannot be tampered with from the local file system? Thanks!

Hi @evilChatGPT , you can use cryptography in python to encrypt your trained model. Once you have loaded your trained model you have to convert your model in byte code using the pickle library. Then you have to generate a key using cryptography.fernet.generate_key( )

from cryptography.fernet import Fernet
# Put this somewhere safe!
key = Fernet.generate_key()
fk = Fernet(key)

After generating the key you can now encrypt the byte code of the model using the generated key. To make predictions you have to decrypt the model. Please refer to this gist for working code example. Thank You.


Hi, Kiran! This is remarkable and exactly what I needed. I really appreciate you taking the time to write this up! I am still going to keep this post open in case there are other solutions.