Secure Multilayer Perceptron Based on Homomorphic Encryption

Bellafqira, Reda; Coatrieux, Gouenou; Génin, Emmanuelle; Cozic, Michel

doi:10.1007/978-3-030-11389-6_24

Cited by 11 publications

(8 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The aspects of the comparison revolve around the security (including the ability to counteract hitchhiking wiretapping), whether the activation computing supports accuracy losslessness from the underlying network, whether it supports low latency, whether it supports multiple keys and whether it is lightweight on the user side. Among them, the scheme based on Paillier encryption proposed by Bellafqira et al 8 allows the cloud server to know the user's private key, which can cause data privacy leakage, and the scheme does not support multiple keys. The scheme proposed by Mohassel et al 20 uses a Relu function approximate polynomials approach to calculate the activation function, and thus does not support the activation computation accuracy in line with the underlying network, and the scheme is computationally burdensome to the user, thus it does not support lightweight users.…”

Section: Theoretical Analysismentioning

confidence: 99%

“…After analyzing and studying related literature, we found the following two main issues regarding the prediction on the privacy‐preserving convolutional neural network at present: (1) privacy protection. In some dual‐server models where one of the servers is allowed to have the private key from a user 7,8 or both are given access to the model parameters, 7 which is obviously insecure. While in schemes with secret sharing, the raw data is uploaded directly to the server in a shared format, which can also cause semi‐honest participants to restore information by wiretapping, bring the risk of privacy leakage 9,10 .…”

Section: Introductionmentioning

confidence: 99%

“…Although the generated approximate polynomials help to compute the Relu function, such an approach would impose large computational overhead on servers when exploiting homomorphic properties and lead to high latency, which is consistent with the activation function computation proposed by Ma et al, 26 Chabanne et al, 18 and Kwabena et al 19 In particular, the Taylor series expansion only at a single point is not well fitted to the whole function and the scheme cannot be in line with the underlying network accuracy. Bellafqira et al 8 constructed a privacy‐preserving multilayer perceptron model based on Paillier cryptosystem, although the activation function computing on the two‐server model is achieved by comparison protocol to ensure the underlying network accuracy, the fact that one of the servers in the model is allowed to know the user's private key will cause privacy threat to raw data. Chen et al 22 utilized the Paillier homomorphic cryptosystem to implement the activation function computing with a comparison protocol, which achieves underlying network accuracy without loss, but the complicated modulo exponential operations will cause high latency.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Privacy‐preserving convolutional neural network prediction with low latency and lightweight users

Chen

Duan

et al. 2021

Int J Intell Syst

View full text Add to dashboard Cite

Convolutional neural networks (CNNs) have excellent and extensive applications in image recognition. With the continuous exploitation of data value and the proliferation of machine learning‐as‐a‐service, convolutional neural network prediction schemes on privacy preservation have been introduced one after another, which makes much more attention focused on the privacy leakage and services offered to be efficient and light. Therefore, how to improve the convolutional neural prediction scheme on the premise of privacy preservation turns out to be an imperative research issue. In this paper, we propose a privacy‐preserving convolutional neural network prediction scheme (PCP‐LL) that supports low latency and lightweight users. The scheme starts from the perspective of lossless accuracy from underlying networks. First, we construct a secure activation function computing protocol (SActF) utilizing a commodity‐based secure comparison protocol, which reduces the complexity and latency during the activation function computing under ciphertexts compared with common schemes. Second, to further support lightweight users, we introduce a secure output layer protocol (SOut) that enables users to obtain the prediction results without extra decryption after simple operations. Then, the scheme adopts the distributed two trapdoors public‐key cryptosystem (DT‐PKC) to achieve both data and model security, which well avoids security issues especially such as wiretapping by semi‐honest participants commonly in secret sharing schemes. Finally, through relevant evaluations, the scheme not only achieves privacy preservation and low latency, but also supports lightweight users.

show abstract

Section: Theoretical Analysismentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Privacy‐preserving convolutional neural network prediction with low latency and lightweight users

Chen

Duan

et al. 2021

Int J Intell Syst

View full text Add to dashboard Cite

show abstract

“…As stated in Section III-A, the objective is to allow HMI to securely filter IMD data and threshold the filter output so as to raise or not an alarm to the patient. Several well-known issues have to be considered when filtering data in the homomorphic domain [43]: negative numbers, fractional numbers,... In this section and in order to alleviate the presentation of our proposal, we consider that the IMD data {d i } i=0,...,M −1 , the threshold s and the HMI filter weights {w i } i=0,...,M −1 are integers.…”

Section: ) Analyzing Homomorphically Encrypted Datamentioning

confidence: 99%

“…In this section and in order to alleviate the presentation of our proposal, we consider that the IMD data {d i } i=0,...,M −1 , the threshold s and the HMI filter weights {w i } i=0,...,M −1 are integers. One can refer to [43] for a strategy for managing fractional and real numbers. In that respect, once HMI accesses to D-J encrypted data…”

Section: ) Analyzing Homomorphically Encrypted Datamentioning

confidence: 99%

Cryptosystem Conversion, Packing and Matrix Processing of Homomorphically Encrypted Data: Application to IOT Devices

2021

Self Cite

View full text Add to dashboard Cite

In this paper, we propose a secure protocol that allows processing encrypted data emitted by an IOT device with low computational capabilities. Its originality is threefold. It first relies on a new fast algorithm which makes possible the conversion of Combined Linear Congruential Generator (CLCG) encrypted IOT data into data homomorphically encrypted with the Damgard-Jurik (D-J) cryptosystem. In second, an original data packing strategy is given so as to reduce communication and computation complexity as well as process several D-J encrypted data at once by means of matrix operations. In third, we introduce a crypto-watermarking based integrity control mechanism. This one combines the lightweight hash function Quark with LSB substitution so as to offer the capability to check the integrity of CLCG encrypted data. We illustrate the deployment of our protocol, in the case an honest-but-curious or malicious third party wants to process encrypted data issued from a real connected knee prosthesis. We theoretically and experimentally demonstrate the performance of our solution. This one can nearly process 500 samples every second. Beyond, our proposal is suited to the general case of IOT.

show abstract