浏览全部资源
扫码关注微信
基于同态密文转换的隐私保护卷积神经网络推理方案
Privacy-preserving convolutional neural network inference scheme based on homomorphic ciphertext transformation
- 通信学报 2024年45卷第Z1期 页码:12-23
- 作者机构:
1.中国民航大学安全科学与工程学院,天津 300300
2.南开大学网络空间安全学院,天津 300350
3.天津市网络与数据安全技术重点实验室,天津 300350
- 作者简介:
[ "李瑞琪(1993- ),男,黑龙江尚志人,博士,中国民航大学讲师,主要研究方向为全同态加密、格密码学、云计算安全等。" ]
[ "易琴(1998- ),女,四川资阳人,中国民航大学硕士生,主要研究方向为同态加密、隐私保护等。" ]
[ "黄艺璇(1999- ),女,江西新余人,南开大学硕士生,主要研究方向为同态加密、隐私保护等。" ]
[ "贾春福(1967- ),男,河北文安人,博士,南开大学教授、博士生导师,主要研究方向为网络与信息安全、可信计算、恶意代码分析、密码技术应用等。" ]
- 基金信息:天津市教委科研计划基金资助项目(2022KJ066)
DOI:10.11959/j.issn.1000-436x.2024216
中图分类号: TP309.2收稿日期:2024-10-08,
纸质出版日期:2024-10-25
- 稿件说明:
移动端阅览
李瑞琪,易琴,黄艺璇等.基于同态密文转换的隐私保护卷积神经网络推理方案[J].通信学报,2024,45(Z1):12-23.
LI Ruiqi,YI Qin,HUANG Yixuan,et al.Privacy-preserving convolutional neural network inference scheme based on homomorphic ciphertext transformation[J].Journal on Communications,2024,45(Z1):12-23.
李瑞琪,易琴,黄艺璇等.基于同态密文转换的隐私保护卷积神经网络推理方案[J].通信学报,2024,45(Z1):12-23. DOI: 10.11959/j.issn.1000-436x.2024216.
LI Ruiqi,YI Qin,HUANG Yixuan,et al.Privacy-preserving convolutional neural network inference scheme based on homomorphic ciphertext transformation[J].Journal on Communications,2024,45(Z1):12-23. DOI: 10.11959/j.issn.1000-436x.2024216.
摘要
为了解决现有隐私保护卷积神经网络交互频繁、推理准确率稍低等问题,基于同态密文转换框架,提出了一种同态友好型的非交互式隐私保护卷积神经网络推理方案。利用Pegasus同态密文转换框架,在卷积层中利用CKKS(Cheon-Kim-Kim-Song)密文进行并行化的卷积运算;在激活层和池化层中利用LWE密文和LUT(look-up table)技术实现激活函数、最大池化和全局池化的计算;利用Pegasus框架提供的密文转换技术,实现不同形式的同态密文之间的转换。理论分析和实验结果表明,所提方案能够保证数据安全,并且具有较高的推理准确率和较低的计算和通信开销。
Abstract
To solve the problems of frequent interaction and low prediction accuracy of existing privacy-protected convolutional neural networks
a homomorphic friendly non-interactive privacy-protected convolutional neural network inference scheme was proposed via homomorphic ciphertext transformation. Utilizing the Pegasus framework
CKKS (Cheon-Kim-Kim-Song) ciphertext was used to parallelize convolution operations in convolution layer. In the activation layer and pooling layer
LWE ciphertext and LUT (look-up table) technology were used to calculate the activation function
maximum pooling and global pooling. Using the ciphertext conversion technology provided by the Pegasus framework
the conversion between different forms of homomorphic ciphertext is realized. Theoretical analysis and experimental results show that the proposed scheme can ensure data security
and has higher inference accuracy and lower calculation and communication overhead.
关键词
Keywords
references
GENTRY C . Fully homomorphic encryption using ideal lattices [C ] // Proceedings of the forty-first annual ACM symposium on Theory of computing . New York : ACM Press , 2009 : 169 - 178 .
BRAKERSKI Z , VAIKUNTANATHAN V . Efficient fully homomorphic encryption from (standard) LWE [C ] // Proceedings of the 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science . Piscataway : IEEE Press , 2011 : 97 - 106 .
BRAKERSKI Z . Fully homomorphic encryption without modulus switching from classical GapSVP [C ] // Proceedings of 32nd Annual Cryptology Conference . Berlin : Springer , 2012 : 868 - 886 .
FAN J F , VERCAUTEREN F . Somewhat practical fully homomorphic encryption [J ] . IACR Cryptol EPrint Arch , 2012 , 2012 : 144 .
GENTRY C , SAHAI A , WATERS B . Homomorphic encryption from learning with errors: conceptually-simpler, asymptotically-faster, attribute-based [C ] // Proceedings of 33rd Annual Cryptology Conference . Berlin : Springer , 2013 : 75 - 92 .
DUCAS L , MICCIANCIO D . FHEW: bootstrapping homomorphic encryption in less than a second [C ] // Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques . Berlin : Springer , 2015 : 617 - 640 .
CHILLOTTI I , GAMA N , GEORGIEVA M , et al . TFHE: fast fully homomorphic encryption over the torus [J ] . Journal of Cryptology , 2020 , 33 ( 1 ): 34 - 91 .
CHEON J H , KIM A , KIM M , et al . Homomorphic encryption for arithmetic of approximate numbers [C ] // Proceedings of 23rd International Conference on the Theory and Applications of Cryptology and Information Security . Berlin : Springer , 2017 : 409 - 437 .
GILAD-BACHRACH R , DOWLIN N , LAINE K , et al . Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy [C ] // Proceedings of International Conference on Machine learning . New York : ACM Press , 2016 : 201 - 210 .
CHABANNE H , WARGNY A D , MILGRAM J , et al . Privacy-preserving classification on deep neural network [J ] . IACR Cryptol EPrint Arch , 2017 , 2017 : 35 .
CHOU E , BEAL J , LEVY D , et al . Faster cryptonets: leveraging sparsity for real-world encrypted inference [J ] . arXiv Preprint , arXiv: 1811.09953 , 2018 .
JUVEKAR C , VAIKUNTANATHAN V , CHANDRAKASAN A . Gazelle: a low latency framework for secure neural network inference [J ] . arXiv Preprint , arXiv: 1801.05507 , 2018 .
BOURSE F , MINELLI M , MINIHOLD M , et al . Fast homomorphic evaluation of deep discretized neural networks [C ] // Proceedings of 38th Annual International Cryptology Conference . Berlin : Springer , 2018 : 483 - 512 .
CHILLOTTI I , JOYE M , PAILLIER P . Programmable bootstrapping enables efficient homomorphic inference of deep neural networks [C ] // Proceedings of Cyber Security Cryptography and Machine Learning: 5th International Symposium . Berlin : Springer , 2021 : 1 - 19 .
LOU Q , JIANG L . SHE: a fast and accurate deep neural network for encrypted data [J ] . arXiv Preprint , arXiv: 1906.00148 , 2019 .
MISHRA P , LEHMKUHL R , SRINIVASAN A , et al . Delphi: a cryptographic inference service for neural networks [C ] // Proceedings of 29th USENIX Security Symposium . Berkeley : USENIX Association , 2020 : 2505 - 2523 .
任艳丽 , 余凌赞 , 何港 , 等 . 一种隐私保护的卷积神经网络预测方案 [J ] . 计算机学报 , 2023 , 46 ( 8 ): 1606 - 1619 .
REN Y L , YU L Z , HE G , et al . A scheme of privacy-preserving convolutional neural network prediction [J ] . Chinese Journal of Computers , 2023 , 46 ( 8 ): 1606 - 1619 .
LI M H , CHOW S S M , HU S S , et al . Optimizing privacy-preserving outsourced convolutional neural network predictions [J ] . IEEE Transactions on Dependable and Secure Computing , 2022 , 19 ( 3 ): 1592 - 1604 .
LU W J , HUANG Z C , HONG C , et al . PEGASUS: bridging polynomial and non-polynomial evaluations in homomorphic encryption [C ] // Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2021 : 1057 - 1073 .
LECUN Y , BOTTOU L , BENGIO Y , et al . Gradient-based learning applied to document recognition [J ] . Proceedings of the IEEE , 1998 , 86 ( 11 ): 2278 - 2324 .
YANG J C , YU K , GONG Y H , et al . Linear spatial pyramid matching using sparse coding for image classification [C ] // Proceedings of the 2009 IEEE Conference on Computer Vision and Pattern Recognition . Piscataway : IEEE Press , 2009 : 1794 - 1801 .
LOU Q , JIANG L . HEMET: a homomorphic-encryption-friendly privacy-preserving mobile neural network architecture [C ] // Proceedings of the International Conference on Machine learning . New York : ACM Press , 2021 : 7102 - 7110 .
MOHASSEL P , ZHANG Y P . SecureML: a system for scalable privacy-preserving machine learning [C ] // Proceedings of the 2017 IEEE Symposium on Security and Privacy (SP) . Piscataway : IEEE Press , 2017 : 19 - 38 .
0
浏览量
1
下载量
0
CSCD
- 网络PDF下载
- WORD下载
- XML下载
- Meta-XML下载
- BibTeX下载
- Endnote下载
- RefMan 下载
- NoteExpress下载
- NoteFirst下载
关联资源
相关文章
相关作者
相关机构
- 技术支持由北京北大方正电子有限公司提供 京ICP备09064830号-19
京公网安备11010802024621 - 本系统建议在Chrome、 IE9+ 以上版本浏览器阅读本站内容,360浏览器请切换至极速模式
- Cookies帮助我们提供服务并提供个性化体验。使用本网站,即表示您同意我们使用Cookies
- 总访问量:128211 今日访问量:476