Mengyu Zhang,Long Wang,Xiaoping Zhang,Zhuotao Liu,Yisong Wang,Han Bao

DOI: https://doi.org/10.1007/978-3-031-54770-6_9

2024-01-01

Abstract:Clustering is a significant unsupervised machine learning task widely used for data mining and analysis. Fully homomorphic encryption allows data owners to outsource privacy-preserving computations without interaction. In this paper, we propose a fully privacy-preserving, effective, and efficient clustering scheme based on CKKS, in which we construct two iterative formulas to solve the challenging ciphertext comparison and division problems, respectively. Although our scheme already outperforms existing work, executing it on datasets MNIST and CIFAR-10 still results in unacceptable run time and memory consumption. To further address the above issues, we propose a block privacy-preserving clustering algorithm that splits records into subvectors and clusters these subvectors. Experimental results show that the clustering accuracy of our original algorithm is almost equivalent to the classical k-means algorithm. Compared to a state-of-the-art FHE-based scheme, our original algorithm not only outperforms theirs in accuracy but is also 4 orders of magnitude faster than theirs. In experiments testing our block algorithm, we conclude that the run time and memory consumption of this algorithm are greatly reduced.

Xiaoqiang Sun,Hongwei Liu,Teng-Rui Huang,Wei Zhao,Joseph K. Liu,Peng Zhang,Shangqi Lai

DOI: https://doi.org/10.1109/TDSC.2022.3181667

2023-05-01

IEEE Transactions on Dependable and Secure Computing

Abstract:The clustering algorithm is a useful tool for analyzing medical data. For instance, the k-means clustering can be used to study precipitating factors of a disease. In order to implement the clustering algorithm efficiently, data computation is outsourced to cloud servers, which may leak the private data. Encryption is a common method for solving this problem. But cloud servers are difficult to calculate ciphertexts from multiple parties. Hence, we choose multi-key fully homomorphic encryption (FHE), which supports computations on the ciphertexts that have different secret keys, to protect the private data. In this paper, based on Chen's multi-key FHE scheme, we first propose secure squared euclidean, comparison, minimum, and average protocols. Then, we design the basic and advanced schemes for implementing the secure multi-party k-means clustering algorithm. In the basic scheme, the implementation of homomorphic multiplication includes the process of transforming ciphertexts under different keys. In order to implement homomorphic multiplication efficiently, the advanced scheme uses an improved method to transform ciphertexts. Meanwhile, almost all computations are completely outsourced to cloud servers. We prove that the proposed protocols and schemes are secure and feasible. Simulation results also show that our improved method is helpful for improving the homomorphic multiplication of Chen's multi-key FHE scheme.

Computer Science

Lynin Sokhonn,Yun-Soo Park,Mun-Kyu Lee

DOI: https://doi.org/10.3390/s24154826

IF: 3.9

2024-07-26

Sensors

Abstract:Hierarchical clustering is a widely used data analysis technique. Typically, tools for this method operate on data in its original, readable form, raising privacy concerns when a clustering task involving sensitive data that must remain confidential is outsourced to an external server. To address this issue, we developed a method that integrates Cheon-Kim-Kim-Song homomorphic encryption (HE), allowing the clustering process to be performed without revealing the raw data. In hierarchical clustering, the two nearest clusters are repeatedly merged until the desired number of clusters is reached. The proximity of clusters is evaluated using various metrics. In this study, we considered two well-known metrics: single linkage and complete linkage. Applying HE to these methods involves sorting encrypted distances, which is a resource-intensive operation. Therefore, we propose a cooperative approach in which the data owner aids the sorting process and shares a list of data positions with a computation server. Using this list, the server can determine the clustering of the data points. The proposed approach ensures secure hierarchical clustering using single and complete linkage methods without exposing the original data.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Wei Wu,Jian Liu,Huimei Wang,Jialu Hao,Ming Xian

DOI: https://doi.org/10.1109/tkde.2020.2969633

IF: 9.235

2021-10-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Nowadays, more individuals and corporations tend to use machine learning as a service (MLaaS) in cloud computing environment. However, when enjoying the pay-as-you-go mode and flexible capacity of cloud computing, it also increases the risk of privacy leakage for sensitive data. In this paper, we aim to efficiently implement privacy-preserving MLaaS, and focus on k-means clustering over outsourced encrypted cloud databases. Previous works mainly utilize partially homomorphic encryptions, which require a great number of interactive protocols with high computation and communication costs, making them not practical in real-world applications. To better solve this problem, we propose a new secure and efficient outsourced k-means clustering (SEOKC) scheme using fully homomorphic encryption with ciphertext packing technique, which achieves parallel computation without extra cost. The proposed scheme preserves privacy in three aspects: (1) database security, (2) privacy of clustering results and (3) hiding of data access patterns. We provide formal security analysis and evaluate the performance of the proposed scheme through extensive experiments. The experiment results show that our scheme needs much less computation cost (more than three orders of magnitude lower) than the state-of-the-art schemes, and is suitable to be applied on large databases.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Yuqi Guo,Lin Li,Zhongxiang Zheng,Hanrui Yun,Ruoyan Zhang,Xiaolin Chang,Zhixuan Gao

2024-03-18

Abstract:Since the first theoretically feasible full homomorphic encryption (FHE) scheme was proposed in 2009, great progress has been achieved. These improvements have made FHE schemes come off the paper and become quite useful in solving some practical problems. In this paper, we propose a set of novel Federated Learning Schemes by utilizing the latest homomorphic encryption technologies, so as to improve the security, functionality and practicality at the same time. Comparisons have been given in four practical data sets separately from medical, business, biometric and financial fields, covering both horizontal and vertical federated learning scenarios. The experiment results show that our scheme achieves significant improvements in security, efficiency and practicality, compared with classical horizontal and vertical federated learning schemes.

Cryptography and Security

Lei Jiang,Lei Ju

DOI: https://doi.org/10.48550/arXiv.2203.00728

2022-03-02

Abstract:Fully Homomorphic Encryption (FHE) emerges one of the most promising solutions to privacy-preserving computing in an untrusted cloud. FHE can be implemented by various schemes, each of which has distinctive advantages, i.e., some are good at arithmetic operations, while others are efficient when implementing Boolean logic operations. Therefore, it is difficult for even cryptography experts let alone average users to choose the "right" FHE scheme to efficiently implement a specific application. Prior work only qualitatively compares few FHE schemes. In this paper, we present an empirical study, FHEBench, to quantitatively compare major FHE schemes

Cryptography and Security

Yu Li,Sheng Zhong

DOI: https://doi.org/10.14569/ijacsa.2013.040932

IF: 0.9

2013-01-01

International Journal of Advanced Computer Science and Applications

Abstract:The challenge in privacy-preserving data mining is avoiding the invasion of personal data privacy. Secure computa- tion provides a solution to this problem. With the development of this technique, fully homomorphic encryption has been realized after decades of research; this encryption enables the computing and obtaining results via encrypted data without accessing any plaintext or private key information. In this paper, we propose a privacy-preserving clustering using representatives (CURE) algorithm over arbitrarily partitioned data using fully homomor- phic encryption. Our privacy-preserving CURE algorithm allows cooperative computation without revealing users' individual data. The method used in our algorithm enables the data to be arbitrarily distributed among different parties and to receive accurate clustering result simultaneously.

Tao Li,Xiaojun Ye,Jianmin Wang

DOI: https://doi.org/10.1145/2430475.2430493

2012-01-01

Abstract:To achieve a trustworthy cloud data service, there is a need to both provide the right services from a security engineering perspective, as well as to allows specific types of computations to be carried out on encrypted cloud data. However, traditional encryption solutions can't be used to process outsourcing encrypted data hosting to an untrusted cloud provider. A novel encryption scheme, called fully homomorphic encryption (FHE), could afford the circuit ability over encrypted data without decrypting it. In this paper, we deliver a universal construction framework for fully homomorphic encryption schemes. At first, this framework initializes a somewhat homomorphic encryption scheme based on the concept of metric space in abstract algebra which encodes the plaintext into a offset vector and generates a ciphertext by adding the offset vector to a random eigenvector in the metric space. As an abelian group, the ring is closed under addition and multiplication, this abstract algebra assume the metric space could forma ring and the eigenvectors belong to an ideal of this ring, then this framework could achieve homomorphism by having the scheme live in rings. We also deduce some well-known fully homomorphic schemes from the construction framework, and propose a prototype with an FHE encryption proxy to solve confidentiality problems in cloud systems. At last, we show the performance of FHE with some experiments, and speed the performance of fully homomorphic encryption up with cloud computing (parallel computing, distribute computing, etc.). We also discuss some opening issues and directions for future fully homomorphic encryption researches.

Junwei Luo,Xun Yi,Fengling Han,Xuechao Yang,Xu Yang

DOI: https://doi.org/10.1007/978-3-031-23020-2_22

2022-01-01

Abstract:Recommender systems help online services deliver personalised content and facilitate information overload. Collaborative Filtering is a commonly used technique for building recommender systems. It analyses data collected from users in order to predict their preferences, this causes concerns over the privacy and security of the data as conventional techniques do not prioritise data privacy. Incorporating cryptography into recommender systems resolves the privacy issues, and yet it is impractical in many cases due to the computational overhead imposed by the cryptography and the sheer amount of data needed for computations. In this paper, we propose an efficient clustering-based privacy-preserving recommender system. The system employs homomorphic encryption for protecting user data while retaining the ability to generate recommendations using Collaborative Filtering. To facilitate information overload, a secure clustering technique is adopted to partition data prior to generating recommendations. The proposed system is secure under the semi-honest adversary model. Experiments show that the proposed system is efficient, scalable and produces accurate recommendations.

Zhaosen Shi,Zeyu Yang,Alzubair Hassan,Fagen Li,Xuyang Ding

DOI: https://doi.org/10.1007/s11235-022-00982-3

2022-12-09

Telecommunication Systems

Abstract:The performance of machine learning models largely depends on the amount of data. However, with the improvement of privacy awareness, data sharing has become more and more difficult. Federated learning provides a solution for joint machine learning, which alleviates this difficulty. Although it works by sharing parameters instead of data, privacy threats like inference attacks still exist owing to the exposed parameters or updates. In this paper, we propose a privacy preserving scheme for federated learning by combining the homomorphism of both secret sharing and encryption. Our scheme ensures the confidentiality of local parameters and tolerates collusion threats under a certain range. Our scheme also tolerates dropping of some clients, performs aggregation without sharing keys and has simple interaction process. Meantime, we use the automatic protocol tool ProVerif to verify its cryptographic functionality, analyze its theoretical complexity and compare them with similar schemes. We verify our scheme by experiment to show that it has less running time compared with some schemes.

telecommunications

Gang Du,Chunguang Ma,Zengpeng Li,Ding Wang

DOI: https://doi.org/10.1007/978-3-319-68542-7_21

2017-01-01

Abstract:Despite the convenience brought by cloud computing, internet users, meanwhile, are faced with risks of data theft, tampering, forgery, etc. Fully homomorphic encryption (FHE) has the ability to deal with the ciphertext directly, which can solve the problem of data security in cloud computing. Therefore, fully homomorphic encryption (FHE) has been widely used in cloud computing as well as multiparty computing, functional encryption and private information retrieval, etc. However, previous FHE schemes are based on standard (ring) learning with errors (LWE) assumption and the most typical schemes were created by Brakerski (CRYPTO2012) and Gentry-Sahai-Waters (GSW) (CRYPTO2013). Moreover, inspired by the work of Li et al. at ICPADS2016, they made use of Brakerski's scale-invariant technology and constructed a new FHE scheme with errorless key switching under Dual-First-is-errorless LWE (Dual-Ferr. LWE) problem. Hence, armed with Li et al.'s work, in this paper, we use Gentry-Peikert-Vaikuntanathan's scheme (i.e., under dual LWE assumption) as building block to construct a FHE scheme. Lastly, under the assumption of decisional learning with errors (LWE), we prove that our scheme is CPA (chosen-plaintext-attack) secure.

Xuanle Ren,Le Su,Zhen Gu,Sheng Wang,Feifei Li,Yuan Xie,Song Bian,Chao Li,Fan Zhang

DOI: https://doi.org/10.14778/3574245.3574248

2022-01-01

Abstract:Recent years have witnessed the rapid development of the encrypted database, due to the increasing number of data privacy breaches and the corresponding laws and regulations that caused millions of dollars in loss. These encrypted databases may rely on different techniques, such as cryptographic primitives and trusted execution environments. In this work, we investigate the feasibility of utilizing fully homomorphic encryption (FHE) to support unbounded database aggregation queries, which typically involve comparisons as filtering predicates and a final aggregation. These operators are theoretically supported by FHE, but need careful algorithm design to maximize the efficiency and have not been explored before. We creatively use two types of FHE schemes, i.e., one for numerical and one for binary value, to enjoy their advantages respectively. To bridge the encrypted values between these two schemes for seamless query processing without client-server interaction, we propose a novel ciphertext transformation mechanism, which is of independent research interest, to close this gap. We further implement our system and test it over three TPC-H queries and a query over a real social media e-commerce database. Evaluation results show that, to process an aggregation query over 8k encrypted rows takes about 430 seconds. Although it is slower than plaintext processing in magnitudes and still has much room for improvement, as the very first work in this domain, our system demonstrates the feasibility of using FHE to process OLAP queries.

Xirong Ma,Chuan Li,Yuchang Hu,Yunting Tao,Yali Jiang,Yanbin Li,Fanyu Kong,Chunpeng Ge

2024-07-09

Abstract:The demand for processing vast volumes of data has surged dramatically due to the advancement of machine learning technology. Large-scale data processing necessitates substantial computational resources, prompting individuals and enterprises to turn to cloud services. Accompanying this trend is a growing concern regarding data leakage and misuse. Homomorphic encryption (HE) is one solution for safeguarding data privacy, enabling encrypted data to be processed securely in the cloud. However, the encryption and decryption routines of some HE schemes require considerable computational resources, presenting non-trivial work for clients. In this paper, we propose an outsourced decryption protocol for the prevailing RLWE-based fully homomorphic encryption schemes. The protocol splits the original decryption into two routines, with the computationally intensive part executed remotely by the cloud. Its security relies on an invariant of the NTRU-search problem with a newly designed blinding key distribution. Cryptographic analyses are conducted to configure protocol parameters across varying security levels. Our experiments demonstrate that the proposed protocol achieves up to a $67\%$ acceleration in the client's local decryption, accompanied by a $50\%$ reduction in space usage.

Cryptography and Security

Zhaoe Min,Geng Yang,Arun Kumar Sangaiah,Shuangjie Bai,Guoxiu Liu

DOI: https://doi.org/10.1186/s13638-018-1317-9

2019-01-21

EURASIP Journal on Wireless Communications and Networking

Abstract:<h3 class="a-plus-plus">Abstract</h3> <p class="a-plus-plus">Cyber physical system (CPS) is facing enormous security challenges because of open and interconnected network and the interaction between cyber components and physical components, the development of cyber physical systems is constrained by security and privacy threats. A feasible solution is to combine the fully homomorphic encryption (FHE) technique to realize the efficient operation of ciphertext without decryption. However, most current homomorphic encryption algorithms only support limited data types, making it difficult to be widely applied in actual environment. To address this limitation, we propose a parallel fully homomorphic encryption algorithm that supports floating-point numbers. The proposed algorithm not only expands the data types supported by the existing fully homomorphic encryption algorithms, but also utilizes the characteristics of multi-nodes in cloud environment to conduct parallel encryption through simultaneous group-wise ciphertext computations. The experimental results show that, in a 16-core 4-node cluster with MapReduce environment, the proposed encryption algorithm achieves the maximum speed-up exceeding 5, which not only solves the limited application problem of the existing fully homomorphic encryption algorithm, but also meets the requirements for the efficient homomorphic encryption of floating-point numbers in cloud computing environment.</p>

telecommunications,engineering, electrical & electronic

Konstantin G. Kogos,Kseniia S. Filippova,Anna V. Epishkina

DOI: https://doi.org/10.1109/eiconrus.2017.7910591

2017-01-01

Abstract:The challenge of maintaining confidentiality of stored and processed data in a remote database or cloud is quite urgent. Using homomorphic encryption may solve the problem, because it allows to compute some functions over encrypted data without preliminary deciphering of data. Fully homomorphic encryption schemes have a number of limitations such as accumulation of noise and increase of ciphertext extension during performing operations, the range of operations is limited. Nowadays a lot of homomorphic encryption schemes and their modifications have been investigated, so more than 25 reports on homomorphic encryption schemes have already been published on Cryptology ePrint Archive for 2016. We propose an overview of current Fully Homomorphic Encryption Schemes and analyze specific operations for databases which homomorphic cryptosystems allow to perform. We also investigate the possibility of sorting over encrypted data and present our approach to compare data encrypted by Multi-bit FHE scheme.

Jiaqi Zhao,Hui Zhu,Fengwei Wang,Rongxing Lu,Hui Li

DOI: https://doi.org/10.1016/j.ins.2023.119480

IF: 8.1

2023-08-12

Information Sciences

Abstract:Due to the excellent efficiency and high interpretability, coupled with the accuracy comparable to deep learning on tabular data, various tree-based models have been widely concerned and succeeded in many fields like medical diagnosis, credit evaluation, and fault detection. However, the model owner may face dilemmas such as compromised privacy and insufficient machine performance when providing tree-based inference services. Therefore, this paper proposes an efficient and privacy-preserving tree-based inference scheme, through which users can enjoy secure, high-accuracy, and transparent outsourcing inference services from one cloud. Specifically, by adopting additive homomorphic encryption as the underlying privacy-preserving technique, we design a suite of perturbation and recovery methods, processing cipher-based inference while masking the inference path. Meanwhile, without additional interactions, users can directly obtain high-accuracy results comparable to non-privacy inference, so the used privacy-preserving methods seem transparent to users. Moreover, through optimizing algorithm design and precalculating partial ciphertexts, the efficiency of our scheme is improved significantly. Formal security analysis demonstrates that our scheme achieves selective security under the honest-but-curious model. Extensive experimental evaluation shows the lossless accuracy, low complexity, and high efficiency of our scheme, which is practical to real-world scenes, especially for large-scale models.

computer science, information systems

Dongfang Zhao

2023-08-09

Abstract:Homomorphic encryption (HE) has found extensive utilization in federated learning (FL) systems, capitalizing on its dual advantages: (i) ensuring the confidentiality of shared models contributed by participating entities, and (ii) enabling algebraic operations directly on ciphertexts representing encrypted models. Particularly, the approximate fully homomorphic encryption (FHE) scheme, known as CKKS, has emerged as the de facto encryption scheme, notably supporting decimal numbers. While recent research predominantly focuses on enhancing CKKS's encryption rate and evaluation speed in the context of FL, the search operation has been relatively disregarded due to the tendency of some applications to discard intermediate encrypted models. Yet, emerging studies emphasize the importance of managing and searching intermediate models for specific applications like large-scale scientific computing, necessitating robust data provenance and auditing support. To address this, our paper introduces an innovative approach that efficiently searches for a target encrypted value, incurring only a logarithmic number of network interactions. The proposed method capitalizes on CKKS's additive and multiplicative properties on encrypted models, propagating equality comparisons between values through a balanced binary tree structure to ultimately reach a single aggregate. A comprehensive analysis of the proposed algorithm underscores its potential to significantly broaden FL's applicability and impact.

Cryptography and Security,Data Structures and Algorithms

Wei Wang,Yin Hu,Lianmu Chen,Xinming Huang,Berk Sunar

DOI: https://doi.org/10.1109/tc.2013.154

IF: 3.183

2015-03-01

IEEE Transactions on Computers

Abstract:In 2010, Gentry and Halevi presented the first FHE implementation. FHE allows the evaluation of arbitrary functions directly on encrypted data on untrusted servers. However, even for the small setting with 2048 dimensions, the authors reported a performance of 1.8 s for a single bit encryption and 32 s for recryption on a high-end server. Much of the latency is due to computationally intensive multi-million-bit modular multiplications. In this paper, we introduce two optimizations coupled with a novel precomputation technique. In the first optimization called partial FFT, we adopt Strassen’s FFT-based multiplication algorithm along with Barret reduction to speedup modular multiplications. For the encrypt primitive, we employ a window-based evaluation technique along with a modest degree of precomputation. In the full FFT optimization, we delay modular reductions and change the window algorithm, which allows us to carry out the bulk of computations in the frequency domain. We manage to eliminate all FFT conversion except the final inverse transformation drastically reducing the computation latency for all FHE primitives. We implemented the GH FHE scheme on two GPUs to further speedup the operations. Our experimental results with small parameter setting show speedups of 174, 7.6, and 13.5 times for encryption, decryption, and recryption, respectively, when compared to the Gentry–Halevi implementation. The speedup is enhanced in the medium setting. However, in the large setting, memory becomes the bottleneck and the speedup is somewhat diminished.

engineering, electrical & electronic,computer science, hardware & architecture

Na Wang,Wen Zhou,Jingjing Wang,Yifan Guo,Junsong Fu,Jianwei Liu

DOI: https://doi.org/10.1109/tifs.2024.3350909

IF: 7.231

2024-02-02

IEEE Transactions on Information Forensics and Security

Abstract:With the rapid development of cloud computing, massive amounts of data are uploaded to cloud servers for storage. For privacy protection, sensitive data should be encrypted before outsourcing, and ciphertext retrieval technologies based on similarity come into being. In cloud computing with massive data, the efficiency and accuracy of retrieval are crucial. However, most of the current similarity retrieval schemes do not perform well in these two aspects. Therefore, we propose SESR scheme, a secure and efficient similarity retrieval scheme based on homomorphic encryption. Firstly, we use Hamming distance to calculate the similarity between the feature vector of the data and query vector from the data user. Secondly, the homomorphic encryption algorithm is used to encrypt data to protect data privacy. Furthermore, we creatively design a BK-KD tree structure that hierarchically implements similarity search and fine-grained access control, thereby speeding up the retrieval efficiency. In addition, we design a two-cloud-server cooperative retrieval model and a message authentication scheme, which ensure access pattern privacy security and the integrity of the transmitted data simultaneously. We also propose an improved SESR scheme. In this scheme, we use Simhash algorithm to generate feature vectors and query vectors, which reduces storage overhead. Finally, the security of SESR is formally proved and the simulation results show the efficiency and accuracy of the retrieval scheme.

computer science, theory & methods,engineering, electrical & electronic

Daxin Huang,Qingqing Gan,Xiaoming Wang,Marek R Ogiela,Xu An Wang

DOI: https://doi.org/10.1016/j.iot.2022.100625

Abstract:IoT-based crowd-sensing network, which aims to achieve data collection and task allocation to mobile users, become more and more popular in recent years. This data collected by IoT devices may be private and directly transmission of these data maybe incur privacy leakage. With the help of homomorphic encryption (HE), which supports the additive and/or multiplicative operations over the encrypted data, privacy preserving crowd-sensing network is now possible. Until now several such secure data aggregation schemes based on HE have been proposed. In many cases, ciphertext comparison is an important step for further secure data processing. However efficient ciphertext comparison is not supported by most such schemes. In this paper, aiming at enabling ciphertext comparison among multiple users in crowd-sensing network, with Lagrange's interpolation technique we propose comparable homomorphic encryption (CompHE) schemes. We also prove our schemes' security, and the performance analysis show our schemes are practical. We also discuss the applications of our IoT based crowd-sensing network with comparable homomorphic encryption for combatting COVID19, including the first example of privacy preserving close contact determination based on the spatial distance, and the second example of privacy preserving social distance controlling based on the spatial difference of lockdown zones, controlled zones and precautionary zones. From the analysis we see our IoT based crowd-sensing network can be used for contact tracing without worrying about the privacy leakage. Compared with the existing CompHE schemes, our proposals can be collusion resistance or secure in the semi-honest model while the previous schemes cannot achieve this easily. Our schemes only need 4 or 5 modular exponentiation when implementing the most important comparison algorithm, which are better than the existing closely related scheme with advantage of 50% or 37.5%.