Yingting Liu,Chaochao Chen,Longfei Zheng,Li Wang,Jun Zhou,Guiquan Liu,Shuang Yang

DOI: https://doi.org/10.48550/arxiv.2002.02091

2020-01-01

Abstract:In this paper, we present a general multiparty modeling paradigm with PrivacyPreserving Principal Component Analysis (PPPCA) for horizontally partitioneddata. PPPCA can accomplish multiparty cooperative execution of PCA under thepremise of keeping plaintext data locally. We also propose implementationsusing two techniques, i.e., homomorphic encryption and secret sharing. Theoutput of PPPCA can be sent directly to data consumer to build any machinelearning models. We conduct experiments on three UCI benchmark datasets and areal-world fraud detection dataset. Results show that the accuracy of the modelbuilt upon PPPCA is the same as the model with PCA that is built based oncentralized plaintext data.

Jun Zhang,Zoe L.Jiang,Ping Li,Siu Ming Yiu

DOI: https://doi.org/10.1016/j.ins.2021.06.017

IF: 8.1

2021-10-01

Information Sciences

Abstract:<p>Preparing large amounts of training data is the key to the success of machine learning. Due to the public's concern about individual privacy, different techniques are proposed to achieve privacy preserving machine learning. Homomorphic encryption enables calculation on encrypted data in the cloud. However, current schemes either focus on single key or a specific algorithm. Cooperation between different institutions is quite common in this era of big data. Encrypting data from different institutions under one single key is a risk to data privacy. Moreover, constructing secure scheme for a specific machine learning algorithm lacks universality. Based on an additively homomorphic encryption supporting one multiplication, we propose a general multikey computing framework to execute common arithmetic operations on encrypted data such as addition, multiplication, comparison, sorting, division and etc. Our scheme can be used to run different machine learning algorithms. Our scheme is proven to be secure against semi-honest attackers and the experimental evaluations demonstrate the practicality of our computing framework.</p>

computer science, information systems

Yao Lu,Yu Tian,Tianshu Zhou,Shiqiang Zhu,Jingsong Li

DOI: https://doi.org/10.1109/JBHI.2021.3071270

IF: 7.7

2021-01-01

IEEE Journal of Biomedical and Health Informatics

Abstract:The Cox proportional hazards model is one of the most widely used methods for analyzing survival data. Data from multiple data providers are required to improve the generalizability and confidence of the results of Cox analysis; however, such data sharing may result in leakage of sensitive information, leading to financial fraud, social discrimination or unauthorized data abuse. Some privacy-preserving Cox regression protocols have been proposed in past years, but they lack either security or functionality. In this paper, we propose a privacy-preserving Cox regression protocol for multiple data providers and researchers. The proposed protocol allows researchers to train models on horizontally or vertically partitioned datasets while providing privacy protection for both the sensitive data and the trained models. Our protocol utilizes threshold homomorphic encryption to guarantee security. Experimental results demonstrate that with the proposed protocol, Cox regression model training over 9 variables in a dataset of 113,035 samples takes approximately 44 min, and the trained model is almost the same as that obtained with the original non-secure Cox regression protocol; therefore, our protocol is a potential candidate for practical real-world applications in multicenter medical research.

Yao Lu,Tianshu Zhou,Yu Tian,Shiqiang Zhu,Jingsong Li

DOI: https://doi.org/10.2196/22555

IF: 7.076

2020-12-08

Journal of Medical Internet Research

Abstract:Background Data sharing in multicenter medical research can improve the generalizability of research, accelerate progress, enhance collaborations among institutions, and lead to new discoveries from data pooled from multiple sources. Despite these benefits, many medical institutions are unwilling to share their data, as sharing may cause sensitive information to be leaked to researchers, other institutions, and unauthorized users. Great progress has been made in the development of secure machine learning frameworks based on homomorphic encryption in recent years; however, nearly all such frameworks use a single secret key and lack a description of how to securely evaluate the trained model, which makes them impractical for multicenter medical applications. Objective The aim of this study is to provide a privacy-preserving machine learning protocol for multiple data providers and researchers (eg, logistic regression). This protocol allows researchers to train models and then evaluate them on medical data from multiple sources while providing privacy protection for both the sensitive data and the learned model. Methods We adapted a novel threshold homomorphic encryption scheme to guarantee privacy requirements. We devised new relinearization key generation techniques for greater scalability and multiplicative depth and new model training strategies for simultaneously training multiple models through x-fold cross-validation. Results Using a client-server architecture, we evaluated the performance of our protocol. The experimental results demonstrated that, with 10-fold cross-validation, our privacy-preserving logistic regression model training and evaluation over 10 attributes in a data set of 49,152 samples took approximately 7 minutes and 20 minutes, respectively. Conclusions We present the first privacy-preserving multiparty logistic regression model training and evaluation protocol based on threshold homomorphic encryption. Our protocol is practical for real-world use and may promote multicenter medical research to some extent.

health care sciences & services,medical informatics

Ziyuan Liang,Qi'ao Jin,Zhiyong Wang,Zhaohui Chen,Zhen Gu,Yanheng Lu,Fan Zhang

DOI: https://doi.org/10.46586/tches.v2024.i2.819-843

2024-01-01

Abstract:Secure multi-party computation and homomorphic encryption are two primary security primitives in privacy-preserving machine learning, whose wide adoption is, nevertheless, constrained by the computation and network communication overheads. This paper proposes a hybrid Secret-sharing and Homomorphic encryption Architecture for Privacy-pERsevering machine learning (SHAPER). SHAPER protects sensitive data in encrypted or randomly shared domains instead of relying on a trusted third party. The proposed algorithm-protocol-hardware co-design methodology explores techniques such as plaintext Single Instruction Multiple Data (SIMD) and fine-grained scheduling, to minimize end-to-end latency in various network settings. SHAPER also supports secure domain computing acceleration and the conversion between mainstream privacy-preserving primitives, making it ready for general and distinctive data characteristics. SHAPER is evaluated by FPGA prototyping with a comprehensive hyper-parameter exploration, demonstrating a 94x speed-up over CPU clusters on large-scale logistic regression training tasks.

YANG Yuejia,HUA Bei,ZHONG Zhiwei,GAO Mi

DOI: https://doi.org/10.19678/j.issn.1000-3428.0064391

2023-01-01

Abstract:With the establishment and standardization of data exchange markets,a new demand in which multiparties collaboratively train a machine learning model has emerged. Federated learning enables multiple data owners to jointly train a model,with the requirement that the model is trained and shared by all participants. The existing federated learning frameworks can not be applied to scenarios in which the data owners and model demander have different requirements and the model is jointly trained but not shared. A collaborative computing scheme for privacy-preserving logistic regression based on homomorphic encryption is proposed,which is independent of any third-party computing platforms. The collaborative compuing scheme includes a multiparty collaborative computing framework that comprises multiple data owners,a model demander,a key generator,and an interactive collaborative computing process based on the framework. With this framework,a model can be collaboratively trained without the leakage of model information or data privacy. The security of the collaborative computing scheme is analyzed by establishing an attack model. Based on the advanced floating-point fully homomorphic encryption scheme called the Cheon-Kim-Kim-Song（CKKS）,a prototype system is implemented on a small computer cluster. This is optimized for calculations and communication,including the early termination of the training process and offloading the ciphertext homomorphic operations to the Graphics Processing Unit（GPU） to improve computational efficiency. The experimental results show that the computational optimizations can improve the system performance by approximately 50 times,and the prototype system can satisfy the practical requirements for small and medium-sized data sets.

Haoran He,Zhao Wang,Hemant Jain,Cuiqing Jiang,Shanlin Yang

DOI: https://doi.org/10.1016/j.dss.2022.113910

IF: 6.969

2022-11-23

Decision Support Systems

Abstract:With society's wide-scale adoption of information technology, significant information about borrowers is distributed across various parties, information that can be jointly used to improve credit scoring. However, use of such information faces many challenges, such as the problems of preserving privacy and information redundancy. To address these challenges in leveraging multi-source information for credit scoring, we propose a decentralized multi-party method based on logistic regression. Specifically, we formulate a logistic regression model using the vertical federated learning paradigm. To preserve data privacy during multi-party collaborative model training, we use additively homomorphic encryption based on the second-order Taylor series expansion of the loss function and its gradient. To address information redundancy and to improve the performance of the credit scoring model, we use the proposed HE-DPGD algorithm to estimate the distributed coefficients in a privacy-preserving setting. Empirical evaluation shows that the proposed method can leverage information from multiple parties securely and effectively.

computer science, information systems, artificial intelligence,operations research & management science

Khoa Nguyen,Mindaugas Budzys,Eugene Frimpong,Tanveer Khan,Antonis Michalas

2024-09-10

Abstract:Machine Learning (ML) has become one of the most impactful fields of data science in recent years. However, a significant concern with ML is its privacy risks due to rising attacks against ML models. Privacy-Preserving Machine Learning (PPML) methods have been proposed to mitigate the privacy and security risks of ML models. A popular approach to achieving PPML uses Homomorphic Encryption (HE). However, the highly publicized inefficiencies of HE make it unsuitable for highly scalable scenarios with resource-constrained devices. Hence, Hybrid Homomorphic Encryption (HHE) -- a modern encryption scheme that combines symmetric cryptography with HE -- has recently been introduced to overcome these challenges. HHE potentially provides a foundation to build new efficient and privacy-preserving services that transfer expensive HE operations to the cloud. This work introduces HHE to the ML field by proposing resource-friendly PPML protocols for edge devices. More precisely, we utilize HHE as the primary building block of our PPML protocols. We assess the performance of our protocols by first extensively evaluating each party's communication and computational cost on a dummy dataset and show the efficiency of our protocols by comparing them with similar protocols implemented using plain BFV. Subsequently, we demonstrate the real-world applicability of our construction by building an actual PPML application that uses HHE as its foundation to classify heart disease based on sensitive ECG data.

Cryptography and Security

Jiachen Shen,Yekang Zhao,Shitao Huang,Yongjun Ren

DOI: https://doi.org/10.3390/electronics13224478

IF: 2.9

2024-11-20

Electronics

Abstract:Federated learning avoids centralizing data in a central server by distributing the model training process across devices, thus protecting privacy to some extent. However, existing research shows that model updates (e.g., gradients or weights) exchanged during federated learning may still indirectly leak sensitive information about the original data. Currently, single-key homomorphic encryption methods applied in federated learning cannot solve the problem of privacy leakage that may be caused by the collusion between the participant and the federated learning server, whereas existing privacy-preserving federated learning schemes based on multi-key homomorphic encryption in semi-honest environments have deficiencies and limitations in terms of security and application conditions. To this end, this paper proposes a privacy-preserving federated learning scheme based on multi-key fully homomorphic encryption to cope with the potential risk of privacy leakage in traditional federated learning. We designed a multi-key fully homomorphic encryption scheme, mMFHE, that encrypts by aggregating public keys and requires all participants to jointly participate in decryption sharing, thus ensuring data security and privacy. The proposed privacy-preserving federated learning scheme encrypts the model updates through multi-key fully homomorphic encryption, ensuring confidentiality under the CRS model and in a semi-honest environment. As a fully homomorphic encryption scheme, mMFHE supports homomorphic addition and homomorphic multiplication for more flexible applications. Our security analysis proves that the scheme can withstand collusive attacks by up to N−1 users and servers, where N is the total number of users. Performance analysis and experimental results show that our scheme reduces the complexity of the NAND gate, which reduces the computational load and improves the efficiency while ensuring the accuracy of the model.

engineering, electrical & electronic,computer science, information systems,physics, applied

Jing Wang,Rundong Xin,Osama Alfarraj,Amr Tolba,Qitao Tang

DOI: https://doi.org/10.1111/exsy.13645

IF: 3.3

2024-06-13

Expert Systems

Abstract:Recently, face recognition based on homomorphic encryption for privacy preservation has garnered significant attention. However, there are two major challenges with homomorphic encryption methods: the security and efficiency of face recognition systems. We present a more efficient and secure PUM (Privacy preserving security Using Multi‐key homomorphic encryption) mechanism for facial recognition. By integrating feature grouping with parallel computing, we enhance the efficiency of homomorphic operations. The use of multi‐key encryption ensures the security of the facial recognition system. This approach improves the security and speed of facial recognition systems in cloud computing scenarios, increasing the original 128‐bit security to a maximum of 1664‐bit security. In terms of efficiency, comparing encrypted images takes only 0.302 s, with an accuracy rate of 99.425%. When applied to a campus scenario, the average search time for a facial template library containing 700 encrypted features is approximately 1.5 s. Consequently, our solution not only ensures user privacy but also demonstrates superior operational efficiency and practical value. In comparison to recently emerged ciphertext facial recognition systems, our solution has demonstrated notable enhancements in both security and time efficiency.

computer science, artificial intelligence, theory & methods

David Nugent

DOI: https://doi.org/10.48550/arXiv.2211.06675

2022-11-12

Abstract:Credit card fraud is a problem continuously faced by financial institutions and their customers, which is mitigated by fraud detection systems. However, these systems require the use of sensitive customer transaction data, which introduces both a lack of privacy for the customer and a data breach vulnerability to the card provider. This paper proposes a system for private fraud detection on encrypted transactions using homomorphic encryption. Two models, XGBoost and a feedforward classifier neural network, are trained as fraud detectors on plaintext data. They are then converted to models which use homomorphic encryption for private inference. Latency, storage, and detection results are discussed, along with use cases and feasibility of deployment. The XGBoost model has better performance, with an encrypted inference as low as 6ms, compared to 296ms for the neural network. However, the neural network implementation may still be preferred, as it is simpler to deploy securely. A codebase for the system is also provided, for simulation and further development.

Cryptography and Security,Artificial Intelligence

Guowen Xu,Guanlin Li,Shangwei Guo,Tianwei Zhang,Hongwei Li

DOI: https://doi.org/10.48550/arXiv.2207.04604

2022-07-11

Abstract:Decentralized deep learning plays a key role in collaborative model training due to its attractive properties, including tolerating high network latency and less prone to single-point failures. Unfortunately, such a training mode is more vulnerable to data privacy leaks compared to other distributed training frameworks. Existing efforts exclusively use differential privacy as the cornerstone to alleviate the data privacy threat. However, it is still not clear whether differential privacy can provide a satisfactory utility-privacy trade-off for model training, due to its inherent contradictions. To address this problem, we propose D-MHE, the first secure and efficient decentralized training framework with lossless precision. Inspired by the latest developments in the homomorphic encryption technology, we design a multiparty version of Brakerski-Fan-Vercauteren (BFV), one of the most advanced cryptosystems, and use it to implement private gradient updates of users'local models. D-MHE can reduce the communication complexity of general Secure Multiparty Computation (MPC) tasks from quadratic to linear in the number of users, making it very suitable and scalable for large-scale decentralized learning systems. Moreover, D-MHE provides strict semantic security protection even if the majority of users are dishonest with collusion. We conduct extensive experiments on MNIST and CIFAR-10 datasets to demonstrate the superiority of D-MHE in terms of model accuracy, computation and communication cost compared with existing schemes.

Cryptography and Security

Eugene Frimpong,Khoa Nguyen,Mindaugas Budzys,Tanveer Khan,Antonis Michalas

2024-01-26

Abstract:Machine Learning (ML) has emerged as one of data science's most transformative and influential domains. However, the widespread adoption of ML introduces privacy-related concerns owing to the increasing number of malicious attacks targeting ML models. To address these concerns, Privacy-Preserving Machine Learning (PPML) methods have been introduced to safeguard the privacy and security of ML models. One such approach is the use of Homomorphic Encryption (HE). However, the significant drawbacks and inefficiencies of traditional HE render it impractical for highly scalable scenarios. Fortunately, a modern cryptographic scheme, Hybrid Homomorphic Encryption (HHE), has recently emerged, combining the strengths of symmetric cryptography and HE to surmount these challenges. Our work seeks to introduce HHE to ML by designing a PPML scheme tailored for end devices. We leverage HHE as the fundamental building block to enable secure learning of classification outcomes over encrypted data, all while preserving the privacy of the input data and ML model. We demonstrate the real-world applicability of our construction by developing and evaluating an HHE-based PPML application for classifying heart disease based on sensitive ECG data. Notably, our evaluations revealed a slight reduction in accuracy compared to inference on plaintext data. Additionally, both the analyst and end devices experience minimal communication and computation costs, underscoring the practical viability of our approach. The successful integration of HHE into PPML provides a glimpse into a more secure and privacy-conscious future for machine learning on relatively constrained end devices.

Machine Learning,Cryptography and Security

Qi Wang,Dehua Zhou,Yanling Li

DOI: https://doi.org/10.48550/arXiv.1812.00599

2018-12-03

Cryptography and Security

Abstract:With the rapid development of cloud computing, the privacy security incidents occur frequently, especially data security issues. Cloud users would like to upload their sensitive information to cloud service providers in encrypted form rather than the raw data, and to prevent the misuse of data. The main challenge is to securely process or analyze these encrypted data without disclosing any useful information, and to achieve the rights management efficiently. In this paper, we propose the encrypted data processing protocols for cloud computing by utilizing additively homomorphic encryption and proxy cryptography. For the traditional homomorphic encryption schemes with many limitations, which are not suitable for cloud computing applications. We simulate a cloud computing scenario with flexible access control and extend the original homomorphic cryptosystem to suit our scenario by supporting various arithmetical calculations. We also prove the correctness and security of our protocols, and analyze the advantages and performance by comparing with some latest works.

Lihong Guo,Weilei Gao,Ye Cao,Xu Lai

DOI: https://doi.org/10.3934/mbe.2023106

Abstract:With the deep integration of "AI + medicine", AI-assisted technology has been of great help to human beings in the medical field, especially in the area of predicting and diagnosing diseases based on big data, because it is faster and more accurate. However, concerns about data security seriously hinder data sharing among medical institutions. To fully exploit the value of medical data and realize data collaborative sharing, we developed a medical data security sharing scheme based on the C/S communication mode and constructed a federated learning architecture that uses homomorphic encryption technology to protect training parameters. Here, we chose the Paillier algorithm to realize the additive homomorphism to protect the training parameters. Clients do not need to share local data, but only upload the trained model parameters to the server. In the process of training, a distributed parameter update mechanism is introduced. The server is mainly responsible for issuing training commands and weights, aggregating the local model parameters from the clients and predicting the joint diagnostic results. The client mainly uses the stochastic gradient descent algorithm for gradient trimming, updating and transmitting the trained model parameters back to the server. In order to test the performance of this scheme, a series of experiments was conducted. From the simulation results, we can know that the model prediction accuracy is related to the global training rounds, learning rate, batch size, privacy budget parameters etc. The results show that this scheme realizes data sharing while protecting data privacy, completes the accurate prediction of diseases and has a good performance.

LI Shun-dong,WANG Dao-shun

DOI: https://doi.org/10.3969/j.issn.0372-2112.2013.04.029

2013-01-01

Abstract:Secure multiparty computation is a key privacy-preserving technology in cyberspaces and a research focus in the international cryptographic community.We first present a new encoding scheme to encode private data.By using this encoding scheme together with homomorphic encryption scheme,we construct a new scheme for Yao′s millionaires′ problem and prove its privacy-preserving property.This new scheme is more concise,more general and can be applied to compare any two objects on which a total order can be defined.We finally utilize the new scheme to propose a solution to the coprime problem and prove the privacy-preserving properties of the solution.

Jing Ma,Si-Ahmed Naas,Stephan Sigg,Xixiang Lyu

DOI: https://doi.org/10.1002/int.22818

2021-04-14

Abstract:With the advance of machine learning and the internet of things (IoT), security and privacy have become key concerns in mobile services and networks. Transferring data to a central unit violates privacy as well as protection of sensitive data while increasing bandwidth demands.Federated learning mitigates this need to transfer local data by sharing model updates only. However, data leakage still remains an issue. In this paper, we propose xMK-CKKS, a multi-key homomorphic encryption protocol to design a novel privacy-preserving federated learning scheme. In this scheme, model updates are encrypted via an aggregated public key before sharing with a server for aggregation. For decryption, collaboration between all participating devices is required. This scheme prevents privacy leakage from publicly shared information in federated learning, and is robust to collusion between $k<N-1$ participating devices and the server. Our experimental evaluation demonstrates that the scheme preserves model accuracy against traditional federated learning as well as secure federated learning with homomorphic encryption (MK-CKKS, Paillier) and reduces computational cost compared to Paillier based federated learning. The average energy consumption is 2.4 Watts, so that it is suited to IoT scenarios.

Cryptography and Security

Qifei Li,Zhicong Huang,Wen-jie Lu,Cheng Hong,Hunter Qu,Hui He,Weizhe Zhang

DOI: https://doi.org/10.1109/icde48307.2020.00152

2020-01-01

Abstract:Homomorphic Encryption (HE) allows encrypted data to be processed without decryption, which could maximize the protection of user privacy without affecting the data utility. Thanks to strides made by cryptographers in the past few years, the efficiency of HE has been drastically improved, and machine learning on homomorphically encrypted data has become possible. Several works have explored machine learning based on HE, but most of them are restricted to the outsourced scenario, where all the data comes from a single data owner. We propose HomoPAI, an HE-based secure collaborative machine learning system, enabling a more promising scenario, where data from multiple data owners could be securely processed. Moreover, we integrate our system with the popular MPI framework to achieve parallel HE computations. Experiments show that our system can train a logistic regression model on millions of homomorphically encrypted data in less than two minutes.

Yuli Zheng,Zhenyu Wu,Ye Yuan,Tianlong Chen,Zhangyang Wang

DOI: https://doi.org/10.48550/arXiv.2010.02529

2020-10-06

Abstract:Credit risk modeling has permeated our everyday life. Most banks and financial companies use this technique to model their clients' trustworthiness. While machine learning is increasingly used in this field, the resulting large-scale collection of user private information has reinvigorated the privacy debate, considering dozens of data breach incidents every year caused by unauthorized hackers, and (potentially even more) information misuse/abuse by authorized parties. To address those critical concerns, this paper proposes a framework of Privacy-preserving Credit risk modeling based on Adversarial Learning (PCAL). PCAL aims to mask the private information inside the original dataset, while maintaining the important utility information for the target prediction task performance, by (iteratively) weighing between a privacy-risk loss and a utility-oriented loss. PCAL is compared against off-the-shelf options in terms of both utility and privacy protection. Results indicate that PCAL can learn an effective, privacy-free representation from user data, providing a solid foundation towards privacy-preserving machine learning for credit risk analysis.

Cryptography and Security,Computer Vision and Pattern Recognition,Machine Learning

Zhaosen Shi,Zeyu Yang,Alzubair Hassan,Fagen Li,Xuyang Ding

DOI: https://doi.org/10.1007/s11235-022-00982-3

2022-12-09

Telecommunication Systems

Abstract:The performance of machine learning models largely depends on the amount of data. However, with the improvement of privacy awareness, data sharing has become more and more difficult. Federated learning provides a solution for joint machine learning, which alleviates this difficulty. Although it works by sharing parameters instead of data, privacy threats like inference attacks still exist owing to the exposed parameters or updates. In this paper, we propose a privacy preserving scheme for federated learning by combining the homomorphism of both secret sharing and encryption. Our scheme ensures the confidentiality of local parameters and tolerates collusion threats under a certain range. Our scheme also tolerates dropping of some clients, performs aggregation without sharing keys and has simple interaction process. Meantime, we use the automatic protocol tool ProVerif to verify its cryptographic functionality, analyze its theoretical complexity and compare them with similar schemes. We verify our scheme by experiment to show that it has less running time compared with some schemes.

telecommunications