Chiara Marcolla,Victor Sucasas,Marc Manzano,Riccardo Bassoli,Frank H.P. Fitzek,Najwa Aaraj

DOI: https://doi.org/10.36227/techrxiv.19315202.v3

IF: 20.6

2022-10-19

Proceedings of the IEEE

Abstract:Data privacy concerns are increasing significantly in the context of the Internet of Things, cloud services, edge computing, artificial intelligence applications, and other applications enabled by next-generation networks. Homomorphic encryption addresses privacy challenges by enabling multiple operations to be performed on encrypted messages without decryption. This article comprehensively addresses homomorphic encryption from both theoretical and practical perspectives. This article delves into the mathematical foundations required to understand fully homomorphic encryption ( ). It consequently covers design fundamentals and security properties of and describes the main schemes based on various mathematical problems. On a more practical level, this article presents a view on privacy-preserving machine learning using homomorphic encryption and then surveys at length from an engineering angle, covering the potential application of in fog computing and cloud computing services. It also provides a comprehensive analysis of existing state-of-the-art libraries and tools, implemented in software and hardware, and the performance thereof.

engineering, electrical & electronic

Robert Podschwadt,Daniel Takabi,Peizhao Hu,Mohammad H. Rafiei,Zhipeng Cai

DOI: https://doi.org/10.1109/access.2022.3219049

IF: 3.9

2022-11-18

IEEE Access

Abstract:Outsourced computation for neural networks allows users access to state-of-the-art models without investing in specialized hardware and know-how. The problem is that the users lose control over potentially privacy-sensitive data. With homomorphic encryption (HE), a third party can perform computation on encrypted data without revealing its content. In this paper, we reviewed scientific articles and publications in the particular area of Deep Learning Architectures for Privacy-Preserving Machine Learning (PPML) with Fully HE. We analyzed the changes to neural network models and architectures to make them compatible with HE and how these changes impact performance. Next, we find numerous challenges to HE-based privacy-preserving deep learning, such as computational overhead, usability, and limitations posed by the encryption schemes. Furthermore, we discuss potential solutions to the HE PPML challenges. Finally, we propose evaluation metrics that allow for a better and more meaningful comparison of PPML solutions.

computer science, information systems,telecommunications,engineering, electrical & electronic

Luigi Sgaglione,Luigi Coppolino,Salvatore D'Antonio,Giovanni Mazzeo,Luigi Romano,Domenico Cotroneo,Andrea Scognamiglio

DOI: https://doi.org/10.1109/wetice.2019.00073

2019-06-01

Abstract:In the recent years, we are assisting to an undiminished, and unlikely to stop number of cyber threats, that have increased the organizations/companies interest about security concerns. Further, the rising costs of an efficient IT security staff and environment is posing a significant challenge. These have created a new fast growing trend named Managed Security Services (MSS). Often customers turn to MSS providers to alleviate the pressures they face daily related to information security. One of the most critical aspect, related to the outsourcing of security issues, is privacy. Security monitoring and in general security services require access to as much data as possible, in order to provide an effective and reliable service. It is the well known conflict between privacy and security, a particularly evident problem in security monitoring solutions. This paper analyzes a scenario of MSS in order to provide a privacy preserving solution that allows the security monitoring without violating the privacy requirements. The basic idea relies on the usage of the Homomorphic Encryption technology. Encrypting data using homomorphic schemes, cloud computing and MSS providers can perform different computations on encrypted data without ever having access to their decryption. This solution keeps data confidential and secured, not only during exchange and storage, but also during processing. We provide an ad-hoc Intrusion Detection System architecture for privacy preserving security monitoring, considering as counter threats Code Injection attacks on homomorphically encrypted fields.

Ivone Amorim,Eva Maia,Pedro Barbosa,Isabel Praça

2023-05-04

Abstract:The use of Neural Networks (NNs) for sensitive data processing is becoming increasingly popular, raising concerns about data privacy and security. Homomorphic Encryption (HE) has the potential to be used as a solution to preserve data privacy in NN. This study provides a comprehensive analysis on the use of HE for NN training and classification, focusing on the techniques and strategies used to enhance data privacy and security. The current state-of-the-art in HE for NNs is analysed, and the challenges and limitations that need to be addressed to make it a reliable and efficient approach for privacy preservation are identified. Also, the different categories of HE schemes and their suitability for NNs are discussed, as well as the techniques used to optimize the accuracy and efficiency of encrypted models. The review reveals that HE has the potential to provide strong data privacy guarantees for NNs, but several challenges need to be addressed, such as limited support for advanced NN operations, scalability issues, and performance trade-offs.

Cryptography and Security,Artificial Intelligence

Wencheng Yang,Song Wang,Hui Cui,Zhaohui Tang,Yan Li

DOI: https://doi.org/10.3390/s23073566

IF: 3.9

2023-03-30

Sensors

Abstract:The advancement of biometric technology has facilitated wide applications of biometrics in law enforcement, border control, healthcare and financial identification and verification. Given the peculiarity of biometric features (e.g., unchangeability, permanence and uniqueness), the security of biometric data is a key area of research. Security and privacy are vital to enacting integrity, reliability and availability in biometric-related applications. Homomorphic encryption (HE) is concerned with data manipulation in the cryptographic domain, thus addressing the security and privacy issues faced by biometrics. This survey provides a comprehensive review of state-of-the-art HE research in the context of biometrics. Detailed analyses and discussions are conducted on various HE approaches to biometric security according to the categories of different biometric traits. Moreover, this review presents the perspective of integrating HE with other emerging technologies (e.g., machine/deep learning and blockchain) for biometric security. Finally, based on the latest development of HE in biometrics, challenges and future research directions are put forward.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Khoa Nguyen,Mindaugas Budzys,Eugene Frimpong,Tanveer Khan,Antonis Michalas

2024-09-10

Abstract:Machine Learning (ML) has become one of the most impactful fields of data science in recent years. However, a significant concern with ML is its privacy risks due to rising attacks against ML models. Privacy-Preserving Machine Learning (PPML) methods have been proposed to mitigate the privacy and security risks of ML models. A popular approach to achieving PPML uses Homomorphic Encryption (HE). However, the highly publicized inefficiencies of HE make it unsuitable for highly scalable scenarios with resource-constrained devices. Hence, Hybrid Homomorphic Encryption (HHE) -- a modern encryption scheme that combines symmetric cryptography with HE -- has recently been introduced to overcome these challenges. HHE potentially provides a foundation to build new efficient and privacy-preserving services that transfer expensive HE operations to the cloud. This work introduces HHE to the ML field by proposing resource-friendly PPML protocols for edge devices. More precisely, we utilize HHE as the primary building block of our PPML protocols. We assess the performance of our protocols by first extensively evaluating each party's communication and computational cost on a dummy dataset and show the efficiency of our protocols by comparing them with similar protocols implemented using plain BFV. Subsequently, we demonstrate the real-world applicability of our construction by building an actual PPML application that uses HHE as its foundation to classify heart disease based on sensitive ECG data.

Cryptography and Security

Rafik Hamza,Alzubair Hassan,Awad Ali,Mohammed Bakri Bashir,Samar M. Alqhtani,Tawfeeg Mohmmed Tawfeeg,Adil Yousif

DOI: https://doi.org/10.3390/e24040519

IF: 2.738

2022-04-06

Entropy

Abstract:Privacy-preserving techniques allow private information to be used without compromising privacy. Most encryption algorithms, such as the Advanced Encryption Standard (AES) algorithm, cannot perform computational operations on encrypted data without first applying the decryption process. Homomorphic encryption algorithms provide innovative solutions to support computations on encrypted data while preserving the content of private information. However, these algorithms have some limitations, such as computational cost as well as the need for modifications for each case study. In this paper, we present a comprehensive overview of various homomorphic encryption tools for Big Data analysis and their applications. We also discuss a security framework for Big Data analysis while preserving privacy using homomorphic encryption algorithms. We highlight the fundamental features and tradeoffs that should be considered when choosing the right approach for Big Data applications in practice. We then present a comparison of popular current homomorphic encryption tools with respect to these identified characteristics. We examine the implementation results of various homomorphic encryption toolkits and compare their performances. Finally, we highlight some important issues and research opportunities. We aim to anticipate how homomorphic encryption technology will be useful for secure Big Data processing, especially to improve the utility and performance of privacy-preserving machine learning.

physics, multidisciplinary

Jing Li,Xiaohui Kuang,Shujie Lin,Xu Ma,Yi Tang

DOI: https://doi.org/10.1016/j.ins.2020.03.041

IF: 8.1

2020-01-01

Information Sciences

Abstract:In recent years, more and more machine learning algorithms depend on the cloud computing. When a machine learning system is trained or classified in the cloud environment, the cloud server obtains data from the user side. Then, the privacy of the data depends on the service provider, it is easy to induce the malicious acquisition and utilization of data. On the other hand, the attackers can detect the statistical characteristics of machine learning data and infer the parameters of machine learning model through reverse attacks. Therefore, it is urgent to design an effective encryption scheme to protect the data’s privacy without breaking the performance of machine learning.In this paper, we propose a novel homomorphic encryption framework over non-abelian rings, and define the homomorphism operations in ciphertexts space. The scheme can achieve one-way security based on the Conjugacy Search Problem. After that, a homomorphic encryption was proposed over a matrix-ring. It supports real numbers encryption based on the homomorphism of 2-order displacement matrix coding function and achieves fast ciphertexts homomorphic comparison without decrypting any ciphetexts operations’ intermediate result. Furthermore, we use the scheme to realize privacy preservation for machine learning training and classification in data ciphertexts environment. The analysis shows that our proposed schemes are efficient for encryption/decryption and homomorphic operations.

Ivone Amorim,Ivan Costa

DOI: https://doi.org/10.48550/arXiv.2306.14407

2023-06-26

Cryptography and Security

Abstract:The widespread adoption of cloud infrastructures has revolutionised data storage and access. However, it has also raised concerns regarding the privacy of sensitive data stored in the cloud. To address these concerns, encryption techniques have been widely used. However, traditional encryption schemes limit the efficient search and retrieval of encrypted data. To tackle this challenge, innovative approaches have emerged, such as the utilisation of Homomorphic Encryption (HE) in Searchable Encryption (SE) schemes. This paper provides a comprehensive analysis of the advancements in HE-based privacy-preserving techniques, focusing on their application in SE. The main contributions of this work include the identification and classification of existing SE schemes that utilize HE, a comprehensive analysis of the types of HE used in SE, an examination of how HE shapes the search process structure and enables additional functionalities, and the identification of promising directions for future research in HE-based SE. The findings reveal the increasing usage of HE in SE schemes, particularly Partially Homomorphic Encryption. The analysis also highlights the prevalence of index-based SE schemes using HE, the support for ranked search and multi-keyword queries, and the need for further exploration in functionalities such as verifiability and the ability to authorise and revoke users. Future research directions include exploring the usage of other encryption schemes alongside HE, addressing omissions in functionalities like fuzzy keyword search, and leveraging recent advancements in Fully Homomorphic Encryption schemes.

Abbas Acar,Hidayet Aksu,A. Selcuk Uluagac,Mauro Conti

DOI: https://doi.org/10.48550/arXiv.1704.03578

2017-04-12

Cryptography and Security

Abstract:Legacy encryption systems depend on sharing a key (public or private) among the peers involved in exchanging an encrypted message. However, this approach poses privacy concerns. Especially with popular cloud services, the control over the privacy of the sensitive data is lost. Even when the keys are not shared, the encrypted material is shared with a third party that does not necessarily need to access the content. Moreover, untrusted servers, providers, and cloud operators can keep identifying elements of users long after users end the relationship with the services. Indeed, Homomorphic Encryption (HE), a special kind of encryption scheme, can address these concerns as it allows any third party to operate on the encrypted data without decrypting it in advance. Although this extremely useful feature of the HE scheme has been known for over 30 years, the first plausible and achievable Fully Homomorphic Encryption (FHE) scheme, which allows any computable function to perform on the encrypted data, was introduced by Craig Gentry in 2009. Even though this was a major achievement, different implementations so far demonstrated that FHE still needs to be improved significantly to be practical on every platform. First, we present the basics of HE and the details of the well-known Partially Homomorphic Encryption (PHE) and Somewhat Homomorphic Encryption (SWHE), which are important pillars of achieving FHE. Then, the main FHE families, which have become the base for the other follow-up FHE schemes are presented. Furthermore, the implementations and recent improvements in Gentry-type FHE schemes are also surveyed. Finally, further research directions are discussed. This survey is intended to give a clear knowledge and foundation to researchers and practitioners interested in knowing, applying, as well as extending the state of the art HE, PHE, SWHE, and FHE systems.

Ivone Amorim,Ivan Costa

DOI: https://doi.org/10.3390/math11132948

IF: 2.4

2023-07-02

Mathematics

Abstract:The widespread adoption of cloud infrastructures has revolutionized data storage and access. However, it has also raised concerns regarding the privacy of sensitive data. To address these concerns, encryption techniques have been widely used. However, traditional encryption schemes limit the efficient search and retrieval of encrypted data. To tackle this challenge, innovative approaches have emerged, such as the utilization of Homomorphic Encryption (HE) in Searchable Encryption (SE) schemes. This paper provides a comprehensive analysis of the advancements in HE-based privacy-preserving techniques, focusing on their application in SE. The main contributions of this work include the identification and classification of existing SE schemes that utilize HE, a comprehensive analysis of the types of HE used in SE, an examination of how HE shapes the search process structure and enables additional functionalities, and the identification of promising directions for future research in HE-based SE. The findings reveal the increasing usage of HE in SE schemes, particularly Partially Homomorphic Encryption. The popularity of this type of HE schemes, especially Paillier's cryptosystem, can be attributed to its simplicity, proven security properties, and widespread availability in open-source libraries. The analysis also highlights the prevalence of index-based SE schemes using HE, the support for ranked search and multi-keyword queries, and the need for further exploration in functionalities such as verifiability and the ability to authorize and revoke users. Future research directions include exploring the usage of other encryption schemes alongside HE, addressing omissions in functionalities like fuzzy keyword search, and leveraging recent advancements in Fully Homomorphic Encryption schemes.

mathematics

Yong Ma,Jiale Zhao,Kangshun Li,Yuanlong Cao,Huyuan Chen,Youcheng Zhang

DOI: https://doi.org/10.4018/ijcini.287600

IF: 0.9

2021-10-01

International Journal of Cognitive Informatics and Natural Intelligence

Abstract:With the advent and development of database applications such as big data and data mining, how to ensure the availability of data without revealing sensitive information has been a significant problem for database privacy protection. As a critical technology to solve this problem, homomorphic encryption has become a hot research area in information security at home and abroad in recent years. The paper sorted out, analyzed, and summarized the research progress of homomorphic encryption technology in database privacy protection. Moreover, the application of three different types of homomorphic encryption technology in database privacy protection was introduced respectively, and the rationale and characteristics of each technique were analyzed and explained. Ultimately, this research summarized the challenges and development trends of homomorphic encryption technology in the application of database privacy protection, which provides a reference for future research.

C. Nita,A. Vizitiu,C. Suciu,A. Puiu,L. Itu

DOI: https://doi.org/10.1109/EMBC.2019.8857960

2019-07-01

Abstract:Motivated by state-of-the-art performances across a wide variety of areas, over the last few years Machine Learning has drawn a significant amount of attention from the healthcare domain. Despite their potential in enabling person-alized medicine applications, the adoption of Deep Learning based solutions in clinical workflows has been hindered in many cases by the strict regulations concerning the privacy of patient health data. We propose a solution that relies on Fully Homomorphic Encryption, particularly on the MORE scheme, as a mechanism for enabling computations on sensitive health data, without revealing the underlying data. The chosen variant of the encryption scheme allows for the computations in the Neural Network model to be directly performed on floating point numbers, while incurring a reasonably small computational overhead. For feasibility evaluation, we demonstrate on the MNIST digit recognition task that Deep Learning can be performed on encrypted data without compromising the accuracy. We then address a more complex task by training a model on encrypted data to estimate the outputs of a whole-body circulation (WBC) model. These results underline the potential of the proposed approach to outperform current solutions by delivering comparable results to the unencrypted Deep Learning based solutions, in a reasonable amount of time. Lastly, the security aspects of the encryption scheme are analyzed, and we show that, even though the chosen encryption scheme favors performance and utility at the cost of weaker security, it can still be used in certain practical applications.

Computer Science,Medicine

Vasily Sidorov,Ethan Yi Fan Wei,Wee Keong Ng

DOI: https://doi.org/10.48550/arXiv.2202.02960

2022-02-07

Cryptography and Security

Abstract:Oblivious data processing has been an on and off topic for the last decade or so. It provides great opportunities for secure data management and processing, especially in the cloud. At the same time, modern computing resources seem to be affordable enough to allow for practical use of homomorphic cryptography. Yet, the availability of products that offer practical homomorphic data processing is extremely scarce. As part of a project aimed at developing a practical homomorphic data management platform, we have conducted an extensive study of homomorphic cryptosystems' performance, the results of which are presented in this work. For this work we chose the following five cryptosystems: fully homomorphic HElib and SEAL, somewhat fully homomorphic PyAono, and partially homomorphic Paillier and ElGamal. In the discussion of the aggregated results, we suggest that partially homomorphic cryptosystems could be used today in certain practical applications, whereas time has not yet come for the fully homomorphic ones.

Jasmin Zalonis,Frederik Armknecht,Björn Grohmann,Manuel Koch

DOI: https://doi.org/10.48550/arXiv.2201.11406

2022-01-27

Abstract:Machine Learning on Big Data gets more and more attention in various fields. Even so privacy-preserving techniques become more important, even necessary due to legal regulations such as the General Data Protection Regulation (GDPR). On the other hand data is often distributed among various parties. Especially in the medical context there are several data holders, e.g. hospitals and we need to deal with highly sensitive values. A real world scenario would be data that is held in an electronic patient record that is available in many countries by now. The medical data is encrypted. Users (e.g. physicians, hospitals) can only decrypt the data after patient authorization. One of the main questions concerning this scenario is whether it is possible to process the data for research purposes without violating the privacy of the data owner. We want to evaluate which cryptographic mechanism - homomorphic encryption, multiparty computation or trusted execution environements - can be used for this task.

Cryptography and Security

Eugene Frimpong,Khoa Nguyen,Mindaugas Budzys,Tanveer Khan,Antonis Michalas

2024-01-26

Abstract:Machine Learning (ML) has emerged as one of data science's most transformative and influential domains. However, the widespread adoption of ML introduces privacy-related concerns owing to the increasing number of malicious attacks targeting ML models. To address these concerns, Privacy-Preserving Machine Learning (PPML) methods have been introduced to safeguard the privacy and security of ML models. One such approach is the use of Homomorphic Encryption (HE). However, the significant drawbacks and inefficiencies of traditional HE render it impractical for highly scalable scenarios. Fortunately, a modern cryptographic scheme, Hybrid Homomorphic Encryption (HHE), has recently emerged, combining the strengths of symmetric cryptography and HE to surmount these challenges. Our work seeks to introduce HHE to ML by designing a PPML scheme tailored for end devices. We leverage HHE as the fundamental building block to enable secure learning of classification outcomes over encrypted data, all while preserving the privacy of the input data and ML model. We demonstrate the real-world applicability of our construction by developing and evaluating an HHE-based PPML application for classifying heart disease based on sensitive ECG data. Notably, our evaluations revealed a slight reduction in accuracy compared to inference on plaintext data. Additionally, both the analyst and end devices experience minimal communication and computation costs, underscoring the practical viability of our approach. The successful integration of HHE into PPML provides a glimpse into a more secure and privacy-conscious future for machine learning on relatively constrained end devices.

Machine Learning,Cryptography and Security

James Scheibner,Jean Louis Raisaro,Juan Ramón Troncoso-Pastoriza,Marcello Ienca,Jacques Fellay,Effy Vayena,Jean-Pierre Hubaux

DOI: https://doi.org/10.48550/arXiv.2010.14445

2020-10-28

Abstract:Multisite medical data sharing is critical in modern clinical practice and medical research. The challenge is to conduct data sharing that preserves individual privacy and data usability. The shortcomings of traditional privacy-enhancing technologies mean that institutions rely on bespoke data sharing contracts. These contracts increase the inefficiency of data sharing and may disincentivize important clinical treatment and medical research. This paper provides a synthesis between two novel advanced privacy enhancing technologies (PETs): Homomorphic Encryption and Secure Multiparty Computation (defined together as Multiparty Homomorphic Encryption or MHE). These PETs provide a mathematical guarantee of privacy, with MHE providing a performance advantage over separately using HE or SMC. We argue MHE fulfills legal requirements for medical data sharing under the General Data Protection Regulation (GDPR) which has set a global benchmark for data protection. Specifically, the data processed and shared using MHE can be considered anonymized data. We explain how MHE can reduce the reliance on customized contractual measures between institutions. The proposed approach can accelerate the pace of medical research whilst offering additional incentives for healthcare and research institutes to employ common data interoperability standards.

Cryptography and Security,Computers and Society

Wang Ren,Xin Tong,Jing Du,Na Wang,Shan Cang Li,Geyong Min,Zhiwei Zhao,Ali Kashif Bashir

DOI: https://doi.org/10.1016/j.comcom.2020.10.022

IF: 5.047

2020-01-01

Computer Communications

Abstract:The data privacy concerns are increasingly affecting the Internet of things (IoT) and artificial intelligence (AI) applications, in which it is very challenging to protect the privacy of the underlying data. In recent, the advancements in the performances of homomorphic encryption (HE) make it possible to help protect sensitive and personal data in IoT applications using homomorphic encryption based schemes. This paper proposed a practical homomorphic encryption scheme that can enable data users in IoT systems to securely operate data over encrypted data, which can effectively protect the privacy of key data in the system. The experimental results demonstrated the effectiveness proposed scheme.

Michael C. Gul,Boaz Barak

Abstract:There are two dominant trends today that appear to be mutually exclusive: on the one hand, machine learning services that provide accurate predictions based on personal data have become widespread, but on the other hand, data privacy has become a paramount concern for many people. Furthermore, the use of machine learning is heavily restricted in situations like healthcare where it would be most impactful due to regulations preventing the sharing of private data. Fully Homomorphic Encryption (FHE) is the magic bullet that lets us “have our cake and eat it too,” allowing users to send their data to a remote machine learning provider and receive accurate predictions while mathematically guaranteeing complete data security. In this thesis, I give an exposition of Fully Homomorphic Encryption from first principles. I present the mathematical foundations of FHE, notably the Learning With Errors problem (and its Ring variant) used to prove FHE schemes secure, and then I describe two popular FHE schemes. Finally, I survey how FHE is currently used for machine learning, with a particular focus on settings where FHE unlocks opportunities that are otherwise infeasible due to privacy concerns. The primary contribution of this work is the completeness of its exposition, which takes a reader with no cryptography background to the forefront of current research in this revolutionary technology.

Computer Science