skip to main content
10.1145/3488932.3523253acmconferencesArticle/Chapter ViewAbstractPublication Pagesasia-ccsConference Proceedingsconference-collections
research-article

Privacy-Preserving Deep Sequential Model with Matrix Homomorphic Encryption

Published: 30 May 2022 Publication History

Abstract

Making deep neural networks available as a service introduces privacy problems, for which homomorphic encryption of both model and user data potentially offers the solution at the highest privacy level. However, the difficulty of operating on homomorphically encrypted data has hitherto limited the range of operations available and the depth of networks. We introduce an extended CKKS scheme MatHEAAN to provide efficient matrix representations and operations together with improved noise control. Using the MatHEAAN we developed a deep sequential model with a gated recurrent unit called MatHEGRU. We evaluated the proposed model using sequence modeling, regression, and classification of images and genome sequences. We show that the hidden states of the encrypted model, as well as the results, are consistent with a plaintext model.

Supplementary Material

MP4 File (video1880167336.mp4)
This is a presentation of our study titled Privacy-Preserving Deep Sequential Model with Matrix Homomorphic Encryption. In this study, we proposed MatHEAAN which is a homomorphic encryption for efficient matrix arithmetic. We also implemented the first end-to-end sequential model implemented with MatHEAAN. Finally, we evaluated proposed sequential model with various tasks and confirmed it successfully processes sequence data with consistent performance with plaintext models.

References

[1]
Ho Bae et al. 2018. Security and privacy issues in deep learning. arXiv:1807.11655
[2]
Song Bian et al. 2020. ENSEI: Efficient secure inference via frequency-domain homomorphic convolution for privacy-preserving visual recognition. In Proc. IEEE/CVF Conference on Computer Vision and Pattern Recognition. 9403--9412.
[3]
Florian Bourse et al. 2018. Fast homomorphic evaluation of deep discretized neural networks. In Annual International Cryptology Conference. Springer, 483--512.
[4]
Alon Brutzkus et al. 2019. Low latency privacy preserving inference. In Interna- tional Conference on Machine Learning. PMLR, 812--821.
[5]
Wouter Castryck et al. 2016. Provably weak instances of Ring-LWE revisited. In Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 147--167.
[6]
Gizem S. Çetin et al. 2015. An investigation of complex operations with word-size homomorphic encryption. Cryptology ePrint Archive, Report 2015/1195.
[7]
Jung Hee Cheon et al. 2017. Homomorphic encryption for arithmetic of approxi- mate numbers. In Advances in Cryptology--ASIACRYPT 2017. Springer, 409--437.
[8]
Jung Hee Cheon et al. 2018. Bootstrapping for approximate homomorphic encryption. Cryptology ePrint Archive, Report 2018/153.
[9]
Ilaria Chillotti et al. 2016. Faster fully homomorphic encryption: Bootstrapping in less than 0.1 seconds. In Proc. International Conference on the Theory and Application of Cryptology and Information Security. Springer, 3--33.
[10]
Kyunghyun Cho et al. 2014. On the properties of neural machine translation: Encoder-decoder approaches. arXiv:1409.1259
[11]
Edward Chou et al. 2018. Faster Cryptonets: Leveraging sparsity for real-world encrypted inference. arXiv:1811.09953
[12]
Matthieu Courbariaux et al. 2016. Binarized neural networks: training deep neural networks with weights and activations constrained to +1 or -1. arXiv:1602.02830
[13]
Ivan Damgård et al. 2012. Multiparty computation from somewhat homomorphic encryption. In Advances in Cryptology--CRYPTO 2012. Springer, 643--662.
[14]
Léo Ducas and Alain Durmus. 2012. Ring-LWE in polynomial rings. In International Workshop on Public Key Cryptography. Springer, 34--51.
[15]
Yara Elias et al. 2015. Provably weak instances of Ring-LWE. In Annual Cryptology Conference. Springer, 63--92.
[16]
Qi Feng et al. 2020. SecureNLP: A system for multi-party privacy-preserving natural language processing. IEEE Transactions on Information Forensics and Security 15 (2020), 3709--3721.
[17]
Craig Gentry. 2009. Fully homomorphic encryption using ideal lattices. In Proc. forty-first annual ACM symposium on Theory of computing. 169--178.
[18]
Craig Gentry et al. 2012. Homomorphic evaluation of the AES circuit. In Advances in Cryptology--CRYPTO 2012. Springer, 850--867.
[19]
Ran Gilad-Bachrach et al. 2016. Cryptonets: applying neural networks to en- crypted data with high throughput and accuracy. In Proc. International Conference on Machine Learning. 201--210.
[20]
Alex Graves et al. 2014. Neural turing machines. arXiv:1410.5401
[21]
Ehsan Hesamifard et al. 2018. Privacy-preserving machine learning as a service. Proceedings on Privacy Enhancing Technologies 2018, 3 (2018), 123--142.
[22]
Sepp Hochreiter and Jürgen Schmidhuber. 1997. Long short-term memory. Neural computation 9, 8 (1997), 1735--1780.
[23]
Xiaoqian Jiang et al. 2018. Secure outsourced matrix computation and application to neural networks. In Proc. 2018 ACM SIGSAC Conference on Computer and Communications Security. Association for Computing Machinery, 1209--1222.
[24]
Wonkyung Jung et al. 2021. Accelerating fully homomorphic encryption through architecture-centric analysis and optimization. IEEE Access 9 (2021), 98772--98789.
[25]
Chiraag Juvekar et al. 2018. GAZELLE: A low latency framework for secure neural network inference. In 27th USENIX Security Symposium. 1651--1669.
[26]
Andrey Kim et al. 2018. Logistic regression model training based on the approxi- mate homomorphic encryption. BMC Medical Genomics 11, 4 (2018), 83.
[27]
Quoc V Le et al. 2015. A simple way to initialize recurrent networks of rectified linear units.
[28]
Yann LeCun et al. 1998. MNIST handwritten digit database. http://yann.lecun. com/exdb/mnist/.
[29]
Byunghan Lee et al. 2016. deepTarget: End-to-end learning framework for mi- croRNA target prediction using deep recurrent neural networks. In Proc. 7th ACM International Conference on Bioinformatics, Computational Biology, and Health Informatics. 434--442.
[30]
Jian Liu et al. 2017. Oblivious neural network predictions via miniONN trans- formations. In Proc. ACM SIGSAC Conference on Computer and Communications Security. 619--631.
[31]
Vadim Lyubashevsky et al. 2010. On ideal lattices and learning with errors over rings. In Advances in Cryptology--EUROCRYPT 2010. 1--23.
[32]
Payman Mohassel and Yupeng Zhang. 2017. SecureML: A system for scalable privacy-preserving machine learning. In 2017 IEEE Symposium on Security and Privacy. IEEE, 19--38.
[33]
Chris Peikert. 2016. How (not) to instantiate ring-LWE. In International Conference on Security and Cryptography for Networks. Springer, 411--430.
[34]
Deevashwer Rathee et al. 2021. SIRNN: A math library for secure RNN inference. In 2021 IEEE Symposium on Security and Privacy. IEEE, 1003--1020.
[35]
Amartya Sanyal et al. 2018. TAPAS: Tricks to accelerate (encrypted) prediction as a service. In International Conference on Machine Learning. PMLR, 4490--4499.
[36]
Sinem Sav et al. 2021. POSEIDON: Privacy-preserving federated neural network learning. In Proc. Network and Distributed System Security Symposium 2021.
[37]
G. Schulz. 1933. Iterative Berechnung der Reziproken matrix. Zeitschrift fÃijr angewandte Mathematik und Mechanik 13 (1933), 57--59.
[38]
Guowen Xu et al. 2020. Secure and verifiable inference in deep neural networks. In Annual Computer Security Applications Conference.
[39]
Qiao Zhang et al. 2021. GALA: Greedy computation for linear algebra in privacy- preserved neural networks. arXiv:2105.01827

Cited By

View all
  • (2025)From accuracy to approximation: A survey on approximate homomorphic encryption and its applicationsComputer Science Review10.1016/j.cosrev.2024.10068955(100689)Online publication date: Feb-2025
  • (2025)Approximate homomorphic encryption based privacy-preserving machine learning: a surveyArtificial Intelligence Review10.1007/s10462-024-11076-858:3Online publication date: 6-Jan-2025
  • (2024)GPU Accelerated Full Homomorphic Encryption Cryptosystem, Library, and Applications for IoT SystemsIEEE Internet of Things Journal10.1109/JIOT.2023.331344311:4(6893-6903)Online publication date: 15-Feb-2024
  • Show More Cited By

Index Terms

  1. Privacy-Preserving Deep Sequential Model with Matrix Homomorphic Encryption

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      ASIA CCS '22: Proceedings of the 2022 ACM on Asia Conference on Computer and Communications Security
      May 2022
      1291 pages
      ISBN:9781450391405
      DOI:10.1145/3488932
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 30 May 2022

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. artificial intelligence
      2. deep learning
      3. homomorphic encryption
      4. recurrent neural network

      Qualifiers

      • Research-article

      Funding Sources

      • Brain Korea 21 FOUR
      • Institute of Information & communications Technology Planning & Evaluation (IITP)
      • Korea Institute for Advancement of Technology (KIAT) grant funded by the Korea Government (MOTIE)
      • National Research Foundation of Korea (NRF) funded by the Korea government (MSIT)

      Conference

      ASIA CCS '22
      Sponsor:

      Acceptance Rates

      Overall Acceptance Rate 418 of 2,322 submissions, 18%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)197
      • Downloads (Last 6 weeks)21
      Reflects downloads up to 20 Jan 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2025)From accuracy to approximation: A survey on approximate homomorphic encryption and its applicationsComputer Science Review10.1016/j.cosrev.2024.10068955(100689)Online publication date: Feb-2025
      • (2025)Approximate homomorphic encryption based privacy-preserving machine learning: a surveyArtificial Intelligence Review10.1007/s10462-024-11076-858:3Online publication date: 6-Jan-2025
      • (2024)GPU Accelerated Full Homomorphic Encryption Cryptosystem, Library, and Applications for IoT SystemsIEEE Internet of Things Journal10.1109/JIOT.2023.331344311:4(6893-6903)Online publication date: 15-Feb-2024
      • (2024)Toward Bootstrapping-Free Homomorphic Encryption-Based GRU Network for Text ClassificationIEEE Access10.1109/ACCESS.2024.342245512(94008-94017)Online publication date: 2024
      • (2024)Secure and Efficient Outsourced Matrix Multiplication with Homomorphic EncryptionProgress in Cryptology – INDOCRYPT 202410.1007/978-3-031-80308-6_3(51-74)Online publication date: 18-Dec-2024
      • (2023)Efficient Machine Learning on Encrypted Data Using Hyperdimensional Computing2023 IEEE/ACM International Symposium on Low Power Electronics and Design (ISLPED)10.1109/ISLPED58423.2023.10244262(1-6)Online publication date: 7-Aug-2023
      • (2023)High-Throughput Privacy-Preserving GRU Network with Homomorphic Encryption2023 International Joint Conference on Neural Networks (IJCNN)10.1109/IJCNN54540.2023.10191194(1-9)Online publication date: 18-Jun-2023
      • (2022)A Survey of Deep Learning Architectures for Privacy-Preserving Machine Learning With Fully Homomorphic EncryptionIEEE Access10.1109/ACCESS.2022.321904910(117477-117500)Online publication date: 2022

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media