ABSTRACT
Deep Learning Models such as Convolution Neural Networks (CNNs) have shown great potential in various applications. However, these techniques will face regulatory compliance challenges related to privacy of user data, especially when they are deployed as a service on a cloud platform. Such concerns can be mitigated by using privacy preserving machine learning techniques. The purpose of our work is to explore a class of privacy preserving machine learning technique called Fully Homomorphic Encryption in enabling CNN inference on encrypted real-world dataset. Fully homomorphic encryption face the limitation of computational depth. They are also resource intensive operations. We run our experiments on MNIST dataset to understand the challenges and identify the optimization techniques. We used these insights to achieve the end goal of enabling encrypted inference for binary classification on melanoma dataset using Cheon-Kim-Kim-Song (CKKS) encryption scheme available in the open-source HElib library.
- Fabian Boemer, Anamaria Costache, Rosario Cammarota, and Casimir Wierzynski. 2019. nGraph-HE2: A High-Throughput Framework for Neural Network Inference on Encrypted Data. arxiv:1908.04172 [cs.CR]Google Scholar
- Alon Brutzkus, Ran Gilad-Bachrach, and Oren Elisha. 2019. Low latency privacy preserving inference. In International Conference on Machine Learning. 812–821.Google Scholar
- Edward Chou, Josh Beal, Daniel Levy, Serena Yeung, Albert Haque, and Li Fei-Fei. 2018. Faster CryptoNets: Leveraging Sparsity for Real-World Encrypted Inference. CoRR abs/1811.09953(2018). arxiv:1811.09953http://arxiv.org/abs/1811.09953Google Scholar
- Nathan Dowlin, Ran Gilad-Bachrach, Kim Laine, Kristin Lauter, Michael Naehrig, and John Wernsing. 2016. Cryptonets: Applying neural networks to encrypted data with high throughput and accuracy. In International Conference on Machine Learning. 201–210.Google Scholar
- Zahra Ghodsi, Akshaj Veldanda, Brandon Reagen, and Siddharth Garg. 2021. CryptoNAS: Private Inference on a ReLU Budget. arxiv:2006.08733 [cs.LG]Google Scholar
- David A. Gutman, Noel C. F. Codella, M. Emre Celebi, Brian Helba, Michael A. Marchetti, Nabin K. Mishra, and Allan Halpern. 2016. Skin Lesion Analysis toward Melanoma Detection: A Challenge at the International Symposium on Biomedical Imaging (ISBI) 2016, hosted by the International Skin Imaging Collaboration (ISIC). CoRR abs/1605.01397(2016). arXiv:1605.01397http://arxiv.org/abs/1605.01397Google Scholar
- Takumi Ishiyama, Takuya Suzuki, and Hayato Yamana. 2020. Highly Accurate CNN Inference Using Approximate Activation Functions over Homomorphic Encryption. arxiv:2009.03727 [cs.LG]Google Scholar
- Nandan Kumar Jha, Zahra Ghodsi, Siddharth Garg, and Brandon Reagen. 2021. DeepReDuce: ReLU Reduction for Fast Private Inference. arxiv:2103.01396 [cs.LG]Google Scholar
- Chiraag Juvekar, Vinod Vaikuntanathan, and Anantha Chandrakasan. 2018. GAZELLE: A low latency framework for secure neural network inference. In 27th USENIX Security Symposium (USENIX Security 18). 1651–1669.Google Scholar
- Guillermo Lloret-Talavera, Marc Jorda, Harald Servat, Fabian Boemer, Chetan Chauhan, Shigeki Tomishima, Nilesh N. Shah, and Antonio J Pena. 2021. Enabling Homomorphically Encrypted Inference for Large DNN Models. IEEE Trans. Comput. (2021), 1–1. https://doi.org/10.1109/tc.2021.3076123Google ScholarCross Ref
- Qian Lou and Lei Jiang. 2019. SHE: A Fast and Accurate Deep Neural Network for Encrypted Data. In Advances in Neural Information Processing Systems. 10035–10043.Google Scholar
- Qian Lou and Lei Jiang. 2021. HEMET: A Homomorphic-Encryption-Friendly Privacy-Preserving Mobile Neural Network Architecture. arxiv:2106.00038 [cs.CR]Google Scholar
Index Terms
- PPDL - Privacy Preserving Deep Learning Using Homomorphic Encryption
Recommendations
CryptInfer: Enabling Encrypted Inference on Skin Lesion Images for Melanoma Detection
AIMLSystems '21: Proceedings of the First International Conference on AI-ML SystemsDeep learning models such as Convolutional Neural Networks (CNNs) have shown the potential to classify medical images for accurate diagnosis. These techniques will face regulatory compliance challenges related to privacy of user data, especially when ...
A Pairing-based Homomorphic Encryption Scheme for Multi-User Settings
A new method is presented to privately outsource computation of different users. As a significant cryptographic primitive in cloud computing, homomorphic encryption HE can evaluate on ciphertext directly without decryption, thus avoid information ...
Cryptanalysis of a homomorphic encryption scheme
Homomorphic encryption allows to make specific operations on private data which stays encrypted. While applications such as cloud computing require to have a practical solution, the encryption scheme must be secure. In this article, we detail and ...
Comments