skip to main content
10.1145/3649329.3658481acmconferencesArticle/Chapter ViewAbstractPublication PagesdacConference Proceedingsconference-collections
research-article

Order-Preserving Cryptography for the Confidential Inference in Random Forests: FPGA Design and Implementation

Published: 07 November 2024 Publication History

Abstract

Prior work has addressed the problem of confidential inference in decision trees. Both traditional order-preserving cryptography (OPE) and order-preserving NTRU cryptography have been used to ensure data and model privacy in decision trees. Furthermore, FPGA architectures and implementations have been proposed for implementing such confidential inference algorithms on resource-limited, edge-based platforms such as low-cost FPGA boards. In this paper, we address the challenging problem of scalability of order-preserving confidential inference to random forests, which are ensembles of decision trees that are meant to improve their classification accuracy and reduce their overfitting. The paper develops a methodology and an FPGA implementation strategy for scaling up OPE to random forests. In particular, a framework is used to study the multifaceted tradeoffs that exist between the number of trees in the random forest, the strength of the encryption, the accuracy of the inferences, and the resources of the edge platform. Extensive experiments are conducted using the MNIST dataset and the Intel DE10 Standard FPGA board.

References

[1]
Qianying Liao, Bruno Cabral, João Paulo Fernandes, and Nuno Lourenço. Herb: Privacy-preserving random forest with partially homomorphic encryption. In 2022 International Joint Conference on Neural Networks (IJCNN), pages 1--10. IEEE, 2022.
[2]
Yuncheng Wu, Shaofeng Cai, Xiaokui Xiao, Gang Chen, and Beng Chin Ooi. Privacy preserving vertical federated learning for tree-based models. arXiv preprint arXiv:2008.06170, 2020.
[3]
Zhuoran Ma, Jianfeng Ma, Yinbin Miao, and Ximeng Liu. Privacy-preserving and high-accurate outsourced disease predictor on random forest. Information Sciences, 496:225--241, 2019.
[4]
Nicholas Carlini et. al. The secret sharer: Evaluating and testing unintended memorization in neural networks. In 28th USENIX Security Symposium (USENIX Security 19), pages 267--284, 2019.
[5]
Zhanglong Ji, Zachary C Lipton, and Charles Elkan. Differential privacy and machine learning: a survey and review. arXiv preprint arXiv:1412.7584, 2014.
[6]
Asma Aloufi et. al. Blindfolded evaluation of random forests with multi-key homomorphic encryption. IEEE Transactions on Dependable and Secure Computing, 18(4):1821--1835, 2019.
[7]
David J Wu, Tony Feng, Michael Naehrig, and Kristin Lauter. Privately evaluating decision trees and random forests. Cryptology ePrint Archive, 2015.
[8]
Alexandra Boldyreva et. al. Order-preserving symmetric encryption. In Advances in Cryptology-EUROCRYPT 2009: 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26-30, 2009. Proceedings 28, pages 224--241. Springer, 2009.
[9]
Kevin Lewi and David J Wu. Order-revealing encryption: New constructions, applications, and lower bounds. In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pages 1167--1178, 2016.
[10]
Rupesh Raj Karn, Kashif Nawaz, and Ibrahim M Elfadel. Securing decision tree inference using order-preserving cryptography. In 5th IEEE International Conference on Artificial Intelligence Circuits and Systems (AICAS 2023), pages 1--5. IEEE, 2023.
[11]
Craig Gentry. A fully homomorphic encryption scheme. Stanford university, 2009.
[12]
Rupesh Raj Karn and Ibrahim M Elfadel. Confidential inference in decision trees: FPGA design and implementation. In 30th IFIP/IEEE International Conference on Very Large Scale Integration (VLSI-SoC 2022), pages 1--6. IEEE, 2022.
[13]
Sioni Summers, Giuseppe Di Guglielmo, Javier Duarte, Philip Harris, Duc Hoang, Sergo Jindariani, Edward Kreinar, Vladimir Loncar, Jennifer Ngadiuba, Maurizio Pierini, et al. Fast inference of boosted decision trees in fpgas for particle physics. Journal of Instrumentation, 15(05):P05026, 2020.
[14]
Rafal Kulaga and Marek Gorgon. FPGA implementation of decision trees and tree ensembles for character recognition in vivado hls. Image Processing & Communications, 19(2-3):71, 2014.
[15]
Nathan Chenette et. al. Practical order-revealing encryption with limited leakage. In Fast Software Encryption: 23rd International Conference, FSE 2016, Bochum, Germany, March 20-23, 2016, pages 474--493. Springer, 2016.
[16]
Fabian Pedregosa, Gaël Varoquaux, Alexandre Gramfort, Vincent Michel, Bertrand Thirion, Olivier Grisel, Mathieu Blondel, Peter Prettenhofer, Ron Weiss, Vincent Dubourg, et al. Scikit-learn: Machine learning in python. the Journal of machine Learning research, 12:2825--2830, 2011.
[17]
Kevin Lewi David Wu. Fastore.
[18]
Yann LeCun et. al. Gradient-based Learning Applied to Document Recognition. Proceedings of the IEEE, 86(11):2278--2324, 1998.
[19]
DE-10 standard FPGA. http://de10-standard.terasic.com/.

Cited By

View all
  • (2024)Confidential Inference in Decision TreesVLSI-SoC 2023: Innovations for Trustworthy Artificial Intelligence10.1007/978-3-031-70947-0_14(273-297)Online publication date: 29-Dec-2024

Index Terms

  1. Order-Preserving Cryptography for the Confidential Inference in Random Forests: FPGA Design and Implementation
            Index terms have been assigned to the content through auto-classification.

            Recommendations

            Comments

            Information & Contributors

            Information

            Published In

            cover image ACM Conferences
            DAC '24: Proceedings of the 61st ACM/IEEE Design Automation Conference
            June 2024
            2159 pages
            ISBN:9798400706011
            DOI:10.1145/3649329
            Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

            Sponsors

            In-Cooperation

            Publisher

            Association for Computing Machinery

            New York, NY, United States

            Publication History

            Published: 07 November 2024

            Check for updates

            Author Tags

            1. decision tree
            2. random forest
            3. order-preserving encryption
            4. confidential inference
            5. FPGA
            6. sequential circuit
            7. combinational circuit

            Qualifiers

            • Research-article

            Funding Sources

            • Technology Innovation Institute (TII), Abu Dhabi, UAE

            Conference

            DAC '24
            Sponsor:
            DAC '24: 61st ACM/IEEE Design Automation Conference
            June 23 - 27, 2024
            CA, San Francisco, USA

            Acceptance Rates

            Overall Acceptance Rate 1,770 of 5,499 submissions, 32%

            Upcoming Conference

            DAC '25
            62nd ACM/IEEE Design Automation Conference
            June 22 - 26, 2025
            San Francisco , CA , USA

            Contributors

            Other Metrics

            Bibliometrics & Citations

            Bibliometrics

            Article Metrics

            • Downloads (Last 12 months)68
            • Downloads (Last 6 weeks)3
            Reflects downloads up to 27 Jan 2025

            Other Metrics

            Citations

            Cited By

            View all
            • (2024)Confidential Inference in Decision TreesVLSI-SoC 2023: Innovations for Trustworthy Artificial Intelligence10.1007/978-3-031-70947-0_14(273-297)Online publication date: 29-Dec-2024

            View Options

            Login options

            View options

            PDF

            View or Download as a PDF file.

            PDF

            eReader

            View online with eReader.

            eReader

            Figures

            Tables

            Media

            Share

            Share

            Share this Publication link

            Share on social media