37 research outputs found
BAYHENN: Combining Bayesian Deep Learning and Homomorphic Encryption for Secure DNN Inference
Recently, deep learning as a service (DLaaS) has emerged as a promising way
to facilitate the employment of deep neural networks (DNNs) for various
purposes. However, using DLaaS also causes potential privacy leakage from both
clients and cloud servers. This privacy issue has fueled the research interests
on the privacy-preserving inference of DNN models in the cloud service. In this
paper, we present a practical solution named BAYHENN for secure DNN inference.
It can protect both the client's privacy and server's privacy at the same time.
The key strategy of our solution is to combine homomorphic encryption and
Bayesian neural networks. Specifically, we use homomorphic encryption to
protect a client's raw data and use Bayesian neural networks to protect the DNN
weights in a cloud server. To verify the effectiveness of our solution, we
conduct experiments on MNIST and a real-life clinical dataset. Our solution
achieves consistent latency decreases on both tasks. In particular, our method
can outperform the best existing method (GAZELLE) by about 5x, in terms of
end-to-end latency.Comment: accepted by IJCAI 2019; camera read
Toward Lossless Homomorphic Encryption for Scientific Computation
This paper presents a comprehensive investigation into encrypted computations
using the CKKS (Cheon-Kim-Kim-Song) scheme, with a focus on multi-dimensional
vector operations and real-world applications. Through two meticulously
designed experiments, the study explores the potential of the CKKS scheme in
Super Computing and its implications for data privacy and computational
efficiency. The first experiment reveals the promising applicability of CKKS to
matrix multiplication, indicating marginal differences in Euclidean distance
and near-to-zero mean square error across various matrix sizes. The second
experiment, applied to a wildfire dataset, illustrates the feasibility of using
encrypted machine learning models without significant loss in accuracy. The
insights gleaned from the research set a robust foundation for future
innovations, including the potential for GPU acceleration in CKKS computations
within TenSEAL. Challenges such as noise budget computation, accuracy loss in
multiplication, and the distinct characteristics of arithmetic operations in
the context of CKKS are also discussed. The paper serves as a vital step
towards understanding the complexities and potentials of encrypted
computations, with broad implications for secure data processing and privacy
preservation in various scientific domains
Towards the AlexNet Moment for Homomorphic Encryption: HCNN, theFirst Homomorphic CNN on Encrypted Data with GPUs
Deep Learning as a Service (DLaaS) stands as a promising solution for
cloud-based inference applications. In this setting, the cloud has a
pre-learned model whereas the user has samples on which she wants to run the
model. The biggest concern with DLaaS is user privacy if the input samples are
sensitive data. We provide here an efficient privacy-preserving system by
employing high-end technologies such as Fully Homomorphic Encryption (FHE),
Convolutional Neural Networks (CNNs) and Graphics Processing Units (GPUs). FHE,
with its widely-known feature of computing on encrypted data, empowers a wide
range of privacy-concerned applications. This comes at high cost as it requires
enormous computing power. In this paper, we show how to accelerate the
performance of running CNNs on encrypted data with GPUs. We evaluated two CNNs
to classify homomorphically the MNIST and CIFAR-10 datasets. Our solution
achieved a sufficient security level (> 80 bit) and reasonable classification
accuracy (99%) and (77.55%) for MNIST and CIFAR-10, respectively. In terms of
latency, we could classify an image in 5.16 seconds and 304.43 seconds for
MNIST and CIFAR-10, respectively. Our system can also classify a batch of
images (> 8,000) without extra overhead