A Note on "Confidentiality-Preserving Image Search: A Comparative Study Between Homomorphic Encryption and Distance-Preserving Randomization"

Recently, Lu et al. have proposed two image search schemes based on additive homomorphic encryption [IEEE Access, 2 (2014), 125-141]. We remark that both two schemes are flawed because: (1) the first scheme does not make use of the additive homomorphic property at all; (2) the additive homomorphic encryption in the second scheme is unnecessary and can be replaced by a more efficient symmetric key encryption

Fully Homomorphic Image Processing

Fully homomorphic encryption has allowed devices to outsource computation to third parties while preserving the secrecy of the data being computed on. Many images contain sensitive information and are commonly sent to cloud services to encode images for different devices. We implement image processing homomorphically that ensures secrecy of the image while also providing reasonable overhead. We first present some previous related work, as well as the fully homomorphic encryption scheme we use. Then, we introduce our schemes for JPEG encoding and decoding, as well as schemes for bilinear and bicubic image resizing, as well as some data and analysis of our homomorphic schemes. Finally, we outline several issues with the homomorphic evaluation of proprietary algorithms, and how a third party can gain information on the algorithm through noise.Comment: 12 Page

Attacks on Image Encryption Schemes for Privacy-Preserving Deep Neural Networks

Privacy preserving machine learning is an active area of research usually relying on techniques such as homomorphic encryption or secure multiparty computation. Recent novel encryption techniques for performing machine learning using deep neural nets on images have recently been proposed by Tanaka and Sirichotedumrong, Kinoshita, and Kiya. We present new chosen-plaintext and ciphertext-only attacks against both of these proposed image encryption schemes and demonstrate the attacks' effectiveness on several examples.Comment: For associated code, see https://github.com/ahchang98/image-encryption-scheme-attack

Privacy-Preserving Visual Learning Using Doubly Permuted Homomorphic Encryption

We propose a privacy-preserving framework for learning visual classifiers by leveraging distributed private image data. This framework is designed to aggregate multiple classifiers updated locally using private data and to ensure that no private information about the data is exposed during and after its learning procedure. We utilize a homomorphic cryptosystem that can aggregate the local classifiers while they are encrypted and thus kept secret. To overcome the high computational cost of homomorphic encryption of high-dimensional classifiers, we (1) impose sparsity constraints on local classifier updates and (2) propose a novel efficient encryption scheme named doubly-permuted homomorphic encryption (DPHE) which is tailored to sparse high-dimensional data. DPHE (i) decomposes sparse data into its constituent non-zero values and their corresponding support indices, (ii) applies homomorphic encryption only to the non-zero values, and (iii) employs double permutations on the support indices to make them secret. Our experimental evaluation on several public datasets shows that the proposed approach achieves comparable performance against state-of-the-art visual recognition methods while preserving privacy and significantly outperforms other privacy-preserving methods.Comment: To appear in ICCV 201

Fully Homomorphic Encryption Encapsulated Difference Expansion for Reversible Data hiding in Encrypted Domain

This paper proposes a fully homomorphic encryption encapsulated difference expansion (FHEE-DE) scheme for reversible data hiding in encrypted domain (RDH-ED). In the proposed scheme, we use key-switching and bootstrapping techniques to control the ciphertext extension and decryption failure. To realize the data extraction directly from the encrypted domain without the private key, a key-switching based least-significant-bit (KS-LSB) data hiding method has been designed. In application, the user first encrypts the plaintext and uploads ciphertext to the server. Then the server performs data hiding by FHEE-DE and KS-LSB to obtain the marked ciphertext. Additional data can be extracted directly from the marked ciphertext by the server without the private key. The user can decrypt the marked ciphertext to obtain the marked plaintext. Then additional data or plaintext can be obtained from the marked plaintext by using the standard DE extraction or recovery. A fidelity constraint of DE is introduced to reduce the distortion of the marked plaintext. FHEE-DE enables the server to implement FHEE-DE recovery or extraction on the marked ciphertext, which returns the ciphertext of original plaintext or additional data to the user. In addition, we simplified the homomorphic operations of the proposed universal FHEE-DE to obtain an efficient version. The Experimental results demonstrate that the embedding capacity, fidelity, and reversibility of the proposed scheme are superior to existing RDH-ED methods, and fully separability is achieved without reducing the security of encryption

Application of Lowner-John Ellipsoid in the Steganography of Lattice Vectors and a Review of The Gentry's FHE

In this paper, first, we utilize the Lowner-John ellipsoid of a convex set to hide the lattice data information. We also describe the algorithm of information recovery in polynomial time by employing the Todd-Khachyian algorithm. The importance of lattice data is generally due to their applications in the homomorphic encryption schemes. For this reason we also outline the general scheme of a homomorphic encryption provided by Gentry

Multivariate Cryptosystems for Secure Processing of Multidimensional Signals

Multidimensional signals like 2-D and 3-D images or videos are inherently sensitive signals which require privacy-preserving solutions when processed in untrustworthy environments, but their efficient encrypted processing is particularly challenging due to their structure, dimensionality and size. This work introduces a new cryptographic hard problem denoted m-RLWE (multivariate Ring Learning with Errors) which generalizes RLWE, and proposes several relinearization-based techniques to efficiently convert signals with different structures and dimensionalities. The proposed hard problem and the developed techniques give support to lattice cryptosystems that enable encrypted processing of multidimensional signals and efficient conversion between different structures. We show an example cryptosystem and prove that it outperforms its RLWE counterpart in terms of security against basis-reduction attacks, efficiency and cipher expansion for encrypted image processing, and we exemplify some of the proposed transformation techniques in critical and ubiquitous block-based processing application

Secure SURF with Fully Homomorphic Encryption

Cloud computing is an important part of today's world because offloading computations is a method to reduce costs. In this paper, we investigate computing the Speeded Up Robust Features (SURF) using Fully Homomorphic Encryption (FHE). Performing SURF in FHE enables a method to offload the computations while maintaining security and privacy of the original data. In support of this research, we developed a framework to compute SURF via a rational number based compatible with FHE. Although floating point (R) to rational numbers (Q) conversion introduces error, our research provides tight bounds on the magnitude of error in terms of parameters of FHE. We empirically verified the proposed method against a set of images at different sizes and showed that our framework accurately computes most of the SURF keypoints in FHE

SEALion: a Framework for Neural Network Inference on Encrypted Data

We present SEALion: an extensible framework for privacy-preserving machine learning with homomorphic encryption. It allows one to learn deep neural networks that can be seamlessly utilized for prediction on encrypted data. The framework consists of two layers: the first is built upon TensorFlow and SEAL and exposes standard algebra and deep learning primitives; the second implements a Keras-like syntax for training and inference with neural networks. Given a required level of security, a user is abstracted from the details of the encoding and the encryption scheme, allowing quick prototyping. We present two applications that exemplifying the extensibility of our proposal, which are also of independent interest: i) improving efficiency of neural network inference by an activity sparsifier and ii) transfer learning by querying a server-side Variational AutoEncoder that can handle encrypted data

Cloud-based Privacy Preserving Image Storage, Sharing and Search

High-resolution cameras produce huge volume of high quality images everyday. It is extremely challenging to store, share and especially search those huge images, for which increasing number of cloud services are presented to support such functionalities. However, images tend to contain rich sensitive information (\eg, people, location and event), and people's privacy concerns hinder their readily participation into the services provided by untrusted third parties. In this work, we introduce PIC: a Privacy-preserving large-scale Image search system on Cloud. Our system enables efficient yet secure content-based image search with fine-grained access control, and it also provides privacy-preserving image storage and sharing among users. Users can specify who can/cannot search on their images when using the system, and they can search on others' images if they satisfy the condition specified by the image owners. Majority of the computationally intensive jobs are outsourced to the cloud side, and users only need to submit the query and receive the result throughout the entire image search. Specially, to deal with massive images, we design our system suitable for distributed and parallel computation and introduce several optimizations to further expedite the search process. We implement a prototype of PIC including both cloud side and client side. The cloud side is a cluster of computers with distributed file system (Hadoop HDFS) and MapReduce architecture (Hadoop MapReduce). The client side is built for both Windows OS laptops and Android phones. We evaluate the prototype system with large sets of real-life photos. Our security analysis and evaluation results show that PIC successfully protect the image privacy at a low cost of computation and communication.Comment: 15 pages, 12 figure