3,882 research outputs found
XONN: XNOR-based Oblivious Deep Neural Network Inference
Advancements in deep learning enable cloud servers to provide
inference-as-a-service for clients. In this scenario, clients send their raw
data to the server to run the deep learning model and send back the results.
One standing challenge in this setting is to ensure the privacy of the clients'
sensitive data. Oblivious inference is the task of running the neural network
on the client's input without disclosing the input or the result to the server.
This paper introduces XONN, a novel end-to-end framework based on Yao's Garbled
Circuits (GC) protocol, that provides a paradigm shift in the conceptual and
practical realization of oblivious inference. In XONN, the costly
matrix-multiplication operations of the deep learning model are replaced with
XNOR operations that are essentially free in GC. We further provide a novel
algorithm that customizes the neural network such that the runtime of the GC
protocol is minimized without sacrificing the inference accuracy.
We design a user-friendly high-level API for XONN, allowing expression of the
deep learning model architecture in an unprecedented level of abstraction.
Extensive proof-of-concept evaluation on various neural network architectures
demonstrates that XONN outperforms prior art such as Gazelle (USENIX
Security'18) by up to 7x, MiniONN (ACM CCS'17) by 93x, and SecureML (IEEE
S&P'17) by 37x. State-of-the-art frameworks require one round of interaction
between the client and the server for each layer of the neural network,
whereas, XONN requires a constant round of interactions for any number of
layers in the model. XONN is first to perform oblivious inference on Fitnet
architectures with up to 21 layers, suggesting a new level of scalability
compared with state-of-the-art. Moreover, we evaluate XONN on four datasets to
perform privacy-preserving medical diagnosis.Comment: To appear in USENIX Security 201
Robust Cryptography in the Noisy-Quantum-Storage Model
It was shown in [WST08] that cryptographic primitives can be implemented
based on the assumption that quantum storage of qubits is noisy. In this work
we analyze a protocol for the universal task of oblivious transfer that can be
implemented using quantum-key-distribution (QKD) hardware in the practical
setting where honest participants are unable to perform noise-free operations.
We derive trade-offs between the amount of storage noise, the amount of noise
in the operations performed by the honest participants and the security of
oblivious transfer which are greatly improved compared to the results in
[WST08]. As an example, we show that for the case of depolarizing noise in
storage we can obtain secure oblivious transfer as long as the quantum
bit-error rate of the channel does not exceed 11% and the noise on the channel
is strictly less than the quantum storage noise. This is optimal for the
protocol considered. Finally, we show that our analysis easily carries over to
quantum protocols for secure identification.Comment: 34 pages, 2 figures. v2: clarified novelty of results, improved
security analysis using fidelity-based smooth min-entropy, v3: typos and
additivity proof in appendix correcte
Protocols for Authenticated Oblivious Transfer
Oblivious transfer (OT) is a basic building block in many cryptographic protocols. In this paper, we exploit some well-known authenticated Diffie-Hellman-based key exchange protocols to build three authenticated 1-out-of-2 oblivious transfers. We show that our proposed protocols are secure in the semi-honest model. We also compare our schemes with three similar 1-out-of-2 OT protocols and show that authentication in our schemes costs only up to either two more exponentiations or one message signing, compared to those with no authentication
When private set intersection meets big data : an efficient and scalable protocol
Large scale data processing brings new challenges to the design of privacy-preserving protocols: how to meet the increasing requirements of speed and throughput of modern applications, and how to scale up smoothly when data being protected is big. Efficiency and scalability become critical criteria for privacy preserving protocols in the age of Big Data. In this paper, we present a new Private Set Intersection (PSI) protocol that is extremely efficient and highly scalable compared with existing protocols. The protocol is based on a novel approach that we call oblivious Bloom intersection. It has linear complexity and relies mostly on efficient symmetric key operations. It has high scalability due to the fact that most operations can be parallelized easily. The protocol has two versions: a basic protocol and an enhanced protocol, the security of the two variants is analyzed and proved in the semi-honest model and the malicious model respectively. A prototype of the basic protocol has been built. We report the result of performance evaluation and compare it against the two previously fastest PSI protocols. Our protocol is orders of magnitude faster than these two protocols. To compute the intersection of two million-element sets, our protocol needs only 41 seconds (80-bit security) and 339 seconds (256-bit security) on moderate hardware in parallel mode
Highly Efficient and Re-executable Private Function Evaluation with Linear Complexity
The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.Private function evaluation aims to securely compute a function f(x1, ... ; xn) without leaking any information other than what is revealed by the output, where f is a private input of one of the parties (say Party1) and xi is a private input of the i-th party Partyi. In this work, we propose a novel and secure two-party private function evaluation (2PFE) scheme based on the DDH assumption. Our scheme introduces a reusability feature that signi cantly improves the state-of-the-art. Accordingly, our scheme has two variants, one is utilized in the initial execution of the function f, and the other is utilized in its subsequent evaluations. To the best of our knowledge, this is the first and most efficient 2PFE scheme that enjoys a reusablity feature. Our protocols achieve linear communication and computation complexities and a constant number of rounds which is at most three
Approximate Nearest Neighbor Fields in Video
We introduce RIANN (Ring Intersection Approximate Nearest Neighbor search),
an algorithm for matching patches of a video to a set of reference patches in
real-time. For each query, RIANN finds potential matches by intersecting rings
around key points in appearance space. Its search complexity is reversely
correlated to the amount of temporal change, making it a good fit for videos,
where typically most patches change slowly with time. Experiments show that
RIANN is up to two orders of magnitude faster than previous ANN methods, and is
the only solution that operates in real-time. We further demonstrate how RIANN
can be used for real-time video processing and provide examples for a range of
real-time video applications, including colorization, denoising, and several
artistic effects.Comment: A CVPR 2015 oral pape
- ā¦