key-nets同态加密方案的安全性分析及改进

doi:10.19665/j.issn1001-2400.2023.01.021

Abstract

Abstract:

key-nets,as the first optical homomorphic encryption scheme,is used toprotect the privacy of images used for machine learning.However,in the case of the vision sensor being obtained illegally,the author obtained the key used to encrypt the image in the key-nets scheme by solving the system of linear equations.In view of the security risks in this scheme and the difficulty of machine learning model training,this paper proposes a homomorphic encryption scheme that can use different generalized random matrices for each encryption without changing the original convolutional network structure,and further use the Diffie-Hellman key exchange protocol,which improves the security of the encryption key-nets and also improves the security of the convolutional network matching the vision sensor.Through the analysis of the feasibility of the scheme,privacy parameters,forward security,backward security,etc.,it is proved that the improved scheme can still protect the image information even if the attacker illegally obtains the visual sensor.

Key words: key-nets, machine learning, privacy protection, homomorphic encryption

CLC Number:

TN918.2

LI Wenhua,DONG Lihua,ZENG Yong. Analysis and improvement of the security of the key-nets homomorphic encryption scheme[J].Journal of Xidian University, 2023, 50(1): 192-202.

Figures/Tables 7

References 35

[1]	廖国辉, 刘嘉勇. 基于数据挖掘和机器学习的恶意代码检测方法[J]. 信息安全研究, 2016, 2(1):74-79.
	LIAO G H, LIU J Y. Malicious Code Detection Method Based on Data Mining and Machine Learning[J]. Information Security Research, 2016, 2(1):74-79.
[2]	CHEN S Z, WANG H P, XU F, et al. Target Classification Using the Deep Convolutional Networks for SAR Images[J]. IEEE Transactions on Geoscience and Remote Sensing, 2016, 54(8):4806-4817. doi: 10.1109/TGRS.2016.2551720
[3]	LAUNCHBURY J, ARCHER D, DUBUISSON T, et al. Application-Scale Secure Multiparty Computation[C]// European Symposium on Programming Languages and Systems.Berlin:Springer, 2014:8-26.
[4]	FU K, CHENG D W, TU Y, et al. Credit Card Fraud Detection Using Convolutional Neural Networks[C]// International Conference on Neural Information Processing.Berlin:Springer, 2016:483-490.
[5]	ROY A, SUN J, MAHONEY R, et al. Deep Learning Detecting Fraud in Credit Card Tansactions[C]// 2018 Systems and Information Engineering Design Symposium.Piscataway:IEEE, 2018:129-134.
[6]	ACHARYA, RAJENDRA U, ADELI, et al. Deep Convolutional Neural Network for the Automated Detection and Diagnosis of Seizure Using EEG Signals[J]. Computers in Biology and Medicine, 2018, 100:270-278. doi: S0010-4825(17)30315-3 pmid: 28974302
[7]	XU C G, REN J, ZHANG D Y, et al. GANobfuscator:Mitigating Information Leakage under Gan via Dfferential Privacy[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(9):2358-2371. doi: 10.1109/TIFS.10206
[8]	WANG B H, NEIL Z G. Stealing Hyperparameters in Machine Leaming[C]// IEEE Symposium on Security and Privacy.Piscataway:IEEE, 2018:36-52.
[9]	XIE L Y, LIN K X, WANG S, et al. Differentially Private Generative Adversarial Network[J/OL].[2022-01-10]. https://arxiv.org/abs/2201.03139v1.
[10]	KESARWANI M, MUKHOTY B, ARYA V, et al. Model Extraction Warning in Mlaas Paradigm[C]// Proceedings of the 34th Annual Computer Security Applications Conference.Piscataway:IEEE, 2018:371-380
[11]	YANG Q, LIU Y, CHEN T J, et al. Federated Machine Learning:Concept and Applications[J]. ACM Transactions on Intelligent Systems and Technology(TIST), 2019, 10(2):1-19.
[12]	KUMAR N, RATHEE M, CHANDRAN N, et al. Cryptflow:Secure Tensorflow Inference[C]// 2020 IEEE Symposium on Security and Privacy.Piscataway:IEEE, 2020:336-353.
[13]	ORLANDI C, PIVA A, BAMI M. Oblivious Neural Network Computing via Homomorphic Encryption[J]. EURASIP Journal on Information Security, 2008, 2007(1):1-11.
[14]	UPMANYU M, NAMBOODIRI A M, SRINATHAN K, et al. Efficient Privacy Preserving K-means Clustering[C]// Pacific-Asia Workshop on Intelligence and Security Informatics.Berlin:Springer, 2010:154-166.
[15]	BARNI M, FAILLA P, LAZZERETTI R, et al. Privacy-Preserving ECG Classification with Branching Programs and Neural Networks[J]. IEEE Transactions on Information Forensics & Security, 2011, 6(2):452-468.
[16]	GRAEPEL T, LAUTER K, NAEHRIG M. ML Confidential:Machine Learning on Encrypted Data[C]// International Conference on Information Security and Cryptology.Berlin:Springer, 2012:1-21.
[17]	PAILLIER P, POINTCHEVAL D. Efficient Public-Key Cryptosystems Provably Secure Against Active Ad-Versaries[C]// International Conference on the Theory and Application of Cryptology and Information Security.Berlin:Springer, 1999:165-179.
[18]	RAHULAMATHAVAN Y, PHAN R C W, VELURU S, et al. Privacy-Preserving Multi-class Support Vector Machine for Outsourcing the Data Classification in Cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2013, 11(5):467-479. doi: 10.1109/TDSC.2013.51
[19]	BOST R, POPA R A, TU S, et al. Machine Learning Classification over Encrypted Data[C]// ISOC Network and Distributed System Security Symposium. Rosten: Internet Society, 2015:4324-4325
[20]	GILAD-BACHRACH R, DOWLIN N, LAINE K, et al. Cryptonets:Applying Neural Networks to Encrypted Data with High Throughput and Accuracy[C]// International Conference on Machine Learning. New York: PMLR, 2016:201-210.
[21]	LIU J, JUUTI M, LU Y, et al. Oblivious Neural Network Predictions via Minionn Transformations[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2017:619-631.
[22]	BOURSE F, MINELLI M, MINIHOLD M, et al. Fast Homomorphic Evaluation of Deep Discretized Neural Networks[C]// Annual International Cryptology Conference.Berlin:Springer, 2018:483-512.
[23]	JIANG X Q, KIM M, LAUTER K, et al. Secure Outsourced Matrix Computation and Application to Neural Networks[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018:1209-1222.
[24]	朱强. 机器学习中的对抗样本防御和隐私保护[D]. 西安: 西安电子科技大学, 2019:31-40.
[25]	Al B A, JIN C, LIN J, et al. Towards the Alexnet Moment for Homomorphic Encryption:Hcnn,the First Homomorphic CNN on Encrypted Data with Gpus[J]. IEEE Transactions on Emerging Topics in Computing, 2020, 9(3):1330-1343. doi: 10.1109/TETC.2020.3014636
[26]	LI J, KUANG X H, LIN S J, et al. Privacy Preservation for Machine Learning Training and Classification Based on Homomorphic Encryption Schemes[J]. Information Sciences, 2020, 526:166-179. doi: 10.1016/j.ins.2020.03.041
[27]	NI H, HAN Y L, DUAN X W, et al. An Improved LeNet-5 Model Based on Encrypted Data[C]// International Conference of Pioneering Computer Scientists,Engineers and Educators.Berlin:Springer, 2021:166-178.
[28]	FANG H K, QAIN Q. Privacy Preserving Machine Learning with Homomorphic Encryption and Federated Learning[J]. Future Internet, 2021, 13(4):1-20. doi: 10.3390/fi13010001
[29]	ZHOU J F, MI B, HUANG D R, et al. Privacy-preserving Machine Learning Based on Homomorphic Conjugate Search Problem[C]// 2021 CAA Symposium on Fault Detection,Supervision,and Safety for Technical Processes(SAFEPROCESS).Piscataway:IEEE, 2021:1-6.
[30]	BYUN J, LEE W, LEE J. Parameter-free HE-friendly Logistic Regression[J]. Advances in Neural Information Processing Systems, 2021, 34:1-21
[31]	BYRNE J, DECANN B, BLOOM S. Key-Nets:Optical Transformation Convolutional Networks for Privacy Preserving Vision Sensors[J/OL].[2020-08-11]. https://arxiv.org/abs/2008.04469.
[32]	WANG Z, BOVIK A C, SHEIKH H R, et al. Image Quality Assessment:From Error Visibility to Structural Similarity[J]. IEEE Transactions on Image Processing, 2004, 13(4):600-612. doi: 10.1109/TIP.2003.819861
[33]	ANDERSIN R. Two Remarks on Public Key Cryptology(2021)[EB/OL].[2021-09-17]. http://www.cl.cam.ac.uk/users/rja14.
[34]	ZUO C, SUN S F, LIU J K, et al. Dynamic Searchable Symmetric Encryption with Forward and Stronger Backward Privacy[C]// European Symposium on Research in Computer Security.Berlin:Springer, 2019:283-303.
[35]	VAVASIS S A. On the Complexity of Nonnegative Matrix Factorization[J]. SIAM Journal on Optimization, 2010, 20(3):1364-1377. doi: 10.1137/070709967

	MNIST	CIFAR-10
原来网络(未加密)	0.983	0.617
加密(k₁=73)	0.983	0.617
加密(k₂=415)	0.983	0.617

Analysis and improvement of the security of the key-nets homomorphic encryption scheme

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 35

Related Articles 15

Metrics

Comments

Recommended 0

[1]	ZHOU Hao, SHAO Shiyun, MA Yong, LIU Zhiquan, GUAN Quanlong, WANG Xiaoming. Machine learning-assisted trust evaluation scheme for emergency messages in VANETs [J]. Journal of Xidian University, 2024, 51(6): 194-203.
[2]	JIANG Laiwei, GU Haiyang, XIE Lixia, YANG Hongyu. Research on the application of machine learning to intrusion detection in WSN [J]. Journal of Xidian University, 2024, 51(4): 206-225.
[3]	TIAN Youliang, ZHAO Min, BI Renwan, XIONG Jinbo. Secure K-prototype clustering against the collusion of rational adversaries [J]. Journal of Xidian University, 2024, 51(2): 196-210.
[4]	GUO Qing, TIAN Youliang. Medicaldata privacy protection scheme supporting controlled sharing [J]. Journal of Xidian University, 2024, 51(1): 165-176.
[5]	XIONG Jingwei, PAN Jifei, BI Daping, DU Mingyang. Multi-scale convolutional attention network for radar behavior recognition [J]. Journal of Xidian University, 2023, 50(6): 62-74.
[6]	WANG Bo,LI Hongtao,WANG Jie,GUO Yina. Federated learning scheme for privacy-preserving of medical data [J]. Journal of Xidian University, 2023, 50(5): 166-177.
[7]	SONG Cheng,CHENG Daochen,PENG Weiping. Efficient federated learning privacy protection scheme [J]. Journal of Xidian University, 2023, 50(5): 178-187.
[8]	CAO Laicheng,WU Wentao,FENG Tao,GUO Xian. Privacy preserving multi-classification LR scheme for data quality [J]. Journal of Xidian University, 2023, 50(5): 188-198.
[9]	GUO Gang,YANG Chao,CHEN Mingzhe,MA Jianfeng. App traffic identification under ShadowSocksR proxy with machine learning [J]. Journal of Xidian University, 2023, 50(2): 138-146.
[10]	QIAO Wenxin,LU Yu,LIU Yicen,LI Zhiwei,LI Xi. Dynamic scheduling method for service function chains in space air terrestrial aided edge cloud networks [J]. Journal of Xidian University, 2022, 49(2): 79-88.
[11]	WANG Kaiwen,WANG Shulan,WANG Haiyan,DING Yong. Top-k multi-keyword ciphertext retrieval scheme supporting attribute revocation [J]. Journal of Xidian University, 2022, 49(1): 26-34.
[12]	ZUO Kaizhong,LIU Rui,ZHAO Jun,CHEN Zhangyi,CHEN Fulong. Method for the protection of spatiotemporal correlation location privacy with semantic information [J]. Journal of Xidian University, 2022, 49(1): 67-77.
[13]	ZENG Yong,WU Zhengyuan,DONG Lihua,LIU Zhihong,MA Jianfeng,LI Zan. Research on malicious traffic identification technology in encrypted traffic [J]. Journal of Xidian University, 2021, 48(3): 170-187.
[14]	WANG Junxiang,HUANG Lin,ZHANG Ying,NI Jiangqun,LIN Lang. Algorithm for the detection of a low complexity contrast enhanced image source [J]. Journal of Xidian University, 2021, 48(1): 96-106.
[15]	CHE Xiaoliang,ZHOU Haonan,YANG Xiaoyuan,ZHOU Tanping,LIU Longfei,LI Ningbo. Efficient multi-key fully homomorphic encryption scheme from RLWE [J]. Journal of Xidian University, 2021, 48(1): 87-95.