key-nets同态加密方案的安全性分析及改进

doi:10.19665/j.issn1001-2400.2023.01.021

Abstract

Abstract:

key-nets,as the first optical homomorphic encryption scheme,is used toprotect the privacy of images used for machine learning.However,in the case of the vision sensor being obtained illegally,the author obtained the key used to encrypt the image in the key-nets scheme by solving the system of linear equations.In view of the security risks in this scheme and the difficulty of machine learning model training,this paper proposes a homomorphic encryption scheme that can use different generalized random matrices for each encryption without changing the original convolutional network structure,and further use the Diffie-Hellman key exchange protocol,which improves the security of the encryption key-nets and also improves the security of the convolutional network matching the vision sensor.Through the analysis of the feasibility of the scheme,privacy parameters,forward security,backward security,etc.,it is proved that the improved scheme can still protect the image information even if the attacker illegally obtains the visual sensor.

Key words: key-nets, machine learning, privacy protection, homomorphic encryption

CLC Number:

TN918.2

LI Wenhua,DONG Lihua,ZENG Yong. Analysis and improvement of the security of the key-nets homomorphic encryption scheme[J].Journal of Xidian University, 2023, 50(1): 192-202.

Figures/Tables 7

References 35

[1]	廖国辉, 刘嘉勇. 基于数据挖掘和机器学习的恶意代码检测方法[J]. 信息安全研究, 2016, 2(1):74-79.
	LIAO G H, LIU J Y. Malicious Code Detection Method Based on Data Mining and Machine Learning[J]. Information Security Research, 2016, 2(1):74-79.
[2]	CHEN S Z, WANG H P, XU F, et al. Target Classification Using the Deep Convolutional Networks for SAR Images[J]. IEEE Transactions on Geoscience and Remote Sensing, 2016, 54(8):4806-4817. doi: 10.1109/TGRS.2016.2551720
[3]	LAUNCHBURY J, ARCHER D, DUBUISSON T, et al. Application-Scale Secure Multiparty Computation[C]// European Symposium on Programming Languages and Systems.Berlin:Springer, 2014:8-26.
[4]	FU K, CHENG D W, TU Y, et al. Credit Card Fraud Detection Using Convolutional Neural Networks[C]// International Conference on Neural Information Processing.Berlin:Springer, 2016:483-490.
[5]	ROY A, SUN J, MAHONEY R, et al. Deep Learning Detecting Fraud in Credit Card Tansactions[C]// 2018 Systems and Information Engineering Design Symposium.Piscataway:IEEE, 2018:129-134.
[6]	ACHARYA, RAJENDRA U, ADELI, et al. Deep Convolutional Neural Network for the Automated Detection and Diagnosis of Seizure Using EEG Signals[J]. Computers in Biology and Medicine, 2018, 100:270-278. doi: S0010-4825(17)30315-3 pmid: 28974302
[7]	XU C G, REN J, ZHANG D Y, et al. GANobfuscator:Mitigating Information Leakage under Gan via Dfferential Privacy[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(9):2358-2371. doi: 10.1109/TIFS.10206
[8]	WANG B H, NEIL Z G. Stealing Hyperparameters in Machine Leaming[C]// IEEE Symposium on Security and Privacy.Piscataway:IEEE, 2018:36-52.
[9]	XIE L Y, LIN K X, WANG S, et al. Differentially Private Generative Adversarial Network[J/OL].[2022-01-10]. https://arxiv.org/abs/2201.03139v1.
[10]	KESARWANI M, MUKHOTY B, ARYA V, et al. Model Extraction Warning in Mlaas Paradigm[C]// Proceedings of the 34th Annual Computer Security Applications Conference.Piscataway:IEEE, 2018:371-380
[11]	YANG Q, LIU Y, CHEN T J, et al. Federated Machine Learning:Concept and Applications[J]. ACM Transactions on Intelligent Systems and Technology(TIST), 2019, 10(2):1-19.
[12]	KUMAR N, RATHEE M, CHANDRAN N, et al. Cryptflow:Secure Tensorflow Inference[C]// 2020 IEEE Symposium on Security and Privacy.Piscataway:IEEE, 2020:336-353.
[13]	ORLANDI C, PIVA A, BAMI M. Oblivious Neural Network Computing via Homomorphic Encryption[J]. EURASIP Journal on Information Security, 2008, 2007(1):1-11.
[14]	UPMANYU M, NAMBOODIRI A M, SRINATHAN K, et al. Efficient Privacy Preserving K-means Clustering[C]// Pacific-Asia Workshop on Intelligence and Security Informatics.Berlin:Springer, 2010:154-166.
[15]	BARNI M, FAILLA P, LAZZERETTI R, et al. Privacy-Preserving ECG Classification with Branching Programs and Neural Networks[J]. IEEE Transactions on Information Forensics & Security, 2011, 6(2):452-468.
[16]	GRAEPEL T, LAUTER K, NAEHRIG M. ML Confidential:Machine Learning on Encrypted Data[C]// International Conference on Information Security and Cryptology.Berlin:Springer, 2012:1-21.
[17]	PAILLIER P, POINTCHEVAL D. Efficient Public-Key Cryptosystems Provably Secure Against Active Ad-Versaries[C]// International Conference on the Theory and Application of Cryptology and Information Security.Berlin:Springer, 1999:165-179.
[18]	RAHULAMATHAVAN Y, PHAN R C W, VELURU S, et al. Privacy-Preserving Multi-class Support Vector Machine for Outsourcing the Data Classification in Cloud[J]. IEEE Transactions on Dependable and Secure Computing, 2013, 11(5):467-479. doi: 10.1109/TDSC.2013.51
[19]	BOST R, POPA R A, TU S, et al. Machine Learning Classification over Encrypted Data[C]// ISOC Network and Distributed System Security Symposium. Rosten: Internet Society, 2015:4324-4325
[20]	GILAD-BACHRACH R, DOWLIN N, LAINE K, et al. Cryptonets:Applying Neural Networks to Encrypted Data with High Throughput and Accuracy[C]// International Conference on Machine Learning. New York: PMLR, 2016:201-210.
[21]	LIU J, JUUTI M, LU Y, et al. Oblivious Neural Network Predictions via Minionn Transformations[C]// Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2017:619-631.
[22]	BOURSE F, MINELLI M, MINIHOLD M, et al. Fast Homomorphic Evaluation of Deep Discretized Neural Networks[C]// Annual International Cryptology Conference.Berlin:Springer, 2018:483-512.
[23]	JIANG X Q, KIM M, LAUTER K, et al. Secure Outsourced Matrix Computation and Application to Neural Networks[C]// Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security. New York: ACM, 2018:1209-1222.
[24]	朱强. 机器学习中的对抗样本防御和隐私保护[D]. 西安: 西安电子科技大学, 2019:31-40.
[25]	Al B A, JIN C, LIN J, et al. Towards the Alexnet Moment for Homomorphic Encryption:Hcnn,the First Homomorphic CNN on Encrypted Data with Gpus[J]. IEEE Transactions on Emerging Topics in Computing, 2020, 9(3):1330-1343. doi: 10.1109/TETC.2020.3014636
[26]	LI J, KUANG X H, LIN S J, et al. Privacy Preservation for Machine Learning Training and Classification Based on Homomorphic Encryption Schemes[J]. Information Sciences, 2020, 526:166-179. doi: 10.1016/j.ins.2020.03.041
[27]	NI H, HAN Y L, DUAN X W, et al. An Improved LeNet-5 Model Based on Encrypted Data[C]// International Conference of Pioneering Computer Scientists,Engineers and Educators.Berlin:Springer, 2021:166-178.
[28]	FANG H K, QAIN Q. Privacy Preserving Machine Learning with Homomorphic Encryption and Federated Learning[J]. Future Internet, 2021, 13(4):1-20. doi: 10.3390/fi13010001
[29]	ZHOU J F, MI B, HUANG D R, et al. Privacy-preserving Machine Learning Based on Homomorphic Conjugate Search Problem[C]// 2021 CAA Symposium on Fault Detection,Supervision,and Safety for Technical Processes(SAFEPROCESS).Piscataway:IEEE, 2021:1-6.
[30]	BYUN J, LEE W, LEE J. Parameter-free HE-friendly Logistic Regression[J]. Advances in Neural Information Processing Systems, 2021, 34:1-21
[31]	BYRNE J, DECANN B, BLOOM S. Key-Nets:Optical Transformation Convolutional Networks for Privacy Preserving Vision Sensors[J/OL].[2020-08-11]. https://arxiv.org/abs/2008.04469.
[32]	WANG Z, BOVIK A C, SHEIKH H R, et al. Image Quality Assessment:From Error Visibility to Structural Similarity[J]. IEEE Transactions on Image Processing, 2004, 13(4):600-612. doi: 10.1109/TIP.2003.819861
[33]	ANDERSIN R. Two Remarks on Public Key Cryptology(2021)[EB/OL].[2021-09-17]. http://www.cl.cam.ac.uk/users/rja14.
[34]	ZUO C, SUN S F, LIU J K, et al. Dynamic Searchable Symmetric Encryption with Forward and Stronger Backward Privacy[C]// European Symposium on Research in Computer Security.Berlin:Springer, 2019:283-303.
[35]	VAVASIS S A. On the Complexity of Nonnegative Matrix Factorization[J]. SIAM Journal on Optimization, 2010, 20(3):1364-1377. doi: 10.1137/070709967

	MNIST	CIFAR-10
原来网络(未加密)	0.983	0.617
加密(k₁=73)	0.983	0.617
加密(k₂=415)	0.983	0.617

Analysis and improvement of the security of the key-nets homomorphic encryption scheme

RichHTML

PDF (PC)

Like

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 7

References 35

Related Articles 15

Metrics

Comments

Recommended 10

[1]	QIAO Wenxin,LU Yu,LIU Yicen,LI Zhiwei,LI Xi. Dynamic scheduling method for service function chains in space air terrestrial aided edge cloud networks [J]. Journal of Xidian University, 2022, 49(2): 79-88.
[2]	WANG Kaiwen,WANG Shulan,WANG Haiyan,DING Yong. Top-k multi-keyword ciphertext retrieval scheme supporting attribute revocation [J]. Journal of Xidian University, 2022, 49(1): 26-34.
[3]	ZUO Kaizhong,LIU Rui,ZHAO Jun,CHEN Zhangyi,CHEN Fulong. Method for the protection of spatiotemporal correlation location privacy with semantic information [J]. Journal of Xidian University, 2022, 49(1): 67-77.
[4]	ZENG Yong,WU Zhengyuan,DONG Lihua,LIU Zhihong,MA Jianfeng,LI Zan. Research on malicious traffic identification technology in encrypted traffic [J]. Journal of Xidian University, 2021, 48(3): 170-187.
[5]	WANG Junxiang,HUANG Lin,ZHANG Ying,NI Jiangqun,LIN Lang. Algorithm for the detection of a low complexity contrast enhanced image source [J]. Journal of Xidian University, 2021, 48(1): 96-106.
[6]	CHE Xiaoliang,ZHOU Haonan,YANG Xiaoyuan,ZHOU Tanping,LIU Longfei,LI Ningbo. Efficient multi-key fully homomorphic encryption scheme from RLWE [J]. Journal of Xidian University, 2021, 48(1): 87-95.
[7]	ZHENG Xianchun,LI Hui,WANG Rui,YAN Haonan,DAI Rui,XIAO Mingchi. Survey of anonymous network applications and simulation platforms [J]. Journal of Xidian University, 2021, 48(1): 22-38.
[8]	ZHANG Shudong,GAO Haichang,CAO Xiwen,KANG Shuai. Adaptive fast and targeted adversarial attack for speech recognition [J]. Journal of Xidian University, 2021, 48(1): 168-175.
[9]	TIAN Haibo,LIN Huizhi,LUO Peiran,SU Yinxue. Scheme for being able to regulate a digital currency with user privacy protection [J]. Journal of Xidian University, 2020, 47(5): 40-47.
[10]	WANG Hui,WANG Licheng,BAI Xue,LIU Qinghua,SHEN Xiaoying. Research on key technology of blockchain privacy protection and scalability [J]. Journal of Xidian University, 2020, 47(5): 28-39.
[11]	ZHAO Zijun,YING Zuobin,YANG Zhao,LIU Ximeng,MA Jianfeng. Recommendation of platoon members by combining the blockchain and vehicular social network [J]. Journal of Xidian University, 2020, 47(5): 122-129.
[12]	YAN Lin,LIU Kai,DUAN Meiyu. Lightweight deep neural network for point cloud classification [J]. Journal of Xidian University, 2020, 47(2): 46-53.
[13]	HAN Kun;ZHANG Hailin;XIN Dan;WU Bo;KANG Yuanji. Design method of an identity-based fully homomorphic encryption library [J]. Journal of Xidian University, 2017, 44(4): 56-61.
[14]	YING Zuobin;MA Jianfeng;CUI Jiangtao. Attribute-based encryption with location verification and policy adjusting supporting the cloud mobile office [J]. Journal of Xidian University, 2017, 44(2): 57-62+190.
[15]	FU Xiaotong;XUE Peng. Identity-based privacy-preserving multi-receiver key encapsulation [J]. J4, 2014, 41(5): 7-12.