EDLaaS; Fully Homomorphic Encryption Over Neural Network Graphs

• URL: http://arxiv.org/abs/2110.13638v1
• Date: Tue, 26 Oct 2021 12:43:35 GMT
• Title: EDLaaS; Fully Homomorphic Encryption Over Neural Network Graphs
• Authors: George Onoufriou, Marc Hanheide, Georgios Leontidis
• Abstract summary: We use the 4th generation Cheon, Kim, Kim and Song (CKKS) FHE scheme over fixed points provided by the Microsoft Simple Encrypted Arithmetic Library (MS-SEAL) We find that FHE is not a panacea for all privacy preserving machine learning (PPML) problems, and that certain limitations still remain, such as model training. We focus on convolutional neural networks (CNNs), fashion-MNIST, and levelled FHE operations.
• Score: 7.195443855063635
• License: http://creativecommons.org/licenses/by-sa/4.0/
• Abstract: We present automatically parameterised Fully Homomorphic Encryption (FHE), for encrypted neural network inference. We present and exemplify our inference over FHE compatible neural networks with our own open-source framework and reproducible step-by-step examples. We use the 4th generation Cheon, Kim, Kim and Song (CKKS) FHE scheme over fixed points provided by the Microsoft Simple Encrypted Arithmetic Library (MS-SEAL). We significantly enhance the usability and applicability of FHE in deep learning contexts, with a focus on the constituent graphs, traversal, and optimisation. We find that FHE is not a panacea for all privacy preserving machine learning (PPML) problems, and that certain limitations still remain, such as model training. However we also find that in certain contexts FHE is well suited for computing completely private predictions with neural networks. We focus on convolutional neural networks (CNNs), fashion-MNIST, and levelled FHE operations. The ability to privately compute sensitive problems more easily, while lowering the barriers to entry, can allow otherwise too-sensitive fields to begin advantaging themselves of performant third-party neural networks. Lastly we show encrypted deep learning, applied to a sensitive real world problem in agri-food, and how this can have a large positive impact on food-waste and encourage much-needed data sharing.

Related papers

• LinSATNet: The Positive Linear Satisfiability Neural Networks [116.65291739666303]
  This paper studies how to introduce the popular positive linear satisfiability to neural networks. We propose the first differentiable satisfiability layer based on an extension of the classic Sinkhorn algorithm for jointly encoding multiple sets of marginal distributions.
  arXiv  Detail & Related papers  (2024-07-18T22:05:21Z)
• Verified Neural Compressed Sensing [58.98637799432153]
  We develop the first (to the best of our knowledge) provably correct neural networks for a precise computational task. We show that for modest problem dimensions (up to 50), we can train neural networks that provably recover a sparse vector from linear and binarized linear measurements. We show that the complexity of the network can be adapted to the problem difficulty and solve problems where traditional compressed sensing methods are not known to provably work.
  arXiv  Detail & Related papers  (2024-05-07T12:20:12Z)
• Efficient Privacy-Preserving Convolutional Spiking Neural Networks with FHE [1.437446768735628]
  Homomorphic Encryption (FHE) is a key technology for privacy-preserving computation. FHE has limitations in processing continuous non-polynomial functions. We present a framework called FHE-DiCSNN for homomorphic SNNs. FHE-DiCSNN achieves an accuracy of 97.94% on ciphertexts, with a loss of only 0.53% compared to the original network's accuracy of 98.47%.
  arXiv  Detail & Related papers  (2023-09-16T15:37:18Z)
• Deep Neural Networks for Encrypted Inference with TFHE [0.0]
  Fully homomorphic encryption (FHE) is an encryption method that allows to perform computation on encrypted data, without decryption. TFHE preserves the privacy of the users of online services that handle sensitive data, such as health data, biometrics, credit scores and other personal information. We show how to construct Deep Neural Networks (DNNs) that are compatible with the constraints of TFHE, an FHE scheme that allows arbitrary depth computation circuits.
  arXiv  Detail & Related papers  (2023-02-13T09:53:31Z)
• Deep Binary Reinforcement Learning for Scalable Verification [44.44006029119672]
  We present an RL algorithm tailored specifically for binarized neural networks (BNNs) After training BNNs for the Atari environments, we verify robustness properties.
  arXiv  Detail & Related papers  (2022-03-11T01:20:23Z)
• SoK: Privacy-preserving Deep Learning with Homomorphic Encryption [2.9069679115858755]
  homomorphic encryption (HE) can be performed on encrypted data without revealing its content. We take an in-depth look at approaches that combine neural networks with HE for privacy preservation. We find numerous challenges to HE based privacy-preserving deep learning such as computational overhead, usability, and limitations posed by the encryption schemes.
  arXiv  Detail & Related papers  (2021-12-23T22:03:27Z)
• TenSEAL: A Library for Encrypted Tensor Operations Using Homomorphic Encryption [0.0]
  We present TenSEAL, an open-source library for Privacy-Preserving Machine Learning using Homomorphic Encryption. We show that an encrypted convolutional neural network can be evaluated in less than a second, using less than half a megabyte of communication.
  arXiv  Detail & Related papers  (2021-04-07T14:32:38Z)
• Online Limited Memory Neural-Linear Bandits with Likelihood Matching [53.18698496031658]
  We study neural-linear bandits for solving problems where both exploration and representation learning play an important role. We propose a likelihood matching algorithm that is resilient to catastrophic forgetting and is completely online.
  arXiv  Detail & Related papers  (2021-02-07T14:19:07Z)
• Overcoming Catastrophic Forgetting in Graph Neural Networks [50.900153089330175]
  Catastrophic forgetting refers to the tendency that a neural network "forgets" the previous learned knowledge upon learning new tasks. We propose a novel scheme dedicated to overcoming this problem and hence strengthen continual learning in graph neural networks (GNNs) At the heart of our approach is a generic module, termed as topology-aware weight preserving(TWP)
  arXiv  Detail & Related papers  (2020-12-10T22:30:25Z)
• CryptoSPN: Privacy-preserving Sum-Product Network Inference [84.88362774693914]
  We present a framework for privacy-preserving inference of sum-product networks (SPNs) CryptoSPN achieves highly efficient and accurate inference in the order of seconds for medium-sized SPNs.
  arXiv  Detail & Related papers  (2020-02-03T14:49:18Z)
• Approximation and Non-parametric Estimation of ResNet-type Convolutional Neural Networks [52.972605601174955]
  We show a ResNet-type CNN can attain the minimax optimal error rates in important function classes. We derive approximation and estimation error rates of the aformentioned type of CNNs for the Barron and H"older classes.
  arXiv  Detail & Related papers  (2019-03-24T19:42:39Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.