Doing Real Work with FHE: The Case of Logistic Regression

We describe our recent experience, building a system that uses fully-homomorphic encryption (FHE) to approximate the coefficients of a logistic-regression model, built from genomic data. The aim of this project was to examine the feasibility of a solution that operates "deep within the bootstrapping regime,'' solving a problem that appears too hard to be addressed just with somewhat-homomorphic encryption. As part of this project, we implemented optimized versions of many bread and butter FHE tools. These tools include binary arithmetic, comparisons, partial sorting, and low-precision approximation of arbitrary functions (used for reciprocals, logarithms, etc.). Our solution can handle thousands of records and hundreds of fields, and it takes a few hours to run. To achieve this performance we had to be extremely frugal with expensive bootstrapping and data-movement operations. We believe that our experience in this project could serve as a guide for what is or is not currently feasible to do with fully-homomorphic encryption.

[1]  Benny Applebaum Randomized Encoding of Functions , 2014 .

[2]  Yong Feng,et al.  Homomorphically Encrypted Arithmetic Operations Over the Integer Ring , 2016, ISPEC.

[3]  Richard M. Karp,et al.  Parallel Algorithms for Shared-Memory Machines , 1991, Handbook of Theoretical Computer Science, Volume A: Algorithms and Complexity.

[4]  Payman Mohassel,et al.  SecureML: A System for Scalable Privacy-Preserving Machine Learning , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[5]  Craig Gentry,et al.  Private Database Queries Using Somewhat Homomorphic Encryption , 2013, ACNS.

[6]  Victor Shoup,et al.  A computational introduction to number theory and algebra , 2005 .

[7]  Léo Ducas,et al.  FHEW: Bootstrapping Homomorphic Encryption in Less Than a Second , 2015, EUROCRYPT.

[8]  Craig Gentry,et al.  Private Database Access with HE-over-ORAM Architecture , 2015, ACNS.

[9]  Srinivas Vivek,et al.  Fixed-Point Arithmetic in SHE Schemes , 2016, SAC.

[10]  Jung Hee Cheon,et al.  Homomorphic Encryption for Arithmetic of Approximate Numbers , 2017, ASIACRYPT.

[11]  Yuchen Zhang,et al.  HEALER: homomorphic computation of ExAct Logistic rEgRession for secure rare disease variants analysis in GWAS , 2015, Bioinform..

[12]  Jung Hee Cheon,et al.  Search-and-compute on Encrypted Data , 2015, IACR Cryptol. ePrint Arch..

[13]  Hao Chen,et al.  Simple Encrypted Arithmetic Library - SEAL v2.1 , 2016, Financial Cryptography Workshops.

[14]  Michael Naehrig,et al.  CryptoNets: applying neural networks to encrypted data with high throughput and accuracy , 2016, ICML 2016.

[15]  Shai Halevi,et al.  Bootstrapping for HElib , 2015, EUROCRYPT.

[16]  Tancrède Lepoint,et al.  On the Minimal Number of Bootstrappings in Homomorphic Circuits , 2013, Financial Cryptography Workshops.

[17]  Xiaoqian Jiang,et al.  Secure Logistic Regression based on Homomorphic Encryption , 2018, IACR Cryptol. ePrint Arch..

[18]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[19]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[20]  Nicolas Gama,et al.  Faster Packed Homomorphic Operations and Efficient Circuit Bootstrapping for TFHE , 2017, ASIACRYPT.

[21]  Yoshinori Aono,et al.  Privacy-Preserving Logistic Regression with Distributed Data Sources via Homomorphic Encryption , 2016, IEICE Trans. Inf. Syst..

[22]  Zvika Brakerski,et al.  Fully Homomorphic Encryption without Modulus Switching from Classical GapSVP , 2012, CRYPTO.

[23]  Vinod Vaikuntanathan,et al.  SHIELD: Scalable Homomorphic Implementation of Encrypted Data-Classifiers , 2015, IEEE Transactions on Computers.

[24]  Shai Halevi,et al.  Algorithms in HElib , 2014, CRYPTO.

[25]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.