More Practical Privacy-Preserving Machine Learning as A Service via Efficient Secure Matrix Multiplication

An efficient secure two-party computation protocol of matrix multiplication allows privacy-preserving cloud-aid machine learning services such as face recognition and traffic-aware navigation. We use homomorphic encryption to construct a secure matrix multiplication protocol with a small communication overhead and computation overhead on the client's side, which works particularly well when a large number of clients access to the server simultaneously. The fastest secure matrix multiplication protocols have been constructed using tools such as oblivious transfer, but a potential limitation of these methods is the needs of using a wide network bandwidth between the client and the server, e.g., 10~Gbps. This is of particular concern when thousands of clients interact with the server concurrently. Under this setting, the performance oblivious transfer-based methods will decrease significantly, since the server can only allocate a small ratio of its outgoing bandwidth for each client. With three proposed optimizations, our matrix multiplication protocol can run very fast even under the high concurrent setting. Our benchmarks show that it takes an Amazon instance (i.e., 72 CPUs and 25 Gbps outgoing bandwidth) less than 50 seconds to complete 1000 concurrent secure matrix multiplications with $128\times 128$ entries. In addition, our method reduces more than $74% - 97%$ of the precomputation time of two privacy-preserving machine learning frameworks, SecureML (S&P'17) and MiniONN (CCS'17).

[1]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[2]  Silvio Micali,et al.  Probabilistic encryption & how to play mental poker keeping secret all partial information , 1982, STOC '82.

[3]  Alex J. Malozemoff,et al.  Efficiently Enforcing Input Validity in Secure Two-party Computation , 2016, IACR Cryptol. ePrint Arch..

[4]  Jun Sakuma,et al.  Using Fully Homomorphic Encryption for Statistical Analysis of Categorical, Ordinal and Numerical Data , 2016, NDSS.

[5]  Masaya Yasuda,et al.  Efficient Secure Matrix Multiplication Over LWE-Based Homomorphic Encryption , 2016 .

[6]  Andrew Chi-Chih Yao,et al.  Protocols for secure computations , 1982, FOCS 1982.

[7]  Farinaz Koushanfar,et al.  Chameleon: A Hybrid Secure Computation Framework for Machine Learning Applications , 2018, IACR Cryptol. ePrint Arch..

[8]  Stratis Ioannidis,et al.  Privacy-preserving matrix factorization , 2013, CCS.

[9]  Takeshi Koshiba,et al.  Secure pattern matching using somewhat homomorphic encryption , 2013, CCSW.

[10]  Kartik Nayak,et al.  ObliVM: A Programming Framework for Secure Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[11]  Yehuda Lindell,et al.  More efficient oblivious transfer and extensions for faster secure computation , 2013, CCS.

[12]  John C. Mitchell,et al.  Privacy-Preserving Shortest Path Computation , 2016, NDSS.

[13]  Ivan Damgård,et al.  A correction to 'efficient and secure comparison for on-line auctions' , 2009, Int. J. Appl. Cryptogr..

[14]  Donald Beaver,et al.  Precomputing Oblivious Transfer , 1995, CRYPTO.

[15]  Mariana Raykova,et al.  Privacy-Preserving Distributed Linear Regression on High-Dimensional Data , 2017, Proc. Priv. Enhancing Technol..

[16]  Michael Naehrig,et al.  CryptoNets: applying neural networks to encrypted data with high throughput and accuracy , 2016, ICML 2016.

[17]  Frederik Vercauteren,et al.  Somewhat Practical Fully Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[18]  John V. Guttag,et al.  A comparison of non-symmetric entropy-based classification trees and support vector machine for cardiovascular risk stratification , 2011, 2011 Annual International Conference of the IEEE Engineering in Medicine and Biology Society.

[19]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[20]  David Evans,et al.  Two Halves Make a Whole - Reducing Data Transfer in Garbled Circuits Using Half Gates , 2015, EUROCRYPT.

[21]  Frederik Vercauteren,et al.  Fully homomorphic SIMD operations , 2012, Designs, Codes and Cryptography.

[22]  Vinod Vaikuntanathan,et al.  Can homomorphic encryption be practical? , 2011, CCSW '11.

[23]  Masaya Yasuda,et al.  Enhancement for Secure Multiple Matrix Multiplications over Ring-LWE Homomorphic Encryption , 2017, ISPEC.

[24]  Yuval Ishai,et al.  How to Garble Arithmetic Circuits , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[25]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[26]  Ivan Damgård,et al.  Multiparty Computation from Somewhat Homomorphic Encryption , 2012, IACR Cryptol. ePrint Arch..

[27]  Yao Lu,et al.  Oblivious Neural Network Predictions via MiniONN Transformations , 2017, IACR Cryptol. ePrint Arch..

[28]  Stefan Katzenbeisser,et al.  Privacy-Preserving Face Recognition , 2009, Privacy Enhancing Technologies.

[29]  Michael Zohner,et al.  ABY - A Framework for Efficient Mixed-Protocol Secure Two-Party Computation , 2015, NDSS.

[30]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[31]  Ahmad-Reza Sadeghi,et al.  TinyGarble: Highly Compressed and Scalable Sequential Garbled Circuits , 2015, 2015 IEEE Symposium on Security and Privacy.

[32]  Hao Chen,et al.  Simple Encrypted Arithmetic Library - SEAL v2.1 , 2016, Financial Cryptography Workshops.

[33]  Vladimir Kolesnikov,et al.  Improved Garbled Circuit: Free XOR Gates and Applications , 2008, ICALP.

[34]  Jun Sakuma,et al.  Privacy-preserving genome-wide association studies on cloud environment using fully homomorphic encryption , 2015, BMC Medical Informatics and Decision Making.

[35]  Yuchen Zhang,et al.  HEALER: homomorphic computation of ExAct Logistic rEgRession for secure rare disease variants analysis in GWAS , 2015, Bioinform..

[36]  S. Rajsbaum Foundations of Cryptography , 2014 .

[37]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[38]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[39]  Alex Krizhevsky,et al.  Learning Multiple Layers of Features from Tiny Images , 2009 .

[40]  Payman Mohassel,et al.  SecureML: A System for Scalable Privacy-Preserving Machine Learning , 2017, 2017 IEEE Symposium on Security and Privacy (SP).

[41]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[42]  Shai Halevi,et al.  Algorithms in HElib , 2014, CRYPTO.