Abstract
There has been increasing interest in developing privacy-preserving algorithms for evaluating machine learning (ML) models. With the advancement of cloud computing, it is now possible for model owners to host their trained ML models on a cloud server and offer cloud computing solutions on different ML tasks to users (clients). Thus private evaluation of ML models is an attractive area of research as it allows solution providers to protect their propriety ML models and users to protect their sensitive data while using cloud computing solutions. In this work, we propose an algorithm to privately evaluate a decision tree. We examine current state-of-the-art private evaluation protocols and present a solution that is sublinear in tree size and linear in tree depth. The key feature of our proposal is that it is entirely based on secret sharing and thus there are no computational costs associated with heavy cryptographic primitives such as modular exponentiation. We propose a new method to privately index arrays that avoids the use of public/symmetric key cryptosystem, typically associated with private array indexing protocols. The results of our experiments show that our solution has a low communication cost compared to existing methods (lower by a factor of \(\approx \)10 in the online phase), and demonstrate a faster runtime at low network latency (such as LAN network). We conclude by suggesting improvement to our protocol and proposing potential areas of future research.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Amazon: Amazon web services. https://aws.amazon.com/
Beaver, D.: Efficient multiparty protocols using circuit randomization. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 420–432. Springer, Heidelberg (1992). https://doi.org/10.1007/3-540-46766-1_34
Beaver, D.: Commodity-based cryptography. In: Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, pp. 446–455 (1997)
Beaver, D., Micali, S., Rogaway, P.: The round complexity of secure protocols. In: Proceedings of the Twenty-Second Annual ACM Symposium on Theory of Computing, pp. 503–513 (1990)
Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 1–10. ACM (1988)
Bertilsson, M., Ingemarsson, I.: A construction of practical secret sharing schemes using linear block codes. In: Seberry, J., Zheng, Y. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 67–79. Springer, Heidelberg (1993). https://doi.org/10.1007/3-540-57220-1_53
Bogdanov, D., Jagomägis, R., Laur, S.: A universal toolkit for cryptographically secure privacy-preserving data mining. In: Chau, M., Wang, G.A., Yue, W.T., Chen, H. (eds.) PAISI 2012. LNCS, vol. 7299, pp. 112–126. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30428-6_9
Bost, R., Popa, R.A., Tu, S., Goldwasser, S.: Machine learning classification over encrypted data. Cryptology ePrint Archive (2014)
Canetti, R.: Universally composable security: a new paradigm for cryptographic protocols. In: Proceedings 42nd IEEE Symposium on Foundations of Computer Science, pp. 136–145. IEEE (2001)
Catrina, O., de Hoogh, S.: Improved primitives for secure multiparty integer computation. In: Garay, J.A., De Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 182–199. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-15317-4_13
Catrina, O., Saxena, A.: Secure computation with fixed-point numbers. In: Sion, R. (ed.) FC 2010. LNCS, vol. 6052, pp. 35–50. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14577-3_6
Chaum, D., Crépeau, C., Damgard, I.: Multiparty unconditionally secure protocols. In: Proceedings of the Twentieth Annual ACM Symposium on Theory of Computing, pp. 11–19 (1988)
Damgård, I., Fitzi, M., Kiltz, E., Nielsen, J.B., Toft, T.: Unconditionally secure constant-rounds multi-party computation for equality, comparison, bits and exponentiation. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 285–304. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_15
Damgård, I., Geisler, M., Krøigaard, M.: Efficient and secure comparison for on-line auctions. In: Pieprzyk, J., Ghodosi, H., Dawson, E. (eds.) ACISP 2007. LNCS, vol. 4586, pp. 416–430. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-73458-1_30
Damgård, I., Geisler, M., Krøigaard, M.: A correction to “efficient and secure comparison for on-line auctions. Cryptology EPrint Archive (2008)
Damgard, I., Geisler, M., Kroigard, M.: Homomorphic encryption and secure comparison. Int. J. Appl. Cryptography 1(1), 22–31 (2008)
Damgård, I., Thorbek, R.: Non-interactive proofs for integer multiplication. In: Naor, M. (ed.) EUROCRYPT 2007. LNCS, vol. 4515, pp. 412–429. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-72540-4_24
De Cock, M., Dowsley, R., Horst, C., Katti, R., Nascimento, A.C., Poon, W.S., Truex, S.: Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation. IEEE Trans. Dependable Secure Comput. 16(2), 217–230 (2017)
learn developers, S.: Scikit-learn: Machine learning in Python. https://scikit-learn.org/stable/index.html
van Dijk, M.: A linear construction of secret sharing schemes. Des. Codes Cryptography 12(2), 161–201 (1997)
Dua, D., Graff, C.: UCI machine learning repository (2017). http://archive.ics.uci.edu/ml
Garay, J., Schoenmakers, B., Villegas, J.: Practical and secure solutions for integer comparison. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 330–342. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71677-8_22
Goldreich, O.: Foundations of cryptography: volume 2, basic applications. Cambridge University Press (2009)
Google: Google cloud. https://cloud.google.com/
Heikamp, K., Bajorath, J.: Support vector machines for drug discovery. Expert Opin. Drug Discov. 9(1), 93–104 (2014)
Hoang, T., Ozkaptan, C.D., Yavuz, A.A., Guajardo, J., Nguyen, T.: S3oram: a computation-efficient and constant client bandwidth blowup oram with shamir secret sharing. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 491–505 (2017)
Ito, M., Saito, A., Nishizeki, T.: Secret sharing scheme realizing general access structure. Electron. Commun. Japan (Part III: Fundamental Electron. Sci.) 72(9), 56–64 (1989)
Kamara, S., Mohassel, P., Raykova, M.: Outsourcing multi-party computation. Cryptology ePrint Archive (2011)
Kiss, Á., Naderpour, M., Liu, J., Asokan, N., Schneider, T.: Sok: modular and efficient private decision tree evaluation. Proc. Privacy Enhancing Technol. 2019(2), 187–208 (2019)
Knuth, D.E.: The art of computer programming. volume 1: Fundamental algorithms. volume 2: Seminumerical algorithms. Bull. Amer. Math. Soc. (1997)
Kolesnikov, V., Schneider, T.: Improved garbled circuit: free XOR gates and applications. In: Aceto, L., Damgård, I., Goldberg, L.A., Halldórsson, M.M., Ingólfsdóttir, A., Walukiewicz, I. (eds.) ICALP 2008. LNCS, vol. 5126, pp. 486–498. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-70583-3_40
Ma, J.P., Tai, R.K., Zhao, Y., Chow, S.S.: Let’s stride blindfolded in a forest: sublinear multi-client decision trees evaluation. In: NDSS (2021)
Maheswari, S., Pitchai, R.: Heart disease prediction system using decision tree and naive bayes algorithm. Current Med. Imaging 15(8), 712–717 (2019)
Micali, S., Goldreich, O., Wigderson, A.: How to play any mental game. In: Proceedings of the Nineteenth ACM Symposium on Theory of Computing, STOC, pp. 218–229. ACM (1987)
Microsoft: Microsoft azure. https://azure.microsoft.com/
Mohassel, P., Orobets, O., Riva, B.: Efficient server-aided 2pc for mobile phones. Proc. Priv. Enhancing Technol. 2016(2), 82–99 (2016)
Nishide, T., Ohta, K.: Multiparty computation for interval, equality, and comparison without bit-decomposition protocol. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 343–360. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-71677-8_23
Reistad, T.I., Toft, T.: Secret sharing comparison by transformation and rotation. In: Desmedt, Y. (ed.) ICITS 2007. LNCS, vol. 4883, pp. 169–180. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-10230-1_14
Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)
Sudo, H., Nuida, K., Shimizu, K.: An efficient private evaluation of a decision graph. In: Lee, K. (ed.) ICISC 2018. LNCS, vol. 11396, pp. 143–160. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-12146-4_10
Tai, R.K.H., Ma, J.P.K., Zhao, Y., Chow, S.S.M.: Privacy-Preserving Decision Trees Evaluation via Linear Functions. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 494–512. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-66399-9_27
Tueno, A., Kerschbaum, F., Katzenbeisser, S.: Private evaluation of decision trees using sublinear cost. Proc. Priv. Enhancing Technol. 2019(1), 266–286 (2019)
Veugen, T., Blom, F., de Hoogh, S.J., Erkin, Z.: Secure comparison protocols in the semi-honest model. IEEE J. Sel. Top. Sig. Process. 9(7), 1217–1228 (2015)
Watanabe, T., Iwamura, K., Kaneda, K.: Secrecy multiplication based on a (k, n)-threshold secret-sharing scheme using only k servers. In: Computer Science and its Applications, pp. 107–112. Springer, Cham (2015)
Wu, D.J., Feng, T., Naehrig, M., Lauter, K.: Privately evaluating decision trees and random forests. Cryptology ePrint Archive (2015)
Xuan, P., Sun, C., Zhang, T., Ye, Y., Shen, T., Dong, Y.: Gradient boosting decision tree-based method for predicting interactions between target genes and drugs. Front. Genet. 10, 459 (2019)
Yao, A.C.: Protocols for secure computations. In: 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982), pp. 160–164. IEEE (1982)
Yao, A.C.C.: How to generate and exchange secrets. In: 27th Annual Symposium on Foundations of Computer Science (sfcs 1986), pp. 162–167. IEEE (1986)
Zahur, S., Rosulek, M., Evans, D.: Two Halves Make a Whole. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 220–250. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-46803-6_8
Zheng, Y., Duan, H., Wang, C.: Towards secure and efficient outsourcing of machine learning classification. In: European Symposium on Research in Computer Security, pp. 22–40. Springer (2019)
Acknowledgment
This work was supported in part by MEXT/JSPS KAKENHI Grant Number 19K12209 and 21H05052. The authors would like to thank Prof. Kunihiko Sadakane for his valuable comments during the design of the protocol.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Ahmed, M.N., Shimizu, K. (2023). Private Evaluation of a Decision Tree Based on Secret Sharing. In: Seo, SH., Seo, H. (eds) Information Security and Cryptology – ICISC 2022. ICISC 2022. Lecture Notes in Computer Science, vol 13849. Springer, Cham. https://doi.org/10.1007/978-3-031-29371-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-29371-9_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-29370-2
Online ISBN: 978-3-031-29371-9
eBook Packages: Computer ScienceComputer Science (R0)