Skip to main content
Book cover

International Workshop on Digital Watermarking

IWDW 2018: Digital Forensics and Watermarking pp 322–336Cite as

Secure Multilayer Perceptron Based on Homomorphic Encryption

Part of the Lecture Notes in Computer Science book series (LNSC,volume 11378)

Abstract

In this work, we propose an outsourced Secure Multilayer Perceptron (SMLP) scheme where privacy and confidentiality of the data and the model are ensured during its training and the classification phases. More clearly, this SMLP: (i) can be trained by a cloud server based on data previously outsourced by a user in an homomorphically encrypted form; its parameters are homomorphically encrypted giving thus no clues about them to the cloud; and (ii) can also be used for classifying new encrypted data sent by the user while returning him the encrypted classification result. The originality of this scheme is threefold: To the best of our knowledge, it is the first multilayer perceptron (MLP) secured homomorphically in its training phase with no problem of convergence. It does not require extra-communications with the user. And, is based on the Rectified Linear Unit (ReLU) activation function that we secure with no approximation contrarily to actual SMLP solutions. To do so, we take advantage of two semi-honest non-colluding servers. Experimental results carried out on a binary database encrypted with the Paillier cryptosystem demonstrate the overall performance of our scheme and its convergence.

Keywords

  • Secure neural network
  • Multilayer perceptron
  • Homomorphic encryption
  • Cloud computing

This work has received a French government support granted to the CominLabs excellence laboratory and managed by the National Research Agency in the “Investing for the Future” program under reference ANR0LABX0701, and to the ANR project INSHARE, ANR15CE1002402.

This is a preview of subscription content, access via your institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-11389-6_24
  • Chapter length: 15 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
eBook
USD   59.99
Price excludes VAT (USA)
  • ISBN: 978-3-030-11389-6
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   79.99
Price excludes VAT (USA)
Learn about institutional subscriptions
Fig. 1.
Fig. 2.
Fig. 3.

References

  1. Aono, Y., Hayashi, T., Wang, L., Moriai, S., et al.: Privacy-preserving deep learning via additively homomorphic encryption. IEEE Trans. Inf. Forensics Secur. 13(5), 1333–1345 (2018)

    CrossRef  Google Scholar 

  2. Bellafqira, R., Coatrieux, G., Bouslimi, D., Quellec, G.: Content-based image retrieval in homomorphic encryption domain. In: 2015 37th Annual International Conference of the IEEE Engineering in Medicine and Biology Society (EMBC), pp. 2944–2947. IEEE (2015)

    Google Scholar 

  3. Bellafqira, R., Coatrieux, G., Bouslimi, D., Quellec, G.: An end to end secure CBIR over encrypted medical database. In: 2016 IEEE 38th Annual International Conference of the Engineering in Medicine and Biology Society (EMBC), pp. 2537–2540. IEEE (2016)

    Google Scholar 

  4. Bellafqira, R., Coatrieux, G., Bouslimi, D., Quellec, G., Cozic, M.: Proxy re-encryption based on homomorphic encryption. In: Proceedings of the 33rd Annual Computer Security Applications Conference, pp. 154–161. ACM (2017)

    Google Scholar 

  5. Bost, R., Popa, R.A., Tu, S., Goldwasser, S.: Machine learning classification over encrypted data. In: NDSS (2015)

    Google Scholar 

  6. Bouslimi, D., Bellafqira, R., Coatrieux, G.: Data hiding in homomorphically encrypted medical images for verifying their reliability in both encrypted and spatial domains. In: 2016 IEEE 38th Annual International Conference of the Engineering in Medicine and Biology Society (EMBC), pp. 2496–2499. IEEE (2016)

    Google Scholar 

  7. Castellano, G., Fanelli, A.M.: Variable selection using neural-network models. Neurocomputing 31(1), 1–13 (2000)

    CrossRef  Google Scholar 

  8. Chabanne, H., de Wargny, A., Milgram, J., Morel, C., Prouff, E.: Privacy-preserving classification on deep neural network. IACR Cryptol. ePrint Archive 2017, 35 (2017)

    Google Scholar 

  9. Decencière, E., et al.: TeleOphta: machine learning and image processing methods for teleophthalmology. IRBM 34(2), 196–203 (2013)

    CrossRef  Google Scholar 

  10. Ding, W., Yan, Z., Deng, R.H.: Encrypted data processing with homomorphic re-encryption. Inf. Sci. 409, 35–55 (2017)

    CrossRef  Google Scholar 

  11. Glorot, X., Bordes, A., Bengio, Y.: Deep sparse rectifier neural networks. In: Proceedings of the Fourteenth International Conference on Artificial Intelligence and Statistics, pp. 315–323 (2011)

    Google Scholar 

  12. Goldreich, O.: Foundations of Cryptography. Basic Applications, vol. 2. Cambridge University Press, New York (2009)

    Google Scholar 

  13. Hsu, C.Y., Lu, C.S., Pei, S.C.: Image feature extraction in encrypted domain with privacy-preserving sift. IEEE Trans. Image Process. 21(11), 4593–4607 (2012)

    CrossRef  MathSciNet  Google Scholar 

  14. Huang, Y., Evans, D., Katz, J., Malka, L.: Faster secure two-party computation using garbled circuits. In: USENIX Security Symposium, vol. 201 (2011)

    Google Scholar 

  15. Kerschbaum, F., Biswas, D., de Hoogh, S.: Performance comparison of secure comparison protocols. In: 20th International Workshop on Database and Expert Systems Application, pp. 133–136. IEEE (2009)

    Google Scholar 

  16. Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_16

    CrossRef  Google Scholar 

  17. Schlitter, N.: A protocol for privacy preserving neural network learning on horizontal partitioned data. In: PSD (2008)

    Google Scholar 

  18. Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: Proceedings of the 22nd ACM SIGSAC conference on computer and communications security, pp. 1310–1321. ACM (2015)

    Google Scholar 

  19. Veugen, T.: Encrypted integer division. In: 2010 IEEE International Workshop on Information Forensics and Security (WIFS), pp. 1–6. IEEE (2010)

    Google Scholar 

  20. Wu, F., Zhong, H., Shi, R., Huang, H.: Secure two-party computation of the quadratic function’s extreme minimal value. In: 2012 9th International Conference on Fuzzy Systems and Knowledge Discovery (FSKD), pp. 2975–2978. IEEE (2012)

    Google Scholar 

  21. Xie, P., Bilenko, M., Finley, T., Gilad-Bachrach, R., Lauter, K., Naehrig, M.: Crypto-nets: Neural networks over encrypted data. arXiv preprint arXiv:1412.6181 (2014)

  22. Zheng, S., et al.: Asynchronous stochastic gradient descent with delay compensation. arXiv preprint arXiv:1609.08326 (2016)

Download references

Author information

Authors and Affiliations

  1. IMT Atlantique, 655 Avenue du Technopole, 29200, Plouzane, France

    Reda Bellafqira & Gouenou Coatrieux

  2. Unit INSERM 1101 Latim, 29238, Brest Cedex, France

    Reda Bellafqira, Gouenou Coatrieux & Emmanuelle Genin

  3. MED.e.COM, 29470, Plougastel Daoulas, France

    Michel Cozic

Authors
  1. Reda Bellafqira
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Gouenou Coatrieux
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Emmanuelle Genin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Michel Cozic
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reda Bellafqira .

Editor information

Editors and Affiliations

  1. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    Chang D. Yoo

  2. New Jersey Institute of Technology, Newark, NJ, USA

    Yun-Qing Shi

  3. Korea University, Seoul, Korea (Republic of)

    Hyoung Joong Kim

  4. University of Florence, Florence, Italy

    Alessandro Piva

  5. Korea Advanced Institute of Science and Technology, Daejeon, Korea (Republic of)

    Gwangsu Kim

Rights and permissions

Reprints and Permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Bellafqira, R., Coatrieux, G., Genin, E., Cozic, M. (2019). Secure Multilayer Perceptron Based on Homomorphic Encryption. In: Yoo, C., Shi, YQ., Kim, H., Piva, A., Kim, G. (eds) Digital Forensics and Watermarking. IWDW 2018. Lecture Notes in Computer Science(), vol 11378. Springer, Cham. https://doi.org/10.1007/978-3-030-11389-6_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-11389-6_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-11388-9

  • Online ISBN: 978-3-030-11389-6

  • eBook Packages: Computer ScienceComputer Science (R0)