Abstract
Recurrent Neural Networks (RNNs) are used extensively for mining sequential datasets. However, performing inference over an RNN model requires the data owner to expose his or her raw data to the machine learning service provider. Homomorphic encryption allows calculations to be performed on ciphertexts, where the decrypted result is the same as if the calculation has been made directly on the plaintext. In this research, we suggest a Privacy-Preserving RNN–based inference system using homomorphic encryption. We preserve the functionality of RNN and its ability to make the same predictions on sequential data, within the limitations of homomorphic encryption, as those obtained for plaintext on the same RNN model. In order to achieve this goal, we need to address two main issues. First, the noise increase between successive calculations and second, the inability of homomorphic encryption to work with the most popular activation functions for neural networks (sigmoid, ReLU and tanh). In this paper, we suggest several methods to handle both issues and discuss the trade-offs between the proposed methods. We use several benchmark datasets to compare the encrypted and unencrypted versions of the same RNN in terms of accuracy, performance, and data traffic.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Microsoft SEAL (release 3.3): Microsoft Research, Redmond, WA, June 2019
Cheon, J.H., Han, K., Kim, A., Kim, M., Song, Y.: A full RNS variant of approximate homomorphic encryption. In: Cid, C., Jacobson Jr., M. (eds.) SAC 2018. LNCS, vol. 11349, pp. 347–368. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-10970-7_16
Melissa, C.: Security of homomorphic encryption. Technical report, HomomorphicEncryption.org, Redmond WA, USA (2017)
Occupancy detection data set. https://archive.ics.uci.edu/ml/datasets
Activity recognition with healthy older people using a batteryless wearable sensor data set. https://archive.ics.uci.edu/ml/datasets
Wall-following robot navigation data data set. https://archive.ics.uci.edu/ml/datasets
Eeg eye state data set. https://archive.ics.uci.edu/ml/datasets
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Bakshi, M., Last, M. (2020). CryptoRNN - Privacy-Preserving Recurrent Neural Networks Using Homomorphic Encryption. In: Dolev, S., Kolesnikov, V., Lodha, S., Weiss, G. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2020. Lecture Notes in Computer Science(), vol 12161. Springer, Cham. https://doi.org/10.1007/978-3-030-49785-9_16
Download citation
DOI: https://doi.org/10.1007/978-3-030-49785-9_16
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-49784-2
Online ISBN: 978-3-030-49785-9
eBook Packages: Computer ScienceComputer Science (R0)