Skip to main content
SpringerLink
Log in

CryptoRNN - Privacy-Preserving Recurrent Neural Networks Using Homomorphic Encryption

  • Conference paper
  • First Online:
Cyber Security Cryptography and Machine Learning (CSCML 2020)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12161))

Abstract

Recurrent Neural Networks (RNNs) are used extensively for mining sequential datasets. However, performing inference over an RNN model requires the data owner to expose his or her raw data to the machine learning service provider. Homomorphic encryption allows calculations to be performed on ciphertexts, where the decrypted result is the same as if the calculation has been made directly on the plaintext. In this research, we suggest a Privacy-Preserving RNN–based inference system using homomorphic encryption. We preserve the functionality of RNN and its ability to make the same predictions on sequential data, within the limitations of homomorphic encryption, as those obtained for plaintext on the same RNN model. In order to achieve this goal, we need to address two main issues. First, the noise increase between successive calculations and second, the inability of homomorphic encryption to work with the most popular activation functions for neural networks (sigmoid, ReLU and tanh). In this paper, we suggest several methods to handle both issues and discuss the trade-offs between the proposed methods. We use several benchmark datasets to compare the encrypted and unencrypted versions of the same RNN in terms of accuracy, performance, and data traffic.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Microsoft SEAL (release 3.3): Microsoft Research, Redmond, WA, June 2019

    Google Scholar 

  2. Cheon, J.H., Han, K., Kim, A., Kim, M., Song, Y.: A full RNS variant of approximate homomorphic encryption. In: Cid, C., Jacobson Jr., M. (eds.) SAC 2018. LNCS, vol. 11349, pp. 347–368. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-10970-7_16

    Chapter  Google Scholar 

  3. Melissa, C.: Security of homomorphic encryption. Technical report, HomomorphicEncryption.org, Redmond WA, USA (2017)

    Google Scholar 

  4. Occupancy detection data set. https://archive.ics.uci.edu/ml/datasets

  5. Activity recognition with healthy older people using a batteryless wearable sensor data set. https://archive.ics.uci.edu/ml/datasets

  6. Wall-following robot navigation data data set. https://archive.ics.uci.edu/ml/datasets

  7. Eeg eye state data set. https://archive.ics.uci.edu/ml/datasets

Download references

Author information

Authors and Affiliations

  1. Ben-Gurion University of the Negev, 84105, Beer-Sheva, Israel

    Maya Bakshi & Mark Last

Authors
  1. Maya Bakshi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mark Last
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mark Last .

Editor information

Editors and Affiliations

  1. Department of Computer Science, Ben-Gurion University of the Negev, Be'er Sheva, Israel

    Shlomi Dolev

  2. School of Computer Science, Georgia Institute of Technology, Atlanta, GA, USA

    Vladimir Kolesnikov

  3. Tata Consultancy Services, Chennai, Tamil Nadu, India

    Sachin Lodha

  4. Department of Computer Science, Ben-Gurion University of the Negev, Be'er Sheva, Israel

    Gera Weiss

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bakshi, M., Last, M. (2020). CryptoRNN - Privacy-Preserving Recurrent Neural Networks Using Homomorphic Encryption. In: Dolev, S., Kolesnikov, V., Lodha, S., Weiss, G. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2020. Lecture Notes in Computer Science(), vol 12161. Springer, Cham. https://doi.org/10.1007/978-3-030-49785-9_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-49785-9_16

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-49784-2

  • Online ISBN: 978-3-030-49785-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation