CryptoRNN - Privacy-Preserving Recurrent Neural Networks Using Homomorphic Encryption

Maya Bakshi, Mark Last

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

15 Scopus citations

Abstract

Recurrent Neural Networks (RNNs) are used extensively for mining sequential datasets. However, performing inference over an RNN model requires the data owner to expose his or her raw data to the machine learning service provider. Homomorphic encryption allows calculations to be performed on ciphertexts, where the decrypted result is the same as if the calculation has been made directly on the plaintext. In this research, we suggest a Privacy-Preserving RNN–based inference system using homomorphic encryption. We preserve the functionality of RNN and its ability to make the same predictions on sequential data, within the limitations of homomorphic encryption, as those obtained for plaintext on the same RNN model. In order to achieve this goal, we need to address two main issues. First, the noise increase between successive calculations and second, the inability of homomorphic encryption to work with the most popular activation functions for neural networks (sigmoid, ReLU and tanh). In this paper, we suggest several methods to handle both issues and discuss the trade-offs between the proposed methods. We use several benchmark datasets to compare the encrypted and unencrypted versions of the same RNN in terms of accuracy, performance, and data traffic.

Original languageEnglish
Title of host publicationCyber Security Cryptography and Machine Learning - 4th International Symposium, CSCML 2020, Proceedings
EditorsShlomi Dolev, Gera Weiss, Vladimir Kolesnikov, Sachin Lodha
PublisherSpringer
Pages245-253
Number of pages9
ISBN (Print)9783030497842
DOIs
StatePublished - 1 Jan 2020
Event4th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2020 - Beersheba, Israel
Duration: 2 Jul 20203 Jul 2020

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12161 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference4th International Symposium on Cyber Security Cryptography and Machine Learning, CSCML 2020
Country/TerritoryIsrael
CityBeersheba
Period2/07/203/07/20

Keywords

  • Data privacy
  • Encrypted machine learning
  • Encrypted recurrent neural netwroks
  • Homomorphic encryption
  • Privacy preserving machine learning
  • Privacy preserving recurrent neural networks

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'CryptoRNN - Privacy-Preserving Recurrent Neural Networks Using Homomorphic Encryption'. Together they form a unique fingerprint.

Cite this