partially encrypted machine learning using functional
play

Partially Encrypted Machine Learning using Functional Encryption eo - PowerPoint PPT Presentation

Feb 10, 2024 •38 likes •418 views

Partially Encrypted Machine Learning using Functional Encryption eo Ryffel 1,2 Edouard Dufour-Sans 1 Romain Gay 1,3 Th Francis Bach 2,1 David Pointcheval 1,2 1 Ecole Normale Sup erieure 2 INRIA 3 UC Berkeley August 18, 2019 Table of

  1. Partially Encrypted Machine Learning using Functional Encryption eo Ryffel 1,2 Edouard Dufour-Sans 1 Romain Gay 1,3 Th´ Francis Bach 2,1 David Pointcheval 1,2 1 ´ Ecole Normale Sup´ erieure 2 INRIA 3 UC Berkeley August 18, 2019

  2. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  3. Functional Encryption Traditional PKE: all or nothing.

  4. Functional Encryption Traditional PKE: all or nothing. ◮ Have the key? Get the plaintext. ◮ Don’t have the key? Get nothing.

  5. Functional Encryption Traditional PKE: all or nothing. Functional Encryption: A new ◮ Have the key? paradigm . Get the plaintext. ◮ Don’t have the key? Get nothing.

  6. Functional Encryption Traditional PKE: all or nothing. Functional Encryption: A new ◮ Have the key? paradigm . Get the plaintext. Get a function of the cleartext. ◮ Don’t have the key? Get nothing.

  7. Functional Encryption Traditional PKE: all or nothing. Functional Encryption: A new ◮ Have the key? paradigm . Get the plaintext. Get a function of the cleartext. ◮ Don’t have the key? Function depends on the key . Get nothing.

  8. FE example sk f spam , sk f urgent pk I want to receive encrypted emails. I don’t want to be bothered with spam. Decrypt and send to my colleague if urgent. msk

  9. FE example Enc pk (”Cheap RayBans!!!”) sk f spam , sk f urgent pk I don’t know what it is but it’s spam! msk

  10. Security definitions pk LeftOrRight( x 0 , x 1 ) Enc( x b ) KeyDer( f ) sk f b ?

  11. Security definitions No cheating! f ( x 0 ) � = f ( x 1 ) pk LeftOrRight( x 0 , x 1 ) Enc( x b ) KeyDer( f ) sk f b ?

  12. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  13. Our contributions ◮ New Quadratic FE scheme; ◮ Python Implementation; ◮ Methodology for Thinking About Privacy in FE-ML; ◮ New Dataset; ◮ Collateral Learning Framework for Training Models in FE-ML.

  14. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  15. A New FE Scheme for Quadratic Forms ◮ Key sk Q gets you � x T Q � x from Enc ( � x ); ◮ Decryption 1 . 5 × faster than State-of-the-Art; ◮ Uses pairings. Secure in Generic Group Model;

  16. A New FE Scheme for Quadratic Forms ◮ Key sk Q gets you � x T Q � x from Enc ( � x ); ◮ Decryption 1 . 5 × faster than State-of-the-Art; ◮ Uses pairings. Secure in Generic Group Model; ◮ All group-based computational FE schemes require a discrete logarithm; ◮ Must ensure output has reasonably small entropy;

  17. A New FE Scheme for Quadratic Forms ◮ Key sk Q gets you � x T Q � x from Enc ( � x ); ◮ Decryption 1 . 5 × faster than State-of-the-Art; ◮ Uses pairings. Secure in Generic Group Model; ◮ All group-based computational FE schemes require a discrete logarithm; ◮ Must ensure output has reasonably small entropy; ◮ All DLOGs are in base g T ! ◮ We precompute tweaked Giant step of BSGS and store for reuse.

  18. A Simple Model Input Hidden Output layer layer layer (Ciphertext) (Pairings) Encrypted pixel #1 · 2 Encrypted pixel #2 · 2 dlog Score for 0 Encrypted pixel #3 . . . . . . . . . . . . . . . · 2 dlog Score for 9 Encrypted pixel #782 · 2 Encrypted pixel #783 Encrypted pixel #784

  19. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  20. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x .

  21. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x . More keys give you more scalars.

  22. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x . More keys give you more scalars. But your notion of privacy depends on the distributions on the � x ’s.

  23. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x . More keys give you more scalars. But your notion of privacy depends on the distributions on the � x ’s. 10 scalars actually give a lot of information: [CFLS18] mount good recovery attacks.

  24. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out.

  25. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect?

  26. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect? Is a decent reconstruction of a MNIST image bad for privacy? Is it ok? Which details matter?

  27. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect? Is a decent reconstruction of a MNIST image bad for privacy? Is it ok? Which details matter? We need to capture real-world concerns on real-world data distributions.

  28. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect? Is a decent reconstruction of a MNIST image bad for privacy? Is it ok? Which details matter? We need to capture real-world concerns on real-world data distributions. We can draw inspiration from the cryptographic notion of indistinguishibility.

  29. Defining Security for FE-ML

  30. Collateral Learning

  31. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  32. Implementation We provide a Python implementation using Charm with PBC. We use a database for precomputed discrete logarithms. Functional key generation 0 . 094s Encryption time 12 . 1s Evaluation time 2 . 97s Discrete logarithms time 0 . 024s

  33. Results: Influence of Output Size

  34. Results: Influence of Adversarial Parameter

  35. Open problems ◮ Bigger images.

  36. Open problems ◮ Bigger images. ◮ Richer FE.

  37. Open problems ◮ Bigger images. ◮ Richer FE. ◮ Trusting models.

  38. Recap: Our contributions ◮ New Quadratic FE scheme; ◮ Python Implementation; ◮ Methodology for Thinking About Privacy in FE-ML; ◮ New Dataset; ◮ Collateral Learning Framework for Training Models in FE-ML.

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Machine Learning Classification over Encrypted Data Raphal Bost Raluca Ada Popa,

Machine Learning Classification over Encrypted Data Raphal Bost Raluca Ada Popa,

Machine Learning Classification over Encrypted Data Raphal Bost Raluca Ada Popa, Universit Rennes 1 ETH Zrich MIT MIT Stephen Tu Shafi Goldwasser MIT MIT Classification (Machine Learning) Supervised learning (training)

1.3k views • 29 slides
Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure communication. Does not allow modifying encrypted data. Homomorphic Encryption: allows computation on encrypted data, but result remains encrypted Functional

987 views • 61 slides
Learning to Rank Learning to Rank with Partially-Labeled Data with Partially-Labeled Data Kevin

Learning to Rank Learning to Rank with Partially-Labeled Data with Partially-Labeled Data Kevin

Learning to Rank Learning to Rank with Partially-Labeled Data with Partially-Labeled Data Kevin Duh University of Washington (Joint work with Katrin Kirchhoff) 1 Motivation Motivation Machine learning can be an effective solution for

472 views • 29 slides
Machine Learning Classification over Encrypted Data Raphael Bost, Raluca Ada Popa, Stephen Tu,

Machine Learning Classification over Encrypted Data Raphael Bost, Raluca Ada Popa, Stephen Tu,

Machine Learning Classification over Encrypted Data Raphael Bost, Raluca Ada Popa, Stephen Tu, Shafi Goldwasser Classification (Machine Learning) Supervised learning (training) Classification data classification training model

1.29k views • 54 slides
Introduction to Machine Learning Part 1 and Part 2 Yingyu Liang yliang@cs.wisc.edu Computer

Introduction to Machine Learning Part 1 and Part 2 Yingyu Liang yliang@cs.wisc.edu Computer

Introduction to Machine Learning Part 1 and Part 2 Yingyu Liang yliang@cs.wisc.edu Computer Sciences Department University of Wisconsin, Madison [Partially Based on slides from Jerry Zhu and Mark Craven] What is machine learning? Short

792 views • 75 slides
Economical machine learning via functional programming Big Data Scala by the Bay August 18,

Economical machine learning via functional programming Big Data Scala by the Bay August 18,

Economical machine learning via functional programming Big Data Scala by the Bay August 18, 2015 David Andrzejewski - @davidandrzej Data Sciences Engineering, Sumo Logic Sumo Logic Confidential Sumo Logic Machine data intelligence

524 views • 49 slides
An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning http://www.cs.iastate.edu/~cs573x/bbsilab.html Machine Learning Software Preparing Data Building Classifiers Interpreting Results Machine Learning Software

496 views • 26 slides
Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by which computers can be trained through observation, rather than being explicitly programmed. Basically, a program is given input and adjusts its

556 views • 17 slides
Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University January 12, 2015 Today: Readings: What is machine learning? The Discipline of ML Decision tree learning Mitchell, Chapter 3

872 views • 29 slides
Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

GCT634/AI613: Musical Applications of Machine Learning (Fall 2020) Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning Pipeline in Classification Tasks A set of hand-designed audio features are selected

398 views • 26 slides
Probabilistic Graphical Models 10-708 Learning Partially Observed Learning Partially Observed

Probabilistic Graphical Models 10-708 Learning Partially Observed Learning Partially Observed

Probabilistic Graphical Models 10-708 Learning Partially Observed Learning Partially Observed Graphical Models Graphical Models Eric Xing Eric Xing Lecture 13, Oct 26, 2005 Reading: MJ-Chap. 5,10,11 Partially observed GMs Speech

555 views • 16 slides
Learning to Rank with Learning to Rank with Partially-Labeled Data Partially-Labeled Data Kevin

Learning to Rank with Learning to Rank with Partially-Labeled Data Partially-Labeled Data Kevin

Learning to Rank with Learning to Rank with Partially-Labeled Data Partially-Labeled Data Kevin Duh University of Washington 1 The Ranking Problem The Ranking Problem Definition: Given a set of objects, sort them by preference. objectA

716 views • 59 slides
Machine Learning and Data Mining Decision Trees Kalev Kask Decision trees Functional form

Machine Learning and Data Mining Decision Trees Kalev Kask Decision trees Functional form

+ Machine Learning and Data Mining Decision Trees Kalev Kask Decision trees Functional form f(x; ): nested if -then- else statements Discrete features: fully expressive (any function) Structure: Internal nodes: check

303 views • 27 slides
CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine

CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine

1/22/19 CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine Learning? A Simple Task: Recognize Obama How do you program a computer to Recognize faces? Recommend movies? Decide which web

581 views • 5 slides
TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1 DISCLAIMER: THIS IS NOT FULLY-BAKED We just fleshed out this idea yesterday, so its hand-wavy. Insufficient analysis has been done. IETF 94 TLS 1.3

886 views • 11 slides
Learning to Reconstruct Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs,

Learning to Reconstruct Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs,

Learning to Reconstruct Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs, Marie-Sarah Lacharit, Brice Minaud, Kenny Paterson CASYS team seminar, Grenoble, December 2018 Outsourcing Data with Search Capabilities Data

534 views • 38 slides
S & P SECURITY & PRIVACY GROUP Challenges and Cryptographic Solutions with

S & P SECURITY & PRIVACY GROUP Challenges and Cryptographic Solutions with

FAKULTT FR !NFORMATIK Faculty of Informatics S & P SECURITY & PRIVACY GROUP Challenges and Cryptographic Solutions with Payment-Channel Networks Pedro Moreno-Sanchez RWC20 New York, Jan 10 th 2020 @pedrorechez Scalability

1.27k views • 84 slides
MISSION: We work for economic, social, and racial justice by advancing community based,

MISSION: We work for economic, social, and racial justice by advancing community based,

MISSION: We work for economic, social, and racial justice by advancing community based, cooperative, and democratically owned or managed enterprises with a preference to assisting cooperatives in low-income communities by: Providing

482 views • 10 slides
PAYCHECK PROTECTION PROGRAM DUKE LAW COMMUNITY ENTERPRISE CLINIC APRIL 21, 2020 Background,

PAYCHECK PROTECTION PROGRAM DUKE LAW COMMUNITY ENTERPRISE CLINIC APRIL 21, 2020 Background,

PAYCHECK PROTECTION PROGRAM DUKE LAW COMMUNITY ENTERPRISE CLINIC APRIL 21, 2020 Background, tips on applying, and an introduction to the forms required What is the Paycheck Protection Program (PPP)? - The PPP is a part of the Coronavirus

238 views • 11 slides
The Capitalization of Consumer Financing into Durable Goods Prices Bronson Argyle Taylor Nadauld

The Capitalization of Consumer Financing into Durable Goods Prices Bronson Argyle Taylor Nadauld

The Capitalization of Consumer Financing into Durable Goods Prices Bronson Argyle Taylor Nadauld BYU BYU Ryan Pratt Christopher Palmer BYU MIT and NBER May 2019 1 / 34 Capitalization of Consumer Financing Introduction Credit

770 views • 52 slides
Violent Crime Inequality in the United States 1 download slides at: www.inequality.com/slides

Violent Crime Inequality in the United States 1 download slides at: www.inequality.com/slides

download slides at: www.inequality.com/slides Violent Crime Inequality in the United States 1 download slides at: www.inequality.com/slides Violent Crime Homicide Rates and Income Inequality in the United States This image depicts the

399 views • 8 slides
Enterprise Applications and Challenges Maj Gen Sarah Zabel Defense Information Systems Agency

Enterprise Applications and Challenges Maj Gen Sarah Zabel Defense Information Systems Agency

UNCLASSIFIED Enterprise Applications and Challenges Maj Gen Sarah Zabel Defense Information Systems Agency Vice Director UNITED IN SERVICE TO OUR NATION UNCLASSIFIED 1 UNCLASSIFIED VIS ISION INFORM ORMATIO ION SUPERIO RIORIT ITY IN

128 views • 9 slides
South King County Mobility Coalition Mar March 202 ch 2020 Welcome! Welcome &

South King County Mobility Coalition Mar March 202 ch 2020 Welcome! Welcome &

South King County Mobility Coalition Mar March 202 ch 2020 Welcome! Welcome & Introductions Review Agenda Announcements Announcements Staffing Updates COVID-19 SKCMC 2020 Projects 2020 Projects

646 views • 41 slides
SBAs Disaster Declaration Makes Loans Available Due to the Coronavirus (COVID-19) The U.S.

SBAs Disaster Declaration Makes Loans Available Due to the Coronavirus (COVID-19) The U.S.

SBAs Disaster Declaration Makes Loans Available Due to the Coronavirus (COVID-19) The U.S. Small Business Administration (SBA) is offering designated states and territories low-interest federal disaster loans for working capital to small

355 views • 23 slides

More recommend