Abstract：A multi-key privacy-preserving decision tree evaluation (MPDE) scheme was developed to protect the privacy of decision tree data and models in machine learning and to reduce the computational and communications overhead. A distributed two-trapdoor public-key crypto (DT-PKC) was used to encrypt all the data. A secure addition- across-domains protocol was then used to add two ciphertexts from different public key cryptography systems. In addition, the original security comparison protocol was improved to support multi-user, multi-key systems to protect the privacy of the requested information, classification results and decision tree model. A trusted third party key generation center was introduced to reduce the communication overhead between entities which is completely offline after the key distribution. A service agent was then used to interact with the cloud server instead of the users which reduced the communications overhead between the user and the cloud server. Security and performance analyses show that the scheme is efficient and ensures privacy. Simulations show that the scheme has less computational overhead than previous schemes.
 贾春福, 王雅飞, 陈阳, 等. 机器学习算法在同态加密数据集上的应用[J]. 清华大学学报(自然科学版), 2020, 60(6):456-463. JIA C F, WANG Y F, CHEN Y, et al. Machine learning algorithm for a homomorphic encrypted data set[J]. Journal of Tsinghua University (Science and Technology), 2020, 60(6):456-463. (in Chinese)  WEN Y D, ZHANG K P, LI Z F, et al. A comprehensive study on center loss for deep face recognition[J]. International Journal of Computer Vision, 2019, 127(6-7):668-683.  VAIDYA J, SHAFIQ B, FAN W, et al. A random decision tree framework for privacy-preserving data mining[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 11(5):399-411.  WANG T, MEI Y X, JIA W J, et al. Edge-based differential privacy computing for sensor-cloud systems[J]. Journal of Parallel and Distributed Computing, 2020, 136:75-85.  BOST R, POPA R A, TU S, et al. Machine learning classification over encrypted data[C]//22nd Annual Network and Distributed System Security Symposium. San Diego, USA:The Internet Society, 2015:1-34.  TUENO A, KERSCHBAUM F, KATZENBEISSER S. Private evaluation of decision trees using sublinear cost[C]//Proceedings on Privacy Enhancing Technologies (PoPETs). Sciendo:Warsaw, 2019:266-286.  刘睿瑄, 陈红, 郭若杨, 等. 机器学习中的隐私攻击与防御[J]. 软件学报, 2020, 31(3):866-892. LIU R X, CHEN H, GUO R Y, et al. Survey on privacy attacks and defenses in machine learning[J]. Journal of Software, 2020, 31(3):866-892. (in Chinese)  DOWSLEY R, LACERDA F, NASCIMENTO A C A. Commitment and oblivious transfer in the bounded storage model with errors[J]. IEEE Transactions on Information Theory, 2018, 64(8):5970-5984.  DE COCK M, DOWSLEY R, HORST C, et al. Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 16(2):217-230.  ALOUFI A, HU P Z, WONG H W H, et al. Blindfolded evaluation of random forests with multi-key homomorphic encryption[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(4):1821-1835.  XUE L, LIU D X, NI J B, et al. Consent-based privacy-preserving decision tree evaluation[C]//2020 IEEE International Conference on Communications. Dublin, Ireland:IEEE Press, 2020:1-6.  LIU L, CHEN R M, LIU X M, et al. Towards practical privacy-preserving decision tree training and evaluation in the cloud[J]. IEEE Transactions on Information Forensics and Security, 2020, 15:2914-2929.  ZOU Y, ZHAO Z, SHI S, et al. Highly secure privacy-preserving outsourced K-means clustering under multiple keys in cloud computing[J]. Security and Communication Networks, 2020, 2020:1238505.  KUANG W, CHAN Y L, TSANG S H, et al. Machine learning-based fast intra mode decision for HEVC screen content coding via decision trees[J]. IEEE Transactions on Circuits and Systems for Video Technology, 2020, 30(5):1481-1496.  HASSAN A, HAMZA R, YAN H Y, et al. An efficient outsourced privacy preserving machine learning scheme with public verifiability[J]. IEEE Access, 2019, 7:146322-146330.