为了保护机器学习中决策树数据和模型的隐私,并减少计算和通信开销,提出了一种多密钥隐私保护决策树评估(multi-key privacy-preserving decision tree evaluation,MPDE)方案。利用分布式双陷门公钥密码(distributed two-trapdoor public-key crypto,DT-PKC)系统对所有数据进行加密。基于跨域安全加法协议实现来自不同公钥加密的两个密文的加法,改进原有的安全比较协议以支持多用户多密钥,保护了请求信息、分类结果和决策树模型的隐私。引入可信第三方密钥生成中心,减少了实体之间的通信开销,且在密钥分发完后离线。采用服务代理商代替用户与云服务器交互,降低了用户与云服务器之间的通信开销和用户的计算开销。安全与性能分析表明该方案具有高隐私性和高效性。同时,仿真实验显示该方案具有更低的计算开销。
A multi-key privacy-preserving decision tree evaluation (MPDE) scheme was developed to protect the privacy of decision tree data and models in machine learning and to reduce the computational and communications overhead. A distributed two-trapdoor public-key crypto (DT-PKC) was used to encrypt all the data. A secure addition- across-domains protocol was then used to add two ciphertexts from different public key cryptography systems. In addition, the original security comparison protocol was improved to support multi-user, multi-key systems to protect the privacy of the requested information, classification results and decision tree model. A trusted third party key generation center was introduced to reduce the communication overhead between entities which is completely offline after the key distribution. A service agent was then used to interact with the cloud server instead of the users which reduced the communications overhead between the user and the cloud server. Security and performance analyses show that the scheme is efficient and ensures privacy. Simulations show that the scheme has less computational overhead than previous schemes.
[1] 贾春福, 王雅飞, 陈阳, 等. 机器学习算法在同态加密数据集上的应用[J]. 清华大学学报(自然科学版), 2020, 60(6):456-463. JIA C F, WANG Y F, CHEN Y, et al. Machine learning algorithm for a homomorphic encrypted data set[J]. Journal of Tsinghua University (Science and Technology), 2020, 60(6):456-463. (in Chinese)
[2] WEN Y D, ZHANG K P, LI Z F, et al. A comprehensive study on center loss for deep face recognition[J]. International Journal of Computer Vision, 2019, 127(6-7):668-683.
[3] VAIDYA J, SHAFIQ B, FAN W, et al. A random decision tree framework for privacy-preserving data mining[J]. IEEE Transactions on Dependable and Secure Computing, 2014, 11(5):399-411.
[4] WANG T, MEI Y X, JIA W J, et al. Edge-based differential privacy computing for sensor-cloud systems[J]. Journal of Parallel and Distributed Computing, 2020, 136:75-85.
[5] BOST R, POPA R A, TU S, et al. Machine learning classification over encrypted data[C]//22nd Annual Network and Distributed System Security Symposium. San Diego, USA:The Internet Society, 2015:1-34.
[6] TUENO A, KERSCHBAUM F, KATZENBEISSER S. Private evaluation of decision trees using sublinear cost[C]//Proceedings on Privacy Enhancing Technologies (PoPETs). Sciendo:Warsaw, 2019:266-286.
[7] 刘睿瑄, 陈红, 郭若杨, 等. 机器学习中的隐私攻击与防御[J]. 软件学报, 2020, 31(3):866-892. LIU R X, CHEN H, GUO R Y, et al. Survey on privacy attacks and defenses in machine learning[J]. Journal of Software, 2020, 31(3):866-892. (in Chinese)
[8] DOWSLEY R, LACERDA F, NASCIMENTO A C A. Commitment and oblivious transfer in the bounded storage model with errors[J]. IEEE Transactions on Information Theory, 2018, 64(8):5970-5984.
[9] DE COCK M, DOWSLEY R, HORST C, et al. Efficient and private scoring of decision trees, support vector machines and logistic regression models based on pre-computation[J]. IEEE Transactions on Dependable and Secure Computing, 2019, 16(2):217-230.
[10] ALOUFI A, HU P Z, WONG H W H, et al. Blindfolded evaluation of random forests with multi-key homomorphic encryption[J]. IEEE Transactions on Dependable and Secure Computing, 2021, 18(4):1821-1835.
[11] XUE L, LIU D X, NI J B, et al. Consent-based privacy-preserving decision tree evaluation[C]//2020 IEEE International Conference on Communications. Dublin, Ireland:IEEE Press, 2020:1-6.
[12] LIU L, CHEN R M, LIU X M, et al. Towards practical privacy-preserving decision tree training and evaluation in the cloud[J]. IEEE Transactions on Information Forensics and Security, 2020, 15:2914-2929.
[13] ZOU Y, ZHAO Z, SHI S, et al. Highly secure privacy-preserving outsourced K-means clustering under multiple keys in cloud computing[J]. Security and Communication Networks, 2020, 2020:1238505.
[14] KUANG W, CHAN Y L, TSANG S H, et al. Machine learning-based fast intra mode decision for HEVC screen content coding via decision trees[J]. IEEE Transactions on Circuits and Systems for Video Technology, 2020, 30(5):1481-1496.
[15] HASSAN A, HAMZA R, YAN H Y, et al. An efficient outsourced privacy preserving machine learning scheme with public verifiability[J]. IEEE Access, 2019, 7:146322-146330.
