PCIR: Privacy-Preserving Convolutional Neural Network Inference With Rapid Responsiveness

IF 1.8 4区计算机科学 Q3 COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE

Computational Intelligence Pub Date : 2025-02-25 DOI:10.1111/coin.70030

Jinguo Li, Yan Yan, Kai Zhang, Chunlin Li, Peichun Yuan

{"title":"PCIR: Privacy-Preserving Convolutional Neural Network Inference With Rapid Responsiveness","authors":"Jinguo Li, Yan Yan, Kai Zhang, Chunlin Li, Peichun Yuan","doi":"10.1111/coin.70030","DOIUrl":null,"url":null,"abstract":"<div>\n \n <p>Several companies leverage trained convolutional neural networks (CNNs) to offer predictive services to users. These companies capitalize on CNNs' superior performance in image processing tasks, such as autonomous driving or face recognition. To safeguard data privacy and model parameters, various algorithms have been proposed. Most of them are predominantly designed using secure multi-party computation (MPC) or hardware-assisted solutions. However, certain limitations persist. First, MPC-based approaches (e.g., garbled circuits, homomorphic encryption) fail to meet rapid responsiveness requirements. Additionally, hardware-assisted solutions impose extra burdens to realize secure inference tasks. The primary reasons for these shortcomings can be summarized as follows: (1) high computation and communication delays are introduced by heavy cryptographic operations during the online phase. (2) Additional overhead for sharing triples. In this article, we propose PCIR, a secure protocol for privacy-preserving convolutional neural network inference (PCIR). PCIR aims to address the aforementioned issues based on a pre-shared secret sharing mechanism. It can achieve rapid responses to user requirements and preserve privacy of data and model for the following reasons: (1) it circumvents computationally expensive operations, such as an operation for permuting plaintext slots, which runs 56 times slower than a homomorphic addition operation, and 34 times slower than a homomorphic multiplication operation. (2) Computational operations, such as homomorphic additions or multiplications, are conducted during the pre-computation phase. It can significantly reduce the online computing costs. (3) PCIR conducts secure multiplication based on pre-shared secret shares. It results in much lower communication and computation costs compared with the use of multiplicative triples. Finally, we evaluate PCIR with benchmark neural networks trained on the MNIST and CIFAR-10 datasets. The results have shown that PCIR requires <span></span><math>\n <semantics>\n <mrow>\n <mn>1</mn>\n <mo>.</mo>\n <mn>3</mn>\n <mo>×</mo>\n <mo>−</mo>\n <mn>3</mn>\n <mo>.</mo>\n <mn>7</mn>\n <mo>×</mo>\n </mrow>\n <annotation>$$ 1.3\\times -3.7\\times $$</annotation>\n </semantics></math> less time and <span></span><math>\n <semantics>\n <mrow>\n <mn>1</mn>\n <mo>.</mo>\n <mn>1</mn>\n <mo>×</mo>\n <mo>−</mo>\n <mn>12</mn>\n <mo>.</mo>\n <mn>3</mn>\n <mo>×</mo>\n </mrow>\n <annotation>$$ 1.1\\times -12.3\\times $$</annotation>\n </semantics></math> less communication cost than previous methodologies.</p>\n </div>","PeriodicalId":55228,"journal":{"name":"Computational Intelligence","volume":"41 2","pages":""},"PeriodicalIF":1.8000,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computational Intelligence","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1111/coin.70030","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, ARTIFICIAL INTELLIGENCE","Score":null,"Total":0}

引用次数: 0

Abstract

Several companies leverage trained convolutional neural networks (CNNs) to offer predictive services to users. These companies capitalize on CNNs' superior performance in image processing tasks, such as autonomous driving or face recognition. To safeguard data privacy and model parameters, various algorithms have been proposed. Most of them are predominantly designed using secure multi-party computation (MPC) or hardware-assisted solutions. However, certain limitations persist. First, MPC-based approaches (e.g., garbled circuits, homomorphic encryption) fail to meet rapid responsiveness requirements. Additionally, hardware-assisted solutions impose extra burdens to realize secure inference tasks. The primary reasons for these shortcomings can be summarized as follows: (1) high computation and communication delays are introduced by heavy cryptographic operations during the online phase. (2) Additional overhead for sharing triples. In this article, we propose PCIR, a secure protocol for privacy-preserving convolutional neural network inference (PCIR). PCIR aims to address the aforementioned issues based on a pre-shared secret sharing mechanism. It can achieve rapid responses to user requirements and preserve privacy of data and model for the following reasons: (1) it circumvents computationally expensive operations, such as an operation for permuting plaintext slots, which runs 56 times slower than a homomorphic addition operation, and 34 times slower than a homomorphic multiplication operation. (2) Computational operations, such as homomorphic additions or multiplications, are conducted during the pre-computation phase. It can significantly reduce the online computing costs. (3) PCIR conducts secure multiplication based on pre-shared secret shares. It results in much lower communication and computation costs compared with the use of multiplicative triples. Finally, we evaluate PCIR with benchmark neural networks trained on the MNIST and CIFAR-10 datasets. The results have shown that PCIR requires $1.3 \times - 3.7 \times$ less time and $1.1 \times - 12.3 \times$ less communication cost than previous methodologies.

查看原文本刊更多论文

求助全文

约1分钟内获得全文求助全文

来源期刊

Computational Intelligence 工程技术-计算机：人工智能

CiteScore

6.90

自引率

3.60%

发文量

审稿时长

>12 weeks

期刊介绍： This leading international journal promotes and stimulates research in the field of artificial intelligence (AI). Covering a wide range of issues - from the tools and languages of AI to its philosophical implications - Computational Intelligence provides a vigorous forum for the publication of both experimental and theoretical research, as well as surveys and impact studies. The journal is designed to meet the needs of a wide range of AI workers in academic and industrial research.