HEArgmax: Secure homomorphic encryption-based protocols for Argmax function

IF 3.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computer Standards & Interfaces Pub Date : 2025-09-12 DOI:10.1016/j.csi.2025.104071

Duy Tung Khanh Nguyen , Dung Hoang Duong , Willy Susilo , Yang-Wai Chow , The Anh Ta

{"title":"HEArgmax: Secure homomorphic encryption-based protocols for Argmax function","authors":"Duy Tung Khanh Nguyen , Dung Hoang Duong , Willy Susilo , Yang-Wai Chow , The Anh Ta","doi":"10.1016/j.csi.2025.104071","DOIUrl":null,"url":null,"abstract":"<div><div>In the current era of big data, cloud-based Machine Learning as a Service (MLaaS) – where clients send encrypted queries to the cloud and receive prediction results – has gained significant attention. However, privacy concerns arise as cloud servers typically require access to clients’ raw data, potentially exposing sensitive information. Homomorphic encryption (HE), an advanced cryptographic technique that allows computation on encrypted data without decryption, offers a promising foundation for privacy-preserving MLaaS. A critical challenge in this context is the efficient and secure evaluation of the <em>argmax</em> function—a key operation in classification tasks used to select the class with the highest predicted probability. Existing HE-based methods, such as Phoenix (Jovanovic et al., 2022), rely on non-interactive protocols using high-degree polynomial approximations of the sign function, which lead to significant computational overhead. This paper introduces <span><math><mi>HEArgmax</mi></math></span>, an interactive protocol designed for efficient and secure <span><math><mrow><mi>a</mi><mi>r</mi><mi>g</mi><mi>m</mi><mi>a</mi><mi>x</mi></mrow></math></span> evaluation under encryption. Unlike prior approaches, <span><math><mi>HEArgmax</mi></math></span> leverages the algebraic properties of the sign function in combination with a lightweight interactive mechanism under the standard semi-honest model, without requiring trusted setup or multi-party computation. We present two protocol variants: <span><math><mi>HEArgmax</mi></math></span>-HT, optimized for high-throughput scenarios using batch processing, and <span><math><mi>HEArgmax</mi></math></span>-LC, which minimizes communication by processing a single encrypted vector. Experiments show that <span><math><mi>HEArgmax</mi></math></span> reduces inference latency from 157 s to 8 s on the MNIST dataset, and performs well even on CIFAR-100 with 100 output classes, completing in under 4 min using 128-bit HE security parameters. Despite being interactive, our protocol achieves comparable communication costs to Phoenix. These results demonstrate that <span><math><mi>HEArgmax</mi></math></span> is both practical and scalable for real-world privacy-preserving MLaaS deployments.</div></div>","PeriodicalId":50635,"journal":{"name":"Computer Standards & Interfaces","volume":"96 ","pages":"Article 104071"},"PeriodicalIF":3.1000,"publicationDate":"2025-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computer Standards & Interfaces","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S092054892500100X","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In the current era of big data, cloud-based Machine Learning as a Service (MLaaS) – where clients send encrypted queries to the cloud and receive prediction results – has gained significant attention. However, privacy concerns arise as cloud servers typically require access to clients’ raw data, potentially exposing sensitive information. Homomorphic encryption (HE), an advanced cryptographic technique that allows computation on encrypted data without decryption, offers a promising foundation for privacy-preserving MLaaS. A critical challenge in this context is the efficient and secure evaluation of the argmax function—a key operation in classification tasks used to select the class with the highest predicted probability. Existing HE-based methods, such as Phoenix (Jovanovic et al., 2022), rely on non-interactive protocols using high-degree polynomial approximations of the sign function, which lead to significant computational overhead. This paper introduces

HEArgmax

, an interactive protocol designed for efficient and secure

a r g m a x

evaluation under encryption. Unlike prior approaches,

HEArgmax

leverages the algebraic properties of the sign function in combination with a lightweight interactive mechanism under the standard semi-honest model, without requiring trusted setup or multi-party computation. We present two protocol variants:

HEArgmax

-HT, optimized for high-throughput scenarios using batch processing, and

HEArgmax

-LC, which minimizes communication by processing a single encrypted vector. Experiments show that

HEArgmax

reduces inference latency from 157 s to 8 s on the MNIST dataset, and performs well even on CIFAR-100 with 100 output classes, completing in under 4 min using 128-bit HE security parameters. Despite being interactive, our protocol achieves comparable communication costs to Phoenix. These results demonstrate that

HEArgmax

is both practical and scalable for real-world privacy-preserving MLaaS deployments.

查看原文本刊更多论文

HEArgmax：基于安全同态加密的Argmax函数协议

在当前的大数据时代，基于云的机器学习即服务（MLaaS）——客户端向云发送加密查询并接收预测结果——已经获得了极大的关注。然而，由于云服务器通常需要访问客户的原始数据，因此可能会暴露敏感信息，因此会出现隐私问题。同态加密（HE）是一种先进的加密技术，允许在不解密的情况下对加密数据进行计算，为保护隐私的MLaaS提供了良好的基础。在这种情况下，一个关键的挑战是对argmax函数的高效和安全的求值，这是分类任务中的一个关键操作，用于选择具有最高预测概率的类。现有的基于he的方法，如Phoenix (Jovanovic et al., 2022)，依赖于使用符号函数的高次多项式近似的非交互式协议，这导致了显著的计算开销。本文介绍了一种用于加密下高效、安全的argmax求值的交互协议——HEArgmax。与之前的方法不同，HEArgmax利用符号函数的代数特性，结合标准半诚实模型下的轻量级交互机制，不需要可信设置或多方计算。我们提出了两种协议变体：针对使用批处理的高吞吐量场景进行优化的HEArgmax-HT和通过处理单个加密向量来最大限度地减少通信的HEArgmax-LC。实验表明，在MNIST数据集上，HEArgmax将推理延迟从157秒减少到8秒，并且即使在具有100个输出类的CIFAR-100上也表现良好，使用128位HE安全参数在4分钟内完成。尽管是交互式的，但我们的协议实现了与Phoenix相当的通信成本。这些结果表明，对于现实世界中保护隐私的MLaaS部署，HEArgmax既实用又可扩展。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computer Standards & Interfaces 工程技术-计算机：软件工程

CiteScore

11.90

自引率

16.00%

发文量

审稿时长

6 months

期刊介绍： The quality of software, well-defined interfaces (hardware and software), the process of digitalisation, and accepted standards in these fields are essential for building and exploiting complex computing, communication, multimedia and measuring systems. Standards can simplify the design and construction of individual hardware and software components and help to ensure satisfactory interworking. Computer Standards & Interfaces is an international journal dealing specifically with these topics. The journal • Provides information about activities and progress on the definition of computer standards, software quality, interfaces and methods, at national, European and international levels • Publishes critical comments on standards and standards activities • Disseminates user''s experiences and case studies in the application and exploitation of established or emerging standards, interfaces and methods • Offers a forum for discussion on actual projects, standards, interfaces and methods by recognised experts • Stimulates relevant research by providing a specialised refereed medium.