partially encrypted machine learning using functional
play

Partially Encrypted Machine Learning using Functional Encryption eo - PowerPoint PPT Presentation

Feb 10, 2024 •38 likes •418 views

Partially Encrypted Machine Learning using Functional Encryption eo Ryffel 1,2 Edouard Dufour-Sans 1 Romain Gay 1,3 Th Francis Bach 2,1 David Pointcheval 1,2 1 Ecole Normale Sup erieure 2 INRIA 3 UC Berkeley August 18, 2019 Table of

  1. Partially Encrypted Machine Learning using Functional Encryption eo Ryffel 1,2 Edouard Dufour-Sans 1 Romain Gay 1,3 Th´ Francis Bach 2,1 David Pointcheval 1,2 1 ´ Ecole Normale Sup´ erieure 2 INRIA 3 UC Berkeley August 18, 2019

  2. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  3. Functional Encryption Traditional PKE: all or nothing.

  4. Functional Encryption Traditional PKE: all or nothing. ◮ Have the key? Get the plaintext. ◮ Don’t have the key? Get nothing.

  5. Functional Encryption Traditional PKE: all or nothing. Functional Encryption: A new ◮ Have the key? paradigm . Get the plaintext. ◮ Don’t have the key? Get nothing.

  6. Functional Encryption Traditional PKE: all or nothing. Functional Encryption: A new ◮ Have the key? paradigm . Get the plaintext. Get a function of the cleartext. ◮ Don’t have the key? Get nothing.

  7. Functional Encryption Traditional PKE: all or nothing. Functional Encryption: A new ◮ Have the key? paradigm . Get the plaintext. Get a function of the cleartext. ◮ Don’t have the key? Function depends on the key . Get nothing.

  8. FE example sk f spam , sk f urgent pk I want to receive encrypted emails. I don’t want to be bothered with spam. Decrypt and send to my colleague if urgent. msk

  9. FE example Enc pk (”Cheap RayBans!!!”) sk f spam , sk f urgent pk I don’t know what it is but it’s spam! msk

  10. Security definitions pk LeftOrRight( x 0 , x 1 ) Enc( x b ) KeyDer( f ) sk f b ?

  11. Security definitions No cheating! f ( x 0 ) � = f ( x 1 ) pk LeftOrRight( x 0 , x 1 ) Enc( x b ) KeyDer( f ) sk f b ?

  12. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  13. Our contributions ◮ New Quadratic FE scheme; ◮ Python Implementation; ◮ Methodology for Thinking About Privacy in FE-ML; ◮ New Dataset; ◮ Collateral Learning Framework for Training Models in FE-ML.

  14. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  15. A New FE Scheme for Quadratic Forms ◮ Key sk Q gets you � x T Q � x from Enc ( � x ); ◮ Decryption 1 . 5 × faster than State-of-the-Art; ◮ Uses pairings. Secure in Generic Group Model;

  16. A New FE Scheme for Quadratic Forms ◮ Key sk Q gets you � x T Q � x from Enc ( � x ); ◮ Decryption 1 . 5 × faster than State-of-the-Art; ◮ Uses pairings. Secure in Generic Group Model; ◮ All group-based computational FE schemes require a discrete logarithm; ◮ Must ensure output has reasonably small entropy;

  17. A New FE Scheme for Quadratic Forms ◮ Key sk Q gets you � x T Q � x from Enc ( � x ); ◮ Decryption 1 . 5 × faster than State-of-the-Art; ◮ Uses pairings. Secure in Generic Group Model; ◮ All group-based computational FE schemes require a discrete logarithm; ◮ Must ensure output has reasonably small entropy; ◮ All DLOGs are in base g T ! ◮ We precompute tweaked Giant step of BSGS and store for reuse.

  18. A Simple Model Input Hidden Output layer layer layer (Ciphertext) (Pairings) Encrypted pixel #1 · 2 Encrypted pixel #2 · 2 dlog Score for 0 Encrypted pixel #3 . . . . . . . . . . . . . . . · 2 dlog Score for 9 Encrypted pixel #782 · 2 Encrypted pixel #783 Encrypted pixel #784

  19. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  20. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x .

  21. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x . More keys give you more scalars.

  22. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x . More keys give you more scalars. But your notion of privacy depends on the distributions on the � x ’s.

  23. Leakage x ∈ [0 , 255] 784 . Ciphertexts are for vectors � x T Q � A key for Q lets you compute one scalar � x . More keys give you more scalars. But your notion of privacy depends on the distributions on the � x ’s. 10 scalars actually give a lot of information: [CFLS18] mount good recovery attacks.

  24. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out.

  25. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect?

  26. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect? Is a decent reconstruction of a MNIST image bad for privacy? Is it ok? Which details matter?

  27. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect? Is a decent reconstruction of a MNIST image bad for privacy? Is it ok? Which details matter? We need to capture real-world concerns on real-world data distributions.

  28. Defining Security for FE-ML Security definition of FE isn’t very helpful for deciding how many keys you can give out. What information are we trying to protect? Is a decent reconstruction of a MNIST image bad for privacy? Is it ok? Which details matter? We need to capture real-world concerns on real-world data distributions. We can draw inspiration from the cryptographic notion of indistinguishibility.

  29. Defining Security for FE-ML

  30. Collateral Learning

  31. Table of Contents Background Functional Encryption Security of Functional Encryption Overview Our contributions Basics of Functional Inference Our Scheme A Simple Model Collateral learning Attacks on initial approach Defining practical security Collateral learning Results and Future Work Implementation Results Open problems

  32. Implementation We provide a Python implementation using Charm with PBC. We use a database for precomputed discrete logarithms. Functional key generation 0 . 094s Encryption time 12 . 1s Evaluation time 2 . 97s Discrete logarithms time 0 . 024s

  33. Results: Influence of Output Size

  34. Results: Influence of Adversarial Parameter

  35. Open problems ◮ Bigger images.

  36. Open problems ◮ Bigger images. ◮ Richer FE.

  37. Open problems ◮ Bigger images. ◮ Richer FE. ◮ Trusting models.

  38. Recap: Our contributions ◮ New Quadratic FE scheme; ◮ Python Implementation; ◮ Methodology for Thinking About Privacy in FE-ML; ◮ New Dataset; ◮ Collateral Learning Framework for Training Models in FE-ML.

Recommend

Machine Learning Classification over Encrypted Data Raphal Bost Raluca Ada Popa,

Machine Learning Classification over Encrypted Data Raphal Bost Raluca Ada Popa,

Machine Learning Classification over Encrypted Data Raphal Bost Raluca Ada Popa, Universit Rennes 1 ETH Zrich MIT MIT Stephen Tu Shafi Goldwasser MIT MIT Classification (Machine Learning) Supervised learning (training)

1.3k views • 29 slides
Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure

Functional Encryption Lecture 27 Functional Encryption Plain encryption: for secure communication. Does not allow modifying encrypted data. Homomorphic Encryption: allows computation on encrypted data, but result remains encrypted Functional

987 views • 61 slides
Learning to Rank Learning to Rank with Partially-Labeled Data with Partially-Labeled Data Kevin

Learning to Rank Learning to Rank with Partially-Labeled Data with Partially-Labeled Data Kevin

Learning to Rank Learning to Rank with Partially-Labeled Data with Partially-Labeled Data Kevin Duh University of Washington (Joint work with Katrin Kirchhoff) 1 Motivation Motivation Machine learning can be an effective solution for

472 views • 29 slides
Machine Learning Classification over Encrypted Data Raphael Bost, Raluca Ada Popa, Stephen Tu,

Machine Learning Classification over Encrypted Data Raphael Bost, Raluca Ada Popa, Stephen Tu,

Machine Learning Classification over Encrypted Data Raphael Bost, Raluca Ada Popa, Stephen Tu, Shafi Goldwasser Classification (Machine Learning) Supervised learning (training) Classification data classification training model

1.29k views • 54 slides
Introduction to Machine Learning Part 1 and Part 2 Yingyu Liang yliang@cs.wisc.edu Computer

Introduction to Machine Learning Part 1 and Part 2 Yingyu Liang yliang@cs.wisc.edu Computer

Introduction to Machine Learning Part 1 and Part 2 Yingyu Liang yliang@cs.wisc.edu Computer Sciences Department University of Wisconsin, Madison [Partially Based on slides from Jerry Zhu and Mark Craven] What is machine learning? Short

792 views • 75 slides
Economical machine learning via functional programming Big Data Scala by the Bay August 18,

Economical machine learning via functional programming Big Data Scala by the Bay August 18,

Economical machine learning via functional programming Big Data Scala by the Bay August 18, 2015 David Andrzejewski - @davidandrzej Data Sciences Engineering, Sumo Logic Sumo Logic Confidential Sumo Logic Machine data intelligence

524 views • 49 slides
An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning

An Exercise in An Exercise in Machine Learning Machine Learning http://www.cs.iastate.edu/~cs573x/bbsilab.html Machine Learning Software Preparing Data Building Classifiers Interpreting Results Machine Learning Software

496 views • 26 slides
Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by

Machine Learning By Alex Scarlatos What is Machine Learning? Machine Learning is the process by which computers can be trained through observation, rather than being explicitly programmed. Basically, a program is given input and adjusts its

556 views • 17 slides
Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning: Study of algorithms that improve their performance P at some task T

Machine Learning 10-601 Tom M. Mitchell Machine Learning Department Carnegie Mellon University January 12, 2015 Today: Readings: What is machine learning? The Discipline of ML Decision tree learning Mitchell, Chapter 3

872 views • 29 slides
Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning

GCT634/AI613: Musical Applications of Machine Learning (Fall 2020) Traditional Machine Learning: Unsupervised Learning Juhan Nam Traditional Machine Learning Pipeline in Classification Tasks A set of hand-designed audio features are selected

398 views • 26 slides
Probabilistic Graphical Models 10-708 Learning Partially Observed Learning Partially Observed

Probabilistic Graphical Models 10-708 Learning Partially Observed Learning Partially Observed

Probabilistic Graphical Models 10-708 Learning Partially Observed Learning Partially Observed Graphical Models Graphical Models Eric Xing Eric Xing Lecture 13, Oct 26, 2005 Reading: MJ-Chap. 5,10,11 Partially observed GMs Speech

555 views • 16 slides
Learning to Rank with Learning to Rank with Partially-Labeled Data Partially-Labeled Data Kevin

Learning to Rank with Learning to Rank with Partially-Labeled Data Partially-Labeled Data Kevin

Learning to Rank with Learning to Rank with Partially-Labeled Data Partially-Labeled Data Kevin Duh University of Washington 1 The Ranking Problem The Ranking Problem Definition: Given a set of objects, sort them by preference. objectA

716 views • 59 slides
Machine Learning and Data Mining Decision Trees Kalev Kask Decision trees Functional form

Machine Learning and Data Mining Decision Trees Kalev Kask Decision trees Functional form

+ Machine Learning and Data Mining Decision Trees Kalev Kask Decision trees Functional form f(x; ): nested if -then- else statements Discrete features: fully expressive (any function) Structure: Internal nodes: check

303 views • 27 slides
CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine

CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine

1/22/19 CS 335 Machine Learning What is Machine Learning? Dan Sheldon Spring 2019 What is Machine Learning? A Simple Task: Recognize Obama How do you program a computer to Recognize faces? Recommend movies? Decide which web

581 views • 5 slides
TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1

TLS 1.3 Encrypted SNI ekr: ekr@rtfm.com dkg: dkg@aclu.org IETF 94 TLS 1.3 Encrypted SNI 1 DISCLAIMER: THIS IS NOT FULLY-BAKED We just fleshed out this idea yesterday, so its hand-wavy. Insufficient analysis has been done. IETF 94 TLS 1.3

886 views • 11 slides
Learning to Reconstruct Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs,

Learning to Reconstruct Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs,

Learning to Reconstruct Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs, Marie-Sarah Lacharit, Brice Minaud, Kenny Paterson CASYS team seminar, Grenoble, December 2018 Outsourcing Data with Search Capabilities Data

534 views • 38 slides
Machine Learning Machine Learning: algorithms that use experience to improve their

Machine Learning Machine Learning: algorithms that use experience to improve their

Machine Learning Machine Learning: algorithms that use experience to improve their performance We use machine learning in situations where it is very challenging (or impossible) to define the rules by hand: e.g. face detection

1.04k views • 28 slides
Introduction to Machine Learning COMPSCI 371D Machine Learning COMPSCI 371D Machine

Introduction to Machine Learning COMPSCI 371D Machine Learning COMPSCI 371D Machine

Introduction to Machine Learning COMPSCI 371D Machine Learning COMPSCI 371D Machine Learning Introduction to Machine Learning 1 / 12 Outline 1 Nearest Neighbor Prediction 2 Complexity Considerations 3 The Voronoi Diagram 4 Overfitting

564 views • 12 slides
1 Why Study Machine Learning? Why Study Machine Learning? Cognitive Science The Time is Ripe

1 Why Study Machine Learning? Why Study Machine Learning? Cognitive Science The Time is Ripe

What is Learning? Herbert Simon: Learning is any process by which a system improves performance from CS 391L: Machine Learning experience. Introduction What is the task? Classification Problem solving / planning /

603 views • 6 slides
MACHINE LEARNING, STATISTICAL LEARNING AND PARALLEL COMPUTING INTRODUCTION VS MACHINE LEARNING

MACHINE LEARNING, STATISTICAL LEARNING AND PARALLEL COMPUTING INTRODUCTION VS MACHINE LEARNING

JACOPO DI IORIO, MATTEO FONTANA, DANIELE OCCHIUTO, CLAUDIA VOLPETTI MACHINE LEARNING, STATISTICAL LEARNING AND PARALLEL COMPUTING INTRODUCTION VS MACHINE LEARNING STATISTICAL LEARNING Separate evolutions, but with shared methodologies MERGE

565 views • 55 slides
Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs ,

Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs ,

Learning to Reconstruct: Statistical Learning Theory and Encrypted Database Attacks Paul Grubbs , Marie-Sarah Lacharit, Brice Minaud, Kenny Paterson pag225@cornell.edu, @pag_crypto Outsourced Databases Database Encrypting Outsourced

705 views • 23 slides
G14FUN: Functional Analysis, Introductory material on totally ordered sets and partially ordered

G14FUN: Functional Analysis, Introductory material on totally ordered sets and partially ordered

G14FUN: Functional Analysis, Introductory material on totally ordered sets and partially ordered sets Dr J. F. Feinstein January 25, 2010 1 1 Total orders Recall that we say that we have a relation on a set X , if we have a rule which

228 views • 10 slides
Apache PredictionIO End-to-End Machine Learning Server with Apache Spark What is Machine

Apache PredictionIO End-to-End Machine Learning Server with Apache Spark What is Machine

Apache PredictionIO End-to-End Machine Learning Server with Apache Spark What is Machine Learning? What is Machine Learning? Examples of machine learning applications: Facial recognition software E-mail spam detectors Automated

302 views • 17 slides
MetaFun: Meta-Learning with Iterative Functional Updates Jin Xu, Jean-Francois Ton, Hyunjik Kim,

MetaFun: Meta-Learning with Iterative Functional Updates Jin Xu, Jean-Francois Ton, Hyunjik Kim,

MetaFun: Meta-Learning with Iterative Functional Updates Jin Xu, Jean-Francois Ton, Hyunjik Kim, Adam R. Kosiorek, Yee Whye Teh 37th International Conference on Machine Learning Supervised Meta-Learning Supervised Meta-Learning Supervised

1.01k views • 66 slides

More recommend