Additive Homomorphic Encryption Research Articles

RSDA: A Reliable and Secure Data Aggregation Scheme for Smart Grid

Smart grids are modern power distribution systems that utilize advanced technologies to optimize energy generation, distribution, and consumption. The huge amount of data generated by various sources, such as smart meters, sensors, and other devices, can be aggregated for efficient energy management, supporting demand response etc. However, this data can contain sensitive information about individual’s energy usage patterns, behaviour, and preferences, which raises several privacy concerns. Data reliability is another major issue, as the data send from the smart meters to the aggregators may get corrupted due to errors introduced by the communication channel. In this paper, a private-key additive homomorphic encryption scheme based on polar codes is proposed for privacy preserving data aggregation. The proposed scheme not only ensures data confidentiality but also provide data reliability. The security of this scheme relies on the difficulty in decoding the codeword and is achieved by embedding security in the generator matrix and error vector. Security analysis shows that the proposed scheme is resistant against all known attacks against private-key code-based cryptosystems. The performance analysis is evaluated in terms of error performance, communication overhead and computational complexity. The performance comparison with related additive homomorphic encryption scheme shows the efficiency of the proposed scheme.

Enhanced privacy-preserving distributed deep learning with application to fog-based IoT

Generally, privacy-preserving distributed deep learning (PPDDL) solutions provided so far present a trade-off between privacy and efficiency/effectiveness, especially, in terms of high communication and run-time costs (i.e. efficiency) and declined accuracy (i.e. effectiveness). Additionally, not much attention has been paid to proposing privacy-preserving solutions that are multi-key compliant, able to extend to new participants and well fit for an unbounded number of participants as well as being post-quantum robust. Also, application of DDL to fog-based IoT needs more attention. To this effect, we present enhanced PPDDL by proposing two solutions (basic and advanced). The basic combines LWE-based additive homomorphic encryption and partial sharing, making it communication cost friendly. The advanced, however, uses a lattice-based fully dynamic multi-key fully homomorphic encryption (FHE) scheme and partial sharing with the additional advantages of being multi-key compliant, able to extend to new participants and well fit for an unbounded number of participants. Furthermore, we put our work in the context of Fog-Based IoT. Extensive experimental evaluations for the basic solution which also best suits the Fog-Based IoT, show that the PPDDL accuracy is maintained, recording accuracy of about 97% for the MNIST dataset. For a much deeper architecture, accuracy could reach about 99%. To assess the generalizability of the accuracy trend observed in the PPDDL, the proposed solution was also evaluated using the CIFAR-10 dataset with interesting results recorded in this study. This paper is innovative as it combines partial sharing and homomorphic encryption in DDL . Solutions are post-quantum robust and communication cost efficient.

Privacy-preserving multi-party logistic regression in cloud computing

In recent years, machine learning techniques have been widely deployed in various fields. However, machine learning faces problems like high computation overhead, low training accuracy, and poor security due to data silos, privacy issues and communication limitations, especially in the environment of cloud computing. Logistic regression (LR) is a popular machine learning method used for prediction, while current LR algorithms suffer from high computation cost and communication burden due to interactions between users and cloud servers. In this paper, we propose a Privacy-Preserving Multi-party Logistic Regression (PPMLR) algorithm, which achieves privacy-preserving and non-interactive gradient descent regression training in machine learning. PPMLR uses the Distributed two Trapdoors Public-Key Cryptosystem (DT-PKC) as a main building block, which satisfies additive homomorphic encryption. Specifically, users go off-line after encrypting local private data, then the service provider (SP) trains the global logistic regression model by interacting with the cloud server (CS), so that the confidentiality and privacy of user’s private data can be guaranteed during the training process. We prove by detailed security proof that PPMLR guarantees data and model privacy. Finally, we conduct experiments on two popular medical datasets from the UCI machine learning repository. The experimental results show that PPMLR can conduct privacy-preserving training efficiently. Comparison with the stat-of-the-art Privacy-Preserving Logistic Regression Algorithm (PPLRA) shows that the model training time is reduced by about 4 times.

FEVERLESS: Fast and Secure Vertical Federated Learning based on XGBoost for Decentralized Labels

Vertical Federated Learning (VFL) enables multiple clients to collaboratively train a global model over vertically partitioned data without leaking private local information. Tree-based models, like XGBoost and LightGBM, have been widely used in VFL to enhance the interpretation and efficiency of training. However, there is a fundamental lack of research on how to conduct VFL securely over distributed labels. This work is the first to fill this gap by designing a novel protocol, called FEVERLESS, based on XGBoost. FEVERLESS leverages secure aggregation via information masking technique and global differential privacy provided by a fairly and randomly selected noise leader to prevent private information from being leaked in the training process. Furthermore, it provides label and data privacy against honest-but-curious adversaries even in the case of collusion of <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$n - 2$</tex-math></inline-formula> out of n clients. We present a comprehensive security and efficiency analysis for our design, and the empirical results from our experiments demonstrate that FEVERLESS is fast and secure. In particular, it outperforms the solution based on additive homomorphic encryption in runtime cost and provides better accuracy than the local differential privacy approach.

Efficient and privacy-preserving tree-based inference via additive homomorphic encryption

Efficient and privacy-preserving tree-based inference via additive homomorphic encryption

PPOLQ: Privacy-Preserving Optimal Location Query With Multiple-Condition Filter in Outsourced Environments

The optimal location selection is one type of the location-based services (LBS) that aims to find the best location for a new facility from some candidate facilities given a set of existing facilities and a set of customers. Due to reliable and flexible cloud services, outsourcing such heavy-computation tasks has been a popular trend. However, since the cloud is not fully trusted, and the location data contains the sensitive information, privacy protection becomes an essential requirement for these services. Although some related works have been proposed to provide privacy protection, the privacy of data and queries, accuracy of query results, and multiple features of location data are not considered by them simultaneously. In this paper, we propose a privacy-preserving optimal location query scheme PPOLQ that supports multiple-condition filter and queries over multiple data providers in outsourced environments. Specifically, we first design a secure division protocol and a secure inner product protocol based on the Paillier algorithm and the random masking technique, respectively. After that, based on the proposed algorithms, the additive homomorphic encryption, and the secure two-party computation techniques, we develop a privacy-preserving optimal location query scheme. Finally, we analyze the security of our proposed algorithms and scheme in the semi-honest model. Meanwhile, we implement all algorithms and the proposed scheme, and our implementation is open source at Gitee. We also evaluate their performances using synthetic datasets, and extensive experiments show that our scheme is practical for the real-world applications.

E-Booster: A Field-Programmable Gate Array-Based Accelerator for Secure Tree Boosting Using Additively Homomorphic Encryption

E-Booster: A Field-Programmable Gate Array-Based Accelerator for Secure Tree Boosting Using Additively Homomorphic Encryption

FedSTN: Graph Representation Driven Federated Learning for Edge Computing Enabled Urban Traffic Flow Prediction

Predicting traffic flow plays an important role in reducing traffic congestion and improving transportation efficiency for smart cities. Traffic Flow Prediction (TFP) in the smart city requires efficient models, highly reliable networks, and data privacy. As traffic data, traffic trajectory can be transformed into a graph representation, so as to mine the spatio-temporal information of the graph for TFP. However, most existing work adopt a central training mode where the privacy problem brought by the distributed traffic data is not considered. In this paper, we propose a Federated Deep Learning based on the Spatial-Temporal Long and Short-Term Networks (FedSTN) algorithm to predict traffic flow by utilizing observed historical traffic data. In FedSTN, each local TFP model deployed in an edge computing server includes three main components, namely Recurrent Long-term Capture Network (RLCN) module, Attentive Mechanism Federated Network (AMFN) module, and Semantic Capture Network (SCN) module. RLCN can capture the long-term spatial-temporal information in each area. AMFN shares short-term spatio-temporal hidden information when it trains its local TFP model by the additive homomorphic encryption approach based on Vertical Federated Learning (VFL). We employ SCN to capture semantic features such as irregular non-Euclidean connections and Point of Interest (POI). Compared with existing baselines, several simulations are conducted on practical data sets and the results prove the effectiveness of our algorithm.

Lattice based distributed threshold additive homomorphic encryption with application in federated learning

In federated learning (FL), a parameter server needs to aggregate user gradients and a user needs to protect the value of their gradients. Among all the possible solutions to the problem, those based on additive homomorphic encryption (AHE) are natural. As users may drop out in FL and an adversary could corrupt some users and the parameter server, we require a dropout-resilient AHE scheme with a distributed key generation algorithm. In this paper, we aim to provide a lattice based distributed threshold AHE (DTAHE) scheme and to show their applications in FL. The main merit of the DTAHE scheme is to save communication bandwidth compared with other latticed based DTAHE schemes. Embedding the scheme into FL, we get two secure aggregation protocols. One is secure against a semi-honest adversary and the other is secure against an active adversary. The latter exploits a smart contract in a ledger. Finally, we provide security proofs and performance analysis for the scheme and protocols.

Query extraction based on encrypted features for CBIR from cloud

Due to the increasing use of mobile devices, content-based image retrieval is gaining massive popularity as mobile devices run on batteries. It cannot perform heavy image processing computation, so mobile users can extract just image features and offload them to the cloud. The cloud will perform content-based image searches and return a search result. COREL10K images dataset was selected, and VGG16, RESNET, DENSENET, and MOBILE NET algorithms were applied. Finally, the method with the best performance is preferred. Also, PAHE (Packed Additive Homomorphic Encryption) algorithm is selected to encrypt the feature vectors, and image similarity calculations are done with Secure Multi-party Computation (SMC). The following parameters are used for each algorithm to calculate accuracy, precision, recall, Jaccard index, error rates, and F1-score. The algorithms are then compared and selected the best algorithm. The best model obtained is VGG16, with the highest accuracy. The procedure can help Mobile users perform content-based image searches by extracting features and then uploading them to the cloud.

Authenticable Data Analytics Over Encrypted Data in the Cloud

Statistical analytics on encrypted data requires a fully-homomorphic encryption (FHE) scheme. However, heavy computation overheads make FHE impractical. In this paper we propose a novel approach to achieve privacy-preserving statistical analysis on an encrypted database. The main idea of this work is to construct a privacy-preserving calculator to calculate attributes’ count values for later statistical analysis. To authenticate these encrypted count values, we adopt an authenticable additive homomorphic encryption scheme to construct the calculator. We formalize the notion of an authenticable privacy-preserving calculator that has properties of broadcasting and additive homomorphism. Further, we propose a cryptosystem based on binary vectors to achieve complex logic expressions for statistical analysis on encrypted data. With the aid of the proposed cryptographic calculator, we design several protocols for statistical analysis including conjunctive, disjunctive and complex logic expressions to achieve more complicated statistical functionalities. Experimental results show that the proposed scheme is feasible and practical.

Integrated Privacy Preserving Healthcare System Using Posture-Based Classifier in Cloud

Privacy-preserving online disease prediction and diagnosis are critical issues in the emerging edge-cloud-based healthcare system. Online patient data processing from remote places may lead to severe privacy problems. Moreover, the existing cloud-based healthcare system takes more latency and energy consumption during diagnosis due to offloading of live patient data to remote cloud servers. Solve the privacy problem. The proposed research introduces the edge-cloud enabled privacy-preserving healthcare system by exploiting additive homomorphic encryption schemes. It can help maintain the privacy preservation and confidentiality of patients’ medical data during diagnosis of Parkinson’s disease. In addition, the energy and delay aware computational offloading scheme is proposed to minimize the uncertainty and energy consumption of end-user devices. The proposed research maintains the better privacy and robustness of live video data processing during prediction and diagnosis compared to existing healthcare systems.

Privacy-Enhanced and Verification-Traceable Aggregation for Federated Learning

Federated learning (FL) is a distributed machine learning framework, which allows multiple users to collaboratively train and obtain a global model with high accuracy. Currently, FL is paid more attention by researchers and a growing number of protocols are proposed. This article first analyzes the security vulnerabilities of the VerifyNet and VeriFL protocols, and proposes a new aggregation protocol for FL. We use additive homomorphic encryption and double masking to simultaneously protect the user’s local model and the aggregated global model while most of the existing protocols only consider the privacy of the local model. Also, linear homomorphic hash and digital signature are used to achieve traceable verification, which means the users can not only verify the aggregation results, but also be able to identify the wrong epoch if the results are wrong. In summary, our protocol can realize the privacy of the local model and global model and achieve verification traceability even if the cloud server colludes with malicious users. The experimental results show that the proposed protocol improves the security of FL without decreasing the efficiency of the users and classification accuracy of the training model.

Privacy-Preserving and Real-Time Detection of Vehicular Congestion Using Multilayer Perceptron Approach for Internet of Vehicles

Detection of vehicular congestion has a significant effect on the transportation sector. Several research approaches have been proposed to improve accuracy and efficiency with the advent of the Internet of Vehicles (IoV). Nonetheless, the privacy issue has attracted little attention on congestion detection. In this paper, we put forward a privacy-preserving and efficient scheme for vehicular congestion detection with both horizontal and vertical partitioned vehicular sensing data using Multilayer Perceptron (MLP) approach. Particularly, this work considers that different vehicle manufacturers would choose their encryption systems, which poses a challenge on how to collaboratively train an MLP model on these heterogeneous encrypted sensing data. To address this challenge, we utilize proxy re-encryption and additive homomorphic encryption schemes for preserving the confidentiality of raw sensing data and learning models while maintaining secure computation efficiency. Formally security analysis is provided to demonstrate that our proposed scheme is able to guarantee the privacy of the MLP learning process. Finally, we implement our scheme and evaluate it with real datasets. Experimental results show the effectiveness and feasibility of our MLP learning under multiple encryption systems for vehicular congestion detection.

Efficient privacy-preserving aggregation for demand side management of residential loads

An effective tool used in practice to maintain network balance is residential demand side management (DMS). However, privacy concerns related to the processing of user personal consumption data often result in a slow wide-scale adoption and acceptance. Various general purpose cryptographic techniques are available, such as homomorphic encryption and secure multi-party computation (MPC), to address these privacy-concerns. Unfortunately, these come at a significant computation price which makes them not applicable in many practical scenarios. In this work, a privacy-preserving aggregation algorithm, based on additive random shares and a combination of well-established symmetric and asymmetric key cryptography methods is proposed and compared with additive homomorphic encryption (AHE) techniques and state-of-the-art MPC protocols. The results show that generic techniques such as homomorphic encryption come with significant computational and communication cost, especially at the users side. On the other hand, MPC approaches provide better performance and resilience to dropouts for very large networks but entail a complex communication among users. In this context, the proposed additive random shares algorithm was the most balanced choice for DSM, with a good performance, simpler information flow and the possibility of adding redundant intermediary parties for enhanced resilience.

An efficient secure data transmission and node authentication scheme for wireless sensing networks

With the development of big data era, wireless sensor networks (WSNs) are widely used. However, the wireless sensing network has the disadvantages that it is difficult to monitor after deployment and the node energy after deployment cannot be supplemented. Therefore, this paper proposes an efficient and high-performance data acquisition scheme, and realizes the authentication of effective nodes and the confidentiality of data transmission. Firstly, the sensing node uses compressed sensing sampling network (CSSN) to complete high-performance data collection, and applies deep learning to wireless sensing network data collection. Secondly, the lightweight hash algorithm is applied to process the ID and timestamp time of each node to realize the identification and authentication of the sink node, and avoid the replay attack. Finally, the Paillier additive homomorphic encryption is used to encrypt the signed data to realize the confidential transmission of data. At the same time, this scheme evaluates the reputation of each sense node and deletes the damaged nodes invaded by attackers from the network. Taking image information acquisition as an example, a large number of experiments have proved the feasibility and applicability of this scheme.

Scalable Multi-Party Privacy-Preserving Gradient Tree Boosting over Vertically Partitioned Dataset with Outsourced Computations

Due to privacy concerns, multi-party gradient tree boosting algorithms have become widely popular amongst machine learning researchers and practitioners. However, limited existing works have focused on vertically partitioned datasets, and the few existing works are either not scalable or tend to leak information. Thus, in this work, we propose SSXGB, which is a scalable and acceptably secure multi-party gradient tree boosting framework for vertically partitioned datasets with partially outsourced computations. Specifically, we employ an additive homomorphic encryption (HE) scheme for security. We design two sub-protocols based on the HE scheme to perform non-linear operations associated with gradient tree boosting algorithms. Next, we propose secure training and prediction algorithms under the SSXGB framework. Then, we provide theoretical security and communication analysis for the proposed framework. Finally, we evaluate the performance of the framework with experiments using two real-world datasets.

Privacy-Preserving Outsourcing Scheme for SVM on Vertically Partitioned Data

Support vector machine (SVM) is an important technique for data classification. Traditional SVM assumes free access to data. If the data are split and held by different users, for privacy reasons, users are likely unwilling to submit their data to a third party for classification. In this paper, by using additive homomorphic encryption and random transformations (matrix transformation and vector decomposition), we design a privacy-preserving outsourcing scheme for conducting Least Squares SVM (LS-SVM) classification on vertically partitioned data. In our system, multiple data owners (users) submit their encrypted data to two non-colluding service providers, which conduct SVM algorithm on it. During the execution of our algorithm, neither service provider learns anything about the input data, the intermediate results, or the predicted result. In other words, our algorithm is encrypted in the whole process. Extensive theoretical analysis and experimental evaluation demonstrate the correctness, security, and efficiency of the method.

EPMDA-FED: Efficient and Privacy-Preserving Multidimensional Data Aggregation Scheme With Fast Error Detection in Smart Grid

Smart grids bring advantages of reliabilty and high efficiency by real-time communication technologies in contrast to the traditional grids. However, smart grids also raise concerns about privacy and security for the individual fine-grained information collection. In order to guarantee privacy and securtiy in the grids, we propose an efficient and privacy-preserving multidimensional data aggregation scheme without a third trusted party and supporting fast error detection, named EPMDA-FED, in the paper. Firstly, we adopt Chinese Remainder Theorem to pack multidimensional data and encrypt the processed data using the keys generated by the negotiation among users and the control center. Secondly, our scheme is efficient for encryption without high-cost additive homomorphic public key encryption scheme, such as Paillier cryptosystem and supporting batch verification with fast error detection. Our proposed error detection algorithm is quite efficient with sublinear computation complexity. Besides, through security analysis, EPMDA-FED is semantically secure against collusion attack and the consistency of negotiated key, authenticity and data integrity of the users’ reports are guaranteed. Finally, performance evaluation shows EPMDA-FED is more efficient than existing competing approaches in terms of computation and communication overhead.

A secure searchable encryption scheme for cloud using hash-based indexing

Cloud service for data outsourcing has triggered security and privacy needs that can be satisfied by encrypting data prior to outsourcing to the cloud. Searchable Encryption that uses methods like homomorphic encryption is inefficient and impractical. In this paper, we have proposed a secure searchable encryption scheme using Hash based Indexing that consists of Elliptic curve based ElGamal additive homomorphic encryption. The use of indexing reduces computational load on the cloud server and users. The scheme obviates the need for generation and resource intensive processing on complex trapdoor system and binary query scheme. The security of this system relies on the Elliptic curve discrete logarithm problem assumption. Comparison analysis is performed and experimental results prove the suitability for the large data sets, while efficiently supporting the dynamic updates and effective ranking of precise files corresponding to the requested multi keywords.