Cryptology ePrint Archive: Report 2017/715

Privacy-Preserving Deep Learning via Additively Homomorphic Encryption

Le Trieu Phong and Yoshinori Aono and Takuya Hayashi and Lihua Wang and Shiho Moriai

Abstract: We build a privacy-preserving deep learning system in which many learning participants perform neural network-based deep learning over a combined dataset of all, without actually revealing the participants' local data. To that end, we revisit the previous work by Shokri and Shmatikov (ACM CCS 2015) and point out that local data information may be actually leaked to an honest-but-curious server. We then move on to fix that problem via building an enhanced system with following properties: (1) no information is leaked to the server; and (2) accuracy is kept intact, compared to that of the ordinary deep learning system also over the combined dataset.

Our system is a bridge between deep learning and cryptography: we utilise stochastic gradient descent (SGD) applied to neural networks, in combination with additively homomorphic encryption. We show that our usage of encryption adds tolerable overhead to the ordinary deep learning system.

Category / Keywords: applications /

Original Publication (with major differences): ATIS 2017

Date: received 24 Jul 2017, last revised 31 Jul 2017

Contact author: phong at nict go jp

Available format(s): PDF | BibTeX Citation

Version: 20170801:045319 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]