摘要
key-nets作为第一个光学同态加密方案,用以保护用于机器学习的图像的隐私。但是在视觉传感器被非法获得的情况下,笔者通过求解线性方程组得到了key-nets方案中用于加密图像的密钥。鉴于该方案中存在的这一安全隐患以及机器学习模型训练的困难性,笔者借助Diffie-Hellman密钥交换协议,提出了一种在不改变原卷积网络结构的条件下,每次加密都可以使用不同的广义随机矩阵的同态加密方案,进而在提高了key-nets的加密密钥的安全性的同时,也提高了与视觉传感器相匹配的卷积网络的安全性。通过对方案的可行性、隐私参数以及前向安全性、后向安全性等方面的分析,证明了改进后的方案即使在攻击者非法获得视觉传感器的情况下,图片信息仍能够被保护。
key-nets,as the first optical homomorphic encryption scheme,is used toprotect the privacy of images used for machine learning.However,in the case of the vision sensor being obtained illegally,the author obtained the key used to encrypt the image in the key-nets scheme by solving the system of linear equations.In view of the security risks in this scheme and the difficulty of machine learning model training,this paper proposes a homomorphic encryption scheme that can use different generalized random matrices for each encryption without changing the original convolutional network structure,and further use the Diffie-Hellman key exchange protocol,which improves the security of the encryption key-nets and also improves the security of the convolutional network matching the vision sensor.Through the analysis of the feasibility of the scheme,privacy parameters,forward security,backward security,etc.,it is proved that the improved scheme can still protect the image information even if the attacker illegally obtains the visual sensor.
作者
李文华
董丽华
曾勇
LI Wenhua;DONG Lihua;ZENG Yong(School of Telecommunications Engineering,Xidian University,Xi’an 710071,China;School of Network and Information Security,Xidian University,Xi’an 710071,China)
出处
《西安电子科技大学学报》
EI
CAS
CSCD
北大核心
2023年第1期192-202,共11页
Journal of Xidian University
基金
国家自然科学基金(61941105)。
