基于同态加密的神经网络模型训练方法

Neural Network Model Training Method Based on Homomorphic Encryption

针对云环境下数据隐私泄露与基于同态加密的隐私保护神经网络中精度不足的问题,文中提出了一种双服务器协作的隐私保护神经网络训练(PPNT)方案,在云服务器协同训练过程中实现了对数据传输、计算过程及模型参数的隐私保护。首先,为避免使用多项式近似方法实现指数和比较等非线性函数,并提高非线性函数的计算精度,基于Paillier半同态加密方案和加法秘密共享技术设计了一系列基础安全计算协议;其次,在已设计的安全计算协议基础上,构造了神经网络中的全连接层、激活层、Softmax层及反向传播相应的安全计算协议,以实现PPNT方案;最后,通过理论与安全性分析,证明了PPNT方案的正确性及安全性。性能实验结果显示,与PPMLaaS方案相比,PPNT方案的模型精度提高了1.7%,且在安全计算过程中支持客户端离线。

Aiming at the problem of data privacy leakage in cloud environment and insufficient accuracy in the privacy-preserving neural network based on homomorphic encryption,a privacy-preserving neural network training scheme(PPNT)is proposed for collaborative dual cloud servers,to achieve the goal of data transmission,computing security and model parameter under the collaborative training process of dual cloud servers.Firstly,in order to avoid using polynomial approximation method to realize nonlinear functions such as exponent and comparison,and improve the calculation accuracy of nonlinear function,a series of secure computing protocols are designed based on Paillier partially homomorphic encryption technology and additive secret sharing scheme.Furthermore,corresponding secure computing protocols of full connection layer,activation layer,softmax layer and back propagation in neural network are constructed to realize PPNT based on the designed secure computing protocols.Finally,theoretical and security analysis guarantees the correctness and security of PPNT.The actual performance results show that compared with the dual server scheme--privacy protection machine learning as a service(PPMLaaS),the model accuracy of PPNT improves by 1.7%,and supports the client offline in the process of secure computing.