Generating One-Hot Maps Under Encryption

Abstract

One-hot maps are commonly used in the AI domain. Unsurprisingly, they can also bring great benefits to ML-based algorithms such as decision trees that run under Homomorphic Encryption (HE), specifically CKKS. Prior studies in this domain used these maps but assumed that the client encrypts them. Here, we consider different tradeoffs that may affect the client’s decision on how to pack and store these maps. We suggest several conversion algorithms when working with encrypted data and report their costs. Our goal is to equip the ML over HE designer with the data it needs for implementing encrypted one-hot maps.

Appendices

A Computing the \({\textbf{S}}[c]\) Tree

In Sect. 4.3 we explained why we need to modify Algorithms 1 and 2 when performed under encryption. Here, provide an algorithm and code to compute the shadow tree that results from the \({\textbf{S}}[c]\) values.

We explain the algorithm by an example. Consider a tree of \(n=8\) leaves that represents a one-hot map of 8 elements. The corresponding \({\textbf{S}}[c]\) values are:

$$\begin{aligned} {\textbf{S}}[0] = \prod _{i=-7}^{-1}{i^{-1}}{} & {} {\textbf{S}}[1] = \prod _{\begin{array}{c} i=-6 \\ i\ne 0 \end{array}}^{1}{i^{-1}}{} & {} {\textbf{S}}[2] = \prod _{\begin{array}{c} i=-5 \\ i\ne 0 \end{array}}^{2}{i^{-1}}{} & {} {\textbf{S}}[3] = \prod _{\begin{array}{c} i=-4 \\ i\ne 0 \end{array}}^{3}{i^{-1}} \\ {\textbf{S}}[4] = \prod _{\begin{array}{c} i=-3 \\ i\ne 0 \end{array}}^{4}{i^{-1}}{} & {} {\textbf{S}}[5] = \prod _{\begin{array}{c} i=-2 \\ i\ne 0 \end{array}}^{5}{i^{-1}}{} & {} {\textbf{S}}[6] = \prod _{\begin{array}{c} i=-1 \\ i\ne 0 \end{array}}^{6}{i^{-1}}{} & {} {\textbf{S}}[7] = \prod _{i=1}^{7}{i^{-1}} \end{aligned}$$

It is easy to see the alternate sign pattern of Observation 1 and that Observation 2 follows from symmetry. We are now ready to describe Algorithm 3, which generates the \({\textbf{s}}[c]\) shadow tree. The algorithm gets the number of tree levels \(\ell \) as input. For every leaf c, it computes the list of indices \({\textbf{S}}_0[c]\) in Steps 3–4. Next, it builds an initial tree T by going from the leaves up to the root. At every level l, for every node i, it computes the intersection \({\textbf{S}}_{l}[2i] \cap S_{l}[2i+1]\) of its two sons and stores the results in \({\textbf{S}}_{l+1}\). In addition, the algorithm stores in the tree nodes the unique elements that are associated with them (Steps 8–9). The idea is to construct a tree that holds the elements of \({\textbf{S}}[c]\) when going through the \(T.\text {path} (c)\).

Observation 1

For \(c \in [n]\), when c is odd \({\textbf{S}}[c]<0\) otherwise \({\textbf{S}}[c]>0\).

Observation 2

For \(c \in [n]\), \({\textbf{S}}[c] = - {\textbf{S}}[n-c] \).

Fig. 4.

An example of the resulted tree T after the first phase of Algorithm 3 (Steps 1–9) when \(n=8\).

Figure 4 shows the tree T for \(n=8\) after Step 9. Note the symmetry of the tree that follows Observation 2. Next, Algorithm 1 computes the desired product by multiplying the siblings of the nodes on a path to the leaf. Thus, we need to move the relevant \({\textbf{S}}[c]\) elements to be on that path as well. This is done in Steps 10–12. Finally, we convert the lists of values on the tree nodes to integers by computing their product in step 15. We also divide every node by its sons’ product to avoid multiplying a single element twice later on once traversing the tree to compute the final product \({\textbf{S}}[c]\) per leaf. The results are presented in Fig. 5. To understand how the shadow \({\textbf{S}}[c]\) is related to T, we present also T in Fig. 6. Furthermore, we demonstrate the final Lagrange interpolation value for leaf 3 by highlighting in red all the product operands that are used by Algorithm 1.

Fig. 5.

Results of Algorithm 3 when \(n=8\), Red nodes show the multiplications required for computing \({\textbf{o}}[3]\) on Algorithm 1 Step 11.

Fig. 6.

The tree T generated in Algorithms 1 and 2 at Step 6. Red nodes show the multiplications required for computing \({\textbf{o}}[3]\) on Algorithm 1 Step 11.

Table 2 shows the minimal and maximal values of a tree of n nodes. We see that the values are not too extreme when \(n\le 2^5\).

Table 2. Bounds on the positive values in the \(S_c\) tree.

B An Example for the Hierarchical CRT Representation

The following example demonstrate the hierarchical CRT representation.

Example 4

Let \(n=10{,}000\) and \(a=5{,}678\), then the hierarchies are

To encode a the client computes the 8 residues values

$$\begin{aligned}&a_1 = a \pmod {n_1} = 78{} & {} a_2=a \pmod {n_2} = 22 \\&a_{11} = a_1 \pmod {n_{11}} = 8{} & {} a_{12} = a_1 \pmod {n_{21}} = 0 \\&a_{12} = a_2 \pmod {n_{12}} = 1{} & {} a_{22} = a_2 \pmod {n_{22}} = 10 \\&a_{111/112/121/122}=[0, 3, 1, 1]{} & {} a_{211/212/221/222} = [0, 0, 2, 0] \end{aligned}$$

and their respective maps:

$$\begin{aligned}&{\textbf{o}}_{a, 1*} = \left( (1,0,0,0), (0,0,0, 1, 0), (0,1,0,0), (0,1,0, 0, 0)\right) \\&{\textbf{o}}_{a, 2*} = \left( (1,0,0,0), (1,0,0, 0, 0), (0,0,1,0), (1,0,0, 0, 0)\right) \end{aligned}$$

In this example, the number of required slots is \(m_3=36\) which is smaller than \(r=38\) above.