Abstract
One-hot maps are commonly used in the AI domain. Unsurprisingly, they can also bring great benefits to ML-based algorithms such as decision trees that run under Homomorphic Encryption (HE), specifically CKKS. Prior studies in this domain used these maps but assumed that the client encrypts them. Here, we consider different tradeoffs that may affect the client’s decision on how to pack and store these maps. We suggest several conversion algorithms when working with encrypted data and report their costs. Our goal is to equip the ML over HE designer with the data it needs for implementing encrypted one-hot maps.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aharoni, E., et al.: HeLayers: a tile tensors framework for large neural networks on encrypted data. CoRR abs/2011.0 (2020). ar**v:2011.01805
Aharoni, E., Drucker, N., Ezov, G., Shaul, H., Soceanu, O.: Complex encoded tile tensors: accelerating encrypted analytics. IEEE Secur. Priv. 20(5), 35–43 (2022). https://doi.org/10.1109/MSEC.2022.3181689
Albrecht, M., et al.: Homomorphic encryption security standard. Technical report, HomomorphicEncryption.org, Toronto, Canada (2018). https://HomomorphicEncryption.org
Ameur, Y., Aziz, R., Audigier, V., Bouzefrane, S.: Secure and non-interactive k-NN classifier using symmetric fully homomorphic encryption. In: Domingo-Ferrer, J., Laurent, M. (eds.) PSD 2022. LNCS, vol. 13463, pp. 142–154. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-13945-1_11
Aslett, L.J.M., Esperança, P.M., Holmes, C.C.: Encrypted statistical machine learning: new privacy preserving methods (2015). ar**v:1508.06845
Brakerski, Z.: Fully homomorphic encryption without modulus switching from classical GapSVP. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 868–886. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-32009-5_50
Brakerski, Z., Gentry, C., Vaikuntanathan, V.: (Leveled) fully homomorphic encryption without bootstrap**. ACM Trans. Comput. Theory 6(3), 1–36 (2014). https://doi.org/10.1145/2633600
Centers for Medicare & Medicaid Services: The Health Insurance Portability and Accountability Act of 1996 (HIPAA) (1996). https://www.hhs.gov/hipaa/
Chakraborty, O., Zuber, M.: Efficient and accurate homomorphic comparisons. In: Proceedings of the 10th Workshop on Encrypted Computing & Applied Homomorphic Cryptography, WAHC 2022, pp. 35–46. Association for Computing Machinery, New York (2022). https://doi.org/10.1145/3560827.3563375
Cheon, J.H., Han, K., Kim, A., Kim, M., Song, Y.: A full RNS variant of approximate homomorphic encryption. In: Cid, C., Jacobson, M.J., Jr. (eds.) SAC 2018. LNCS, vol. 11349, pp. 347–368. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-10970-7_16
Cheon, J.H., Kim, A., Kim, M., Song, Y.: Homomorphic encryption for arithmetic of approximate numbers. In: Takagi, T., Peyrin, T. (eds.) ASIACRYPT 2017. LNCS, vol. 10624, pp. 409–437. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70694-8_15
Cheon, J.H., Kim, D., Kim, D.: Efficient homomorphic comparison methods with optimal complexity. In: Moriai, S., Wang, H. (eds.) ASIACRYPT 2020. LNCS, vol. 12492, pp. 221–256. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-64834-3_8
CryptoLab: HEaaN: Homomorphic Encryption for Arithmetic of Approximate Numbers (2022). https://www.cryptolab.co.kr/eng/product/heaan.php
Drucker, N., Moshkowich, G., Pelleg, T., Shaul, H.: BLEACH: cleaning errors in discrete computations over CKKS. Cryptology ePrint Archive, Paper 2022/1298 (2022). https://eprint.iacr.org/2022/1298
EU General Data Protection Regulation: Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journal of the European Union 119 (2016). http://data.europa.eu/eli/reg/2016/679/oj
Fan, J., Vercauteren, F.: Somewhat practical fully homomorphic encryption. In: Proceedings of the 15th International Conference on Practice and Theory in Public Key Cryptography, pp. 1–16 (2012). https://eprint.iacr.org/2012/144
Gartner: Gartner identifies top security and risk management trends for 2021. Technical report (2021). https://www.gartner.com/en/newsroom/press-releases/2021-03-23-gartner-identifies-top-security-and-risk-management-t
Halevi, S.: Homomorphic encryption. In: Lindell, Y. (ed.) Tutorials on the Foundations of Cryptography. ISC, pp. 219–276. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-57048-8_5
IBM: HELayers SDK with a Python API for x86 (2021). https://hub.docker.com/r/ibmcom/helayers-pylab
Iliashenko, I., Zucca, V.: Faster homomorphic comparison operations for BGV and BFV. Proc. Priv. Enhancing Technol. 3, 246–264 (2021). https://petsymposium.org/popets/2021/popets-2021-0046.pdf
Kim, S., Omori, M., Hayashi, T., Omori, T., Wang, L., Ozawa, S.: Privacy-preserving naive bayes classification using fully homomorphic encryption. In: Cheng, L., Leung, A.C.S., Ozawa, S. (eds.) ICONIP 2018. LNCS, vol. 11304, pp. 349–358. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-04212-7_30
Lee, E., Lee, J.W., Kim, Y.S., No, J.S.: Minimax approximation of sign function by composite polynomial for homomorphic comparison. IEEE Trans. Dependable Secure Comput. (2021). https://doi.org/10.1109/TDSC.2021.3105111
Lyubashevsky, V., Micciancio, D., Peikert, C., Rosen, A.: SWIFFT: a modest proposal for FFT hashing. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 54–72. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71039-4_4
Lyubashevsky, V., Peikert, C., Regev, O.: On ideal lattices and learning with errors over rings. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 1–23. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_1
Magara, S.S., et al.: ML with HE: privacy preserving machine learning inferences for genome studies. Technical report 1 (2021). ar**v:2110.11446
Onoufriou, G., Mayfield, P., Leontidis, G.: Fully homomorphically encrypted deep learning as a service. Mach. Learn. Knowl. Extract. 3(4), 819–834 (2021). https://doi.org/10.3390/make3040041
Rescorla, E.: The transport layer security (TLS) protocol version 1.3. RFC 8446 (2018). https://www.rfc-editor.org/info/rfc8446
The HEBench Organization: HEBench (2022). https://hebench.github.io/
Zhang, L., Xu, J., Vijayakumar, P., Sharma, P.K., Ghosh, U.: Homomorphic encryption-based privacy-preserving federated learning in IoT-enabled healthcare system. IEEE Trans. Netw. Sci. Eng. 1–17 (2022). https://doi.org/10.1109/TNSE.2022.3185327
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Appendices
A Computing the \({\textbf{S}}[c]\) Tree
In Sect. 4.3 we explained why we need to modify Algorithms 1 and 2 when performed under encryption. Here, provide an algorithm and code to compute the shadow tree that results from the \({\textbf{S}}[c]\) values.
We explain the algorithm by an example. Consider a tree of \(n=8\) leaves that represents a one-hot map of 8 elements. The corresponding \({\textbf{S}}[c]\) values are:
It is easy to see the alternate sign pattern of Observation 1 and that Observation 2 follows from symmetry. We are now ready to describe Algorithm 3, which generates the \({\textbf{s}}[c]\) shadow tree. The algorithm gets the number of tree levels \(\ell \) as input. For every leaf c, it computes the list of indices \({\textbf{S}}_0[c]\) in Steps 3–4. Next, it builds an initial tree T by going from the leaves up to the root. At every level l, for every node i, it computes the intersection \({\textbf{S}}_{l}[2i] \cap S_{l}[2i+1]\) of its two sons and stores the results in \({\textbf{S}}_{l+1}\). In addition, the algorithm stores in the tree nodes the unique elements that are associated with them (Steps 8–9). The idea is to construct a tree that holds the elements of \({\textbf{S}}[c]\) when going through the \(T.\text {path} (c)\).
Observation 1
For \(c \in [n]\), when c is odd \({\textbf{S}}[c]<0\) otherwise \({\textbf{S}}[c]>0\).
Observation 2
For \(c \in [n]\), \({\textbf{S}}[c] = - {\textbf{S}}[n-c] \).
![figure d](http://media.springernature.com/lw685/springer-static/image/chp%3A10.1007%2F978-3-031-34671-2_8/MediaObjects/544096_1_En_8_Figd_HTML.png)
Figure 4 shows the tree T for \(n=8\) after Step 9. Note the symmetry of the tree that follows Observation 2. Next, Algorithm 1 computes the desired product by multiplying the siblings of the nodes on a path to the leaf. Thus, we need to move the relevant \({\textbf{S}}[c]\) elements to be on that path as well. This is done in Steps 10–12. Finally, we convert the lists of values on the tree nodes to integers by computing their product in step 15. We also divide every node by its sons’ product to avoid multiplying a single element twice later on once traversing the tree to compute the final product \({\textbf{S}}[c]\) per leaf. The results are presented in Fig. 5. To understand how the shadow \({\textbf{S}}[c]\) is related to T, we present also T in Fig. 6. Furthermore, we demonstrate the final Lagrange interpolation value for leaf 3 by highlighting in red all the product operands that are used by Algorithm 1.
Table 2 shows the minimal and maximal values of a tree of n nodes. We see that the values are not too extreme when \(n\le 2^5\).
B An Example for the Hierarchical CRT Representation
The following example demonstrate the hierarchical CRT representation.
Example 4
Let \(n=10{,}000\) and \(a=5{,}678\), then the hierarchies are
![figure e](http://media.springernature.com/lw685/springer-static/image/chp%3A10.1007%2F978-3-031-34671-2_8/MediaObjects/544096_1_En_8_Fige_HTML.png)
To encode a the client computes the 8 residues values
and their respective maps:
In this example, the number of required slots is \(m_3=36\) which is smaller than \(r=38\) above.
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Aharoni, E., Drucker, N., Kushnir, E., Masalha, R., Shaul, H. (2023). Generating One-Hot Maps Under Encryption. In: Dolev, S., Gudes, E., Paillier, P. (eds) Cyber Security, Cryptology, and Machine Learning. CSCML 2023. Lecture Notes in Computer Science, vol 13914. Springer, Cham. https://doi.org/10.1007/978-3-031-34671-2_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-34671-2_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-34670-5
Online ISBN: 978-3-031-34671-2
eBook Packages: Computer ScienceComputer Science (R0)