| Driven by the demand of multi-source data fusion,collaborative machine learning has become the key technology to break the barrier of data island and give full play to the value of data.The sharing of data and model causes the problem of privacy disclosure,which seriously hinders the exertion of data utility.Using the privacy computing,we can protect the data and models privacy,while computing machine learning algorithms.However,with the rise of big data,cloud computing,artificial intelligence et al.,there is a trend of data isomerization,model complexity and large scale users for collaborative machine learning,which brings new challenges to the privacy computing.For centralized machine learning,how to improve the scalability of large-scale linear privacy computing with parallel acceleration,the verifiability of matrix privacy computing with distributed acceleration,the lightweight of multiparty privacy machine learning,and for federated learning,how to solve the problems of non-interactive verifiability,are the key problems to be solved.This thesis takes the building of a privacy computing machine learning scheme that achieving a balance between security and efficiency as the ultimate goal.For the problem of scalability,verifiability,and lightweight in centralized privacy computing machine learning,a scalable high throughput secure multiparty multiplication computing protocol is proposed,a verifiable distributed secure multi-party matrix polynomial computing protocol is proposed,and a lightweight secure three party machine learning scheme is proposed.For the problem of the non-interactive verifiability in distributed federated learning,a non-interactive verifiable model privacy aggregation federated learning scheme is proposed.1.Aiming at the flexibility in large-scale secure multiparty multiplication computation with parallel acceleration,a scalable high throughput secure multiparty multiplication protocol is proposed.First,a shared bipartite graph model is constructed for the product cross-terms generated by multiplication based on additive sharing,and based on this model a shared bipartite graph partition algorithm with optimal communication is proposed.Secondly,based on the partition algorithm,a scalable repeated secret sharing model is proposed,and a secure multi-party multiplication protocol with single round optimal communication is designed.Combinable secure analysis shows that,under the semi-honest assumption,the protocol can realize secure multiplication computation.The performance analysis shows that the protocol has the characteristics of low communication and simple computation while the participants are scalable.It can improve the throughput of secure multiparty multiplication on standard devices through high concurrent execution.2.Aiming at the robustness in large-scale secure multiparty multiplication computation with distributed acceleration,a batched verifiable distributed matrix polynomial privacy computing protocol(SBV-DMPC)is proposed.First,a matrix sharing transformation strategy with low communication and robustness to computing nodes’ failures is constructed.Furthermore,based on the sharing transformation,a matrix multiplication privacy computing protocol supporting continuous distributed matrix multiplication is proposed,then a sharing generation protocol for matrix product digest is proposed.Secondly,using the consistency between the random linear combination of matrix digest and the new matrix digest generated by the random linear combination of matrix,a batch verifiable distributed matrix polynomial privacy computing protocol is designed.The secure analysis shows that SBV-DMPC can realize the privacy computing for the distributed matrix polynomial,and verify the final results in batches,even in the case of computing nodes’ failures and malicious collusion attacks.Performance evaluation shows that SBV-DMPC has the advantages of low online communication complexity and high verification efficiency.3.Aiming at the efficiency of complex nonlinear activation functions in privacy computing machine learning,a secure three party nonlinear activation function computing protocol is proposed,and a lightweight privacy computing machine learning scheme is constructed.First,to achieve lightweight hybrid shared computing with additive and multiplicative sharing,we creatively proposed a sharing generation protocol with localized tripartite product of 1,a multiplicative sharing generation protocol,and designed a transformation strategy for converting the additive sharing to the multiplicative sharing with a single round communication.Secondly,based on the multiplicative sharing method,two secure three party activation function sub-protocols are designed,which is used as the underlying privacy computing tool,to build the privacy computing scheme of two machine learning models,for logic regression and neural network,under the hybrid sharing computing framework.The scheme is lightweight because it avoids the use of public key encryption with expensive computation.The analysis of theory and simulation experiments shows that the proposed activation function privacy computing sub-protocols is computationally efficient,and has advantages in the communication round and complex.It reduces the cost proportion of nonlinear activation function in the total overhead of machine learning,thus it improves the efficiency of privacy computing machine learning.4.Aiming at achieving the efficiency balance between model privacy protection and the verifiability of aggregation model in privacy computing federated learning,the thesis proposes a non-interactive verifiable federated learning model aggregation privacy computing scheme(NIVP-DS)based on dual servers.First,we use matrix polynomial coding to construct a matrix sharing model for dual servers,and design a model privacy aggregation scheme with low communication under the semi-honest model.The non-interactive mode makes the scheme robust to users’ dropping.Secondly,NIVP-DS can extend the semi-honest secure aggregation protocol to the malicious secure aggregation protocol by using credible matrix exchange and cross-verification,with a little additional cost.The secure analysis shows that NIVP-DS can ensure the privacy of the local model and the verifiability of the aggregate model,even in the complex scenarios where a single server and multiple clients conduct malicious collusion attacks and clients are dropping out.The performance evaluation shows that NIVP-DS has obvious advantages in communication and verification overhead while ensuring efficient model privacy aggregation.It can be applied to the federated learning deployment scenario with large-scale resource constrained devices. |
PDF Full Text Request