Research On Privacy-Preserving Deep Learning Scheme Based On Homomorphic Encryption

With the rapid development of big data,deep learning has been widely used as a big data processing method.However,the data that deep learning collects often involves all aspects of users’ privacy and sensitive information.Therefore,deep learning with multi-party participants were proposed to preserve data privacy and open up data silos.In multi-party deep learning,users process data locally to complete model training,and the server aggregates model parameters uploaded by users to obtain a global model.However,even if the model parameters uploaded by users replace traditional users’ data,the model parameters still threaten the users’ privacy.Therefore,it is of excellent research significance to develop a multi-party deep learning scheme that can accurately achieve global model aggregation and preserve users’ privacy.The thesis requires ensuring the security of users’ data privacy and model privacy;the privacy preservation methods used will not affect the accuracy of the global model and support the users’ multi-key environment.The main work of this thesis is as follows.1.We propose a privacy-preserving federated learning scheme based on the BCP cryptosystem,which can verify the users’ identity and data integrity in a multi-key environment.Federated learning is a special kind of distributed deep learning.In the current privacypreserving federated learning scheme,mobile users’ data integrity and authentication in open channels are insufficiently studied.From the problem as a starting point,the thesis proposes a privacy-preserving federated learning scheme.Firstly,the scheme utilizes the double trapdoor BCP cryptosystem to encrypt and transmit data,which provides stronger guarantee for the users’ privacy and supports users multiple keys to meet the users’ privacy needs.Secondly,this scheme constructs a verification method based on the bilinear aggregative signature and verifiable secret sharing to verify the integrity and identity authenticity of the users’ data,which can effectively filter incorrect data of some users and improve the accuracy of the model.Finally,this thesis designs a verifiable users’ dynamic update mechanism by considering the users’ bandwidth and computing resource constraints.The mechanism introduces fog nodes with high response and low latency to manage mobile users in batches,which can meet the dynamic characteristics of mobile users and improve the fault tolerance of the privacy-preserving federated learning model.2.We propose a privacy-preserving multi-party deep learning scheme based on homomorphic proxy re-encryption to resist server collusions.In the existing double-server privacypreserving deep learning schemes,it is usually assumed that there is no collusions between the double semi-honest servers.This thesis argues that such security assumptions are strong and that honest and curious servers may steal the participants’ private information.To avoid this privacy risk,a privacy-preserving multi-party deep learning scheme is proposed in this thesis.Firstly,this scheme designs a secure user gradient parameter aggregation method with a one-way homomorphic proxy re-encryption algorithm to ensure the security of the users’ private key,and introduces a fog node with high response and low latency properties as a proxy to convert the user-side ciphertexts into the server-side ciphertexts.At the same time,this aggregation method can resist the privacy risk caused by double server collusions or participant-server collusions and provide a multi-key environment for users.Secondly,this thesis proposes a multi-participant random number aggregation method based on verifiable secret sharing technique.This method not only can sum the random numbers of multiple participants without disclosing the participants’ data,but also can effectively avoid the increasing of the interactions caused by the increase of participants,and can filter the wrong data of some participants to improve the accuracy of the global model.Finally,the theoretical analysis and experimental evaluations show that the proposed privacy-preserving deep learning scheme supports multiple keys,resists collusions,provides more accurate models.