Enabling public but secure deep learning

When data is encrypted using traditional techniques, it becomes impossible to do any meaningful computation on it in its encrypted form. Here’s the ‘secret key’ to an ideal digital transformation of the enterprise.

Archie Jackson Sr. Director, Head IT & IS at Incedo Inc
Incedo Inc

The era of considering business transformation digitally is over. Today, the mandate is to transform - and to transform quicker and better than others in the league.

Lately, I have been investing a lot of time conceptualizing transformation, and after a thorough research and analysis, I have been able to derive an equation for an ideal digital transformation for an enterprise -

Sec x [(ML/DL/CT + DA + MC)/RPA] = DX

Secure x [(Artificial Intelligence + Data Analytics + Multi-Cloud)/Robotic Process Automation] = Digital transformation

This article will spotlight the concept of keeping the data secure and private whilst the data also needs to remain public for deep learning.

When the data is encrypted using traditional techniques, it becomes impossible to do any meaningful computation on it in its encrypted form. For a meaningful computation to happen, the data must be decrypted and again encrypted. This further isn’t useful because decrypting exposes the data to interventions and intermediate hijacks of privacy and therefore increasing the possibilities of a breach to happen.

With the widespread adoption of cloud computing, one often encounters scenarios where a party possessing sensitive data wants to outsource some computation on that data to a third party, which it does not trust with the plaintext data. Homomorphic encryption is the technique that comes to the rescue and enables valuable integration of data and AI learning.

Homomorphic encryption provides the ability to perform various meaningful operations on encrypted data without having direct access to the encryption keys or the plain text data itself. Using this, the service can perform the requested computation on the encrypted data and return the encrypted result back to a client.

The client can then use the encryption key (which was never shared with the service) to decrypt the returned data and get the actual result. In this manner, only the specified information is exposed for AI-enabled learning and cannot dissipate additional learning patterns or privacy crossovers.

With FHE (Fully Homomorphic Encryption), a party can encrypt some input data, while another party that does not have access to the decryption key can blindly perform computation on this encrypted input. The result is also encrypted and can be recovered only by the party that possesses the secret key.

In terms of equations, let’s say for deep learning NN (neural network), we consider an encryption scheme of taking the message and adding a secret number X to it. Then the encryption of message 1, will be m1+X, and similarly, encryption of message 2, will be m2+X

The encrypted messages will be E1 = m1+X and E2 = m2+X

Now, any party that receives these encrypted messages will receive E0 = m1+m2+2X. Here, it is important to note that the receiving party does not know m1, m2 or X. The legitimate intended party to receive the message knows X and receiving the result E0 can simply subtract 2X and recover m1 + m2. The final result is that the operation of adding two numbers has been delegated to another party, without this party knowing the operands or the result.

Fully homomorphic encryption has huge consequences in the world of delegated computations, as it essentially enables a user to safely hand all of its encrypted data to an untrusted remote party, and let it process the information, with the guarantee that the remote party will learn neither the input nor the output of the computation.

  • Emails could be stored encrypted so that the email provider does not know the content of the messages. Also, emails could be searchable, without the provider knowing what a user is looking for.
  • Pictures could be uploaded to websites offering image processing capabilities, without the site learning the content of the original picture or that of the final picture.
  • Medical data could be safely shared in order to extract statistics or make predictions on one’s health condition, without revealing any sensitive information. For example, in the case of estimating the cost of life insurance, this could be done by running an algorithm on encrypted data (PII) and returning an encrypted answer that may predict the cost of the insurance policy.
  • One could even go so far as to imagine a completely homomorphic search engine, that can process encrypted search queries and return an encrypted list of matches.
Archie Jackson Sr. Director, Head IT & IS at Incedo Inc Incedo Inc

Fully homomorphic encryption has huge consequences in the world of delegated computations, as it essentially enables a user to safely hand all of its encrypted data to an untrusted remote party, and let it process the information, with the guarantee that the remote party will learn neither the input nor the output of the computation.
Archie Jackson, Sr. Director, Head IT & IS, Incedo Inc.

The FHE construction is based on “noisy” encryption. This means each ciphertext contains a certain amount of noise or error for the security of the scheme. While performing homomorphic operations on ciphertexts, the noise term contained in the output ciphertext is usually larger than those in the input ciphertexts because of interaction that happens during the homomorphic computation. This means that the homomorphic operations make the error grow.

The problem arises when the noise grows beyond a threshold and makes the ciphertext “too noisy” that makes it difficult to correctly decrypt it. This also means that decrypting the ciphertext will produce a message that is different from the expected one and therefore change the value of the message.

Here comes bootstrapping. It is the process of refreshing a ciphertext in order to produce a new ciphertext that encrypts the same message, but with a lower level of noise so that more homomorphic operations can be evaluated on it. It is decrypting the ciphertext with the secret key, and then re-encrypting the message, with the difference that the secret key is not known and it is replaced by an encryption of the secret key, called the bootstrapping key.

Let’s consider, a ciphertext C that encrypts a message M and that contains a noise E. If we had the correct secret key we could simply decrypt C, recover M and pick a smaller error E0 and re-encrypt M with this noise.

Therefore, if we had the secret key, we could refresh a ciphertext by decreasing the noise it contains, perform homomorphic operations and refresh the ciphertexts before losing correctness. The goal with FHE is to publicly perform operations on encrypted data without having access to the secret key.

Archie Jackson is Sr. Director, Head IT & IS at Incedo Inc.

Disclaimer: This article is published as part of the IDG Contributor Network. The views expressed in this article are solely those of the contributing authors and not of IDG Media and its editor(s).

Copyright © 2019 IDG Communications, Inc.

Get the best of CSO ... delivered. Sign up for our FREE email newsletters!