We rely heavily on artificial intelligence to crack our toughest big data problems, but some industries are hesitant to dive right in, first asking, “How well can it keep a secret?” Banks, government bodies, hospitals and the military all deal with highly sensitive and confidential data for which computational security is paramount.
Cloud computing has gained popularity as a cheaper, more reliable, hardware-free alternative for running computationally intensive platforms. However, it comes with some safety concerns. For instance, most cloud-based artificial neural networks first decrypt protected data before processing it, creating an opening in the security armour and exposing the sensitive underbelly to online attackers.
According to experts, fully homomorphic encryption (FHE) could act as a security bulldog to enable safer cloud computing. “By maintaining cryptographic security for data at every state, FHE enables collaborators to apply common data analysis tools to protect the most valuable information and mitigate risks,” notes Souhail Meftah, a Research Scholar previously with A*STAR’s Institute for Infocomm Research (I2R).
Traditional FHEs have a reputation for being slow, memory-guzzling protocols—recent reports indicate that processing a basic dataset with FHE could take several months, with a single encrypted image requiring upwards of 8 gigabytes of memory.
Meftah and colleagues set about developing an industry-ready next-generation design using a threefold optimisation approach.
First, they introduced a single instruction, multiple data (SIMD) encoding technique to the circuit which slashed the number of heavy computational FHE processes required. They also made network-level tweaks to maximise the performance of running multiple evaluations in parallel. Finally, they weaved in a transformation step between each calculation layer to keep the data in a readable format without decrypting it, thereby safeguarding the information.
In this way, DOReN was born—the first FHE-powered deep neural network that can efficiently run on a CPU. DOReN hit the ground running with validation test results yielding a twentyfold improvement in processing speed over the previous gold standard developed in 2019.
It’s not just DOReN’s speed that has the researchers excited, but its potential to fundamentally change how we use cloud computing to process sensitive data. “Privacy-preserving deep neural networks present a reliable technical solution to the confidentiality concerns of working with sensitive data on the cloud,” said Meftah, adding that DOReN could fill a niche in the manufacturing, video monitoring and cybersecurity sectors, among many others.
As a next step, the team is exploring ways of optimising DOReN to handle the demands of high-performance computation. They’ve already reported promising results: newer iterations of DOReN provided a huge boost for processing large image datasets. “To our knowledge, this may be a first fully encrypted ImageNet architecture with no approximations or extrapolation on a CPU,” said Meftah.
The A*STAR-affiliated researchers contributing to this research are from the Institute for Infocomm Research (I2R).