Attacks on Image Encryption Schemes for Privacy-Preserving Deep Neural   Networks

Alex Habeen Chang; Benjamin M. Case

arXiv:2004.13263·cs.CR·April 30, 2020·20 cites

Attacks on Image Encryption Schemes for Privacy-Preserving Deep Neural Networks

Alex Habeen Chang, Benjamin M. Case

PDF

Open Access 1 Repo

TL;DR

This paper presents new attack methods on recent image encryption schemes used in privacy-preserving deep neural networks, demonstrating their vulnerabilities through effective chosen-plaintext and ciphertext-only attacks.

Contribution

It introduces novel attack techniques that expose security weaknesses in recent image encryption schemes for deep learning, highlighting the need for more robust privacy-preserving methods.

Findings

01

Effective chosen-plaintext attacks demonstrated

02

Successful ciphertext-only attacks shown

03

Vulnerabilities identified in recent encryption schemes

Abstract

Privacy preserving machine learning is an active area of research usually relying on techniques such as homomorphic encryption or secure multiparty computation. Recent novel encryption techniques for performing machine learning using deep neural nets on images have recently been proposed by Tanaka and Sirichotedumrong, Kinoshita, and Kiya. We present new chosen-plaintext and ciphertext-only attacks against both of these proposed image encryption schemes and demonstrate the attacks' effectiveness on several examples.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Code & Models

Repositories

ahchang98/image-encryption-scheme-attacks
noneOfficial

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsCryptography and Data Security · Chaos-based Image/Signal Encryption · Privacy-Preserving Technologies in Data