GuardML: Efficient Privacy-Preserving Machine Learning Services Through Hybrid Homomorphic Encryption

TL;DR

This paper introduces a novel privacy-preserving machine learning scheme using Hybrid Homomorphic Encryption (HHE), enabling secure classification on encrypted data with minimal costs, suitable for end devices.

Contribution

The work applies HHE to PPML, demonstrating its practicality and efficiency for secure classification tasks on sensitive data in resource-constrained environments.

Findings

Achieved secure ECG classification with minimal accuracy loss.

Reduced communication and computation costs for end devices.

Validated the real-world applicability of HHE-based PPML.

Abstract

Machine Learning (ML) has emerged as one of data science's most transformative and influential domains. However, the widespread adoption of ML introduces privacy-related concerns owing to the increasing number of malicious attacks targeting ML models. To address these concerns, Privacy-Preserving Machine Learning (PPML) methods have been introduced to safeguard the privacy and security of ML models. One such approach is the use of Homomorphic Encryption (HE). However, the significant drawbacks and inefficiencies of traditional HE render it impractical for highly scalable scenarios. Fortunately, a modern cryptographic scheme, Hybrid Homomorphic Encryption (HHE), has recently emerged, combining the strengths of symmetric cryptography and HE to surmount these challenges. Our work seeks to introduce HHE to ML by designing a PPML scheme tailored for end devices. We leverage HHE as the fundamental building block to enable secure learning of classification outcomes over encrypted data, all while preserving the privacy of the input data and ML model. We demonstrate the real-world applicability of our construction by developing and evaluating an HHE-based PPML application for classifying heart disease based on sensitive ECG data. Notably, our evaluations revealed a slight reduction in accuracy compared to inference on plaintext data. Additionally, both the analyst and end devices experience minimal communication and computation costs, underscoring the practical viability of our approach. The successful integration of HHE into PPML provides a glimpse into a more secure and privacy-conscious future for machine learning on relatively constrained end devices.