FHAIM: Fully Homomorphic AIM For Private Synthetic Data Generation

TL;DR

FHAIM introduces a fully homomorphic encryption framework for privacy-preserving synthetic data generation, enabling secure training on encrypted data with differential privacy guarantees, applicable to sensitive domains like healthcare and finance.

Contribution

It is the first to adapt the AIM synthetic data generation algorithm to a fully homomorphic encryption setting, ensuring data privacy during training.

Findings

Preserves AIM's performance on synthetic data tasks

Maintains feasible runtimes for encrypted training

Provides differential privacy guarantees

Abstract

Data is the lifeblood of AI, yet much of the most valuable data remains locked in silos due to privacy and regulations. As a result, AI remains heavily underutilized in many of the most important domains, including healthcare, education, and finance. Synthetic data generation (SDG), i.e. the generation of artificial data with a synthesizer trained on real data, offers an appealing solution to make data available while mitigating privacy concerns, however existing SDG-as-a-service workflow require data holders to trust providers with access to private data. We propose FHAIM, the first fully homomorphic encryption (FHE) framework for training a marginal-based synthetic data generator on encrypted tabular data. FHAIM adapts the widely used AIM algorithm to the FHE setting using novel FHE protocols, ensuring that the private data remains encrypted throughout and is released only with differential privacy guarantees. Our empirical analysis show that FHAIM preserves the performance of AIM while maintaining feasible runtimes.