TT-SEAL: TTD-Aware Selective Encryption for Adversarially-Robust and Low-Latency Edge AI

TL;DR

TT-SEAL introduces a TTD-aware selective encryption method for tensor-train decomposed neural networks, significantly reducing encryption overhead while maintaining robustness, thus enabling secure and low-latency edge AI on resource-constrained devices.

Contribution

The paper proposes TT-SEAL, a novel selective encryption framework tailored for TT-decomposed models, optimizing security with minimal encryption overhead under TTD-aware threat models.

Findings

Encrypts only 4.89-15.92% of parameters, reducing latency impact.

Maintains robustness comparable to full encryption.

Achieves low decryption share in end-to-end latency, e.g., 2.76% on ResNet-18.

Abstract

Cloud-edge AI must jointly satisfy model compression and security under tight device budgets. While Tensor-Train Decomposition (TTD) shrinks on-device models, prior selective-encryption studies largely assume dense weights, leaving its practicality under TTD compression unclear. We present TT-SEAL, a selective-encryption framework for TT-decomposed networks. TT-SEAL ranks TT cores with a sensitivity-based importance metric, calibrates a one-time robustness threshold, and uses a value-DP optimizer to encrypt the minimum set of critical cores with AES. Under TTD-aware, transfer-based threat models (and on an FPGA-prototyped edge processor) TT-SEAL matches the robustness of full (black-box) encryption while encrypting as little as 4.89-15.92% of parameters across ResNet-18, MobileNetV2, and VGG-16, and drives the share of AES decryption in end-to-end latency to low single digits (e.g., 58% -> 2.76% on ResNet-18), enabling secure, low-latency edge AI.