CN115242444B - Verifiable privacy protection linear regression method and system - Google Patents
Verifiable privacy protection linear regression method and system Download PDFInfo
- Publication number
- CN115242444B CN115242444B CN202210710116.9A CN202210710116A CN115242444B CN 115242444 B CN115242444 B CN 115242444B CN 202210710116 A CN202210710116 A CN 202210710116A CN 115242444 B CN115242444 B CN 115242444B
- Authority
- CN
- China
- Prior art keywords
- model
- linear regression
- user
- verifiable
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/142—Network analysis or design using statistical or mathematical methods
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/14—Network analysis or design
- H04L41/147—Network analysis or design for predicting network behaviour
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention relates to the field of machine learning, in particular to a verifiable privacy protection linear regression method and a verifiable privacy protection linear regression system, wherein the method comprises the following steps: the model owner discloses verifiable parameters related to the linear regression model, and deploys the verifiable parameters related to the linear regression model on a cloud server; the user encrypts the data to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where the linear regression model is located; the user requests the cloud server to calculate the ciphertext, the cloud server calculates and predicts the ciphertext uploaded by the user through a linear regression model, and a calculation prediction result is returned to the user; and verifying the plaintext correctness of the calculated prediction result by using verifiable parameters related to the linear regression model disclosed by the model owner in advance. The cloud server can prevent the cloud server from maliciously returning wrong results, can ensure the safety of user data and models, and can protect the privacy of model information of model owners, data information of users and prediction results.
Description
Technical Field
The invention relates to the field of machine learning, in particular to a verifiable privacy protection linear regression method and system.
Background
In the artificial intelligence era, personal privacy protection is increasingly paid attention to both home and abroad. Machine learning is one of the ways to implement artificial intelligence, and is focused on how to mine potential, effective and understandable knowledge from mass data, build a data-driven reasoning and decision model, and achieve the goal of "getting the data and using the data". With the rapid development of cloud computing modes, more and more cloud servers provide machine learning platforms for users. However, as the modern society places more and more importance on privacy protection, how to ensure the privacy and accuracy of models and the privacy of user data in the process of computing becomes a great difficulty in the field of machine learning. To solve this problem, various privacy-preserving machine learning methods have been proposed successively, including a differential privacy-based machine learning protection mechanism, a homomorphic encryption-based privacy protection mechanism, and a secure multiparty computing-based privacy protection mechanism.
Nikolaenko et al, in private-Preserving Ridge Regression on Hundreds of Millions of Records, mention the use of both homomorphic encryption and secure two-party computing to protect the Privacy of data while training a regression model. The scheme divides the training process of the regression model into two stages of data aggregation and model parameter calculation, wherein the first stage uses homomorphic encryption algorithm; the second phase uses a secure two-party computing protocol. The scheme in the document only considers model training, but does not consider the use of the model, namely, the trained model is utilized to predict the result of the data, and the verifiability of the predicted result is not considered, which are all the conditions which need to be considered in the practical application scene. There are also many schemes currently considering making predictions on trained models, but they have both problems, either the privacy protection of user data during prediction is not considered, or the correctness of the predicted results cannot be verified.
Disclosure of Invention
In order to solve the technical problems in the prior art, the invention provides a verifiable privacy protection linear regression method and a verifiable privacy protection linear regression system, which enable a result obtained by a user to be verifiable by disclosing a model verifiable parameter on the premise of protecting the privacy of the model, prevent a cloud server from maliciously returning an error result, ensure the safety of user data and the model, protect the privacy of model information of a model owner, data information of the user and a prediction result, ensure the correctness of the prediction result, and be more in line with the actual application scene.
It is a first object of the present invention to provide a verifiable privacy preserving linear regression method.
It is a second object of the present invention to provide a verifiable privacy preserving linear regression system.
The first object of the present invention can be achieved by adopting the following technical scheme:
a verifiable privacy preserving linear regression method, the method comprising:
disclosing verifiable parameters of the model, and disclosing verifiable parameters related to the linear regression model by a model owner;
data processing, wherein a user encrypts data by using a Paillier encryption algorithm to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where a linear regression model is located;
data calculation, wherein a user requests a cloud server to calculate ciphertext, the cloud server calculates ciphertext uploaded by the user through a linear regression model, and a prediction result is returned to the user;
and (3) verifying the result, namely decrypting the predicted result to obtain a plaintext of the predicted result, and verifying the plaintext correctness of the predicted result by using verifiable parameters related to a linear regression model which is disclosed by a model owner in advance.
In a preferred technical solution, the model owner discloses verifiable parameters related to a linear regression model, including:
randomly selecting a group G with a large prime number t and an order of t t And a generator h of the group, the generator h ε G t Model parameters assumed to have been trained by the model owner are vector w and real number b, where w= (w 1 ,w 2 ,…,w n ) Is a trained model parameter, b is the offset of the model; calculating a parameter vector w 'and a real number b' related to w and b:
b′=h b ;
large prime number t, group G t The generator h, the parameter vector w 'and the real number b' are disclosed.
In a preferred technical scheme, the calculation formula for calculating the ciphertext by the user request cloud server is as follows:
wherein w= (w 1 ,w 2 ,…,w n ) Vector x= (x) 1 ,x 2 ,…,x n ) Initial data for the user.
The second object of the invention can be achieved by adopting the following technical scheme:
a verifiable privacy preserving linear regression system, the system comprising:
the verifiable parameter disclosure module is used for disclosing verifiable parameters of the model, and a model owner discloses verifiable parameters related to the linear regression model;
data processing, wherein a user encrypts data by using a Paillier encryption algorithm to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where a linear regression model is located;
the data processing module is used for requesting the cloud server to calculate the ciphertext by the user, calculating the ciphertext uploaded by the user by the cloud server through the linear regression model, and returning a prediction result to the user;
and the result verification module is used for decrypting the prediction result to obtain the plaintext of the prediction result, and verifying the plaintext correctness of the prediction result by using verifiable parameters related to the linear regression model disclosed by the model owner in advance.
Compared with the prior art, the invention has the following advantages and beneficial effects:
according to the invention, the verifiable parameters related to the model are disclosed on the premise of protecting the privacy of the model, so that the result obtained by the user is verifiable, the cloud server is prevented from maliciously returning an error result, the safety of user data and the model can be ensured, the privacy of model information of a model owner, data information of the user and a predicted result can be protected, the correctness of the predicted result can be ensured, and the method and the device are more suitable for practical application scenes.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and other drawings may be obtained according to the structures shown in these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a schematic diagram of a method implementation scenario in an embodiment of the present invention;
FIG. 2 is a flow chart of a verifiable privacy preserving linear regression method in an embodiment of the present invention.
Detailed Description
The technical solution of the present invention will be described in further detail below with reference to the accompanying drawings and examples, it being apparent that the described examples are some, but not all, examples of the present invention, and embodiments of the present invention are not limited thereto. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1:
with the rapid development of the Internet and the Internet of things, the explosive growth of data is realized, the characteristics of huge quantity, various types, high authenticity and the like are presented, and the maximization of the output value of the data is realized by using a machine learning technology, so that the practical demands of people are realized. Many scientific institutions have trained more practical models, but these models are proprietary assets of model owners, are not disclosed to users, and are typically deployed on cloud servers (servers). When a user needs to use a model to predict data, the data can be uploaded to a cloud server for calculation, but the data of the user usually contains sensitive information and the cloud server is not 'absolute trusted'. Therefore, the machine learning technology based on cloud computing inevitably faces some security problems, firstly, if data is directly uploaded in plaintext, the privacy of users can be leaked; secondly, the cloud server may be malicious, that is, the cloud server predicts the data of the user by using an incorrect model, and the correctness of the prediction result cannot be guaranteed. Therefore, when the machine learning model is utilized to predict the result of the data, the correctness of the predicted result is necessary while protecting the privacy of the owner and the user of the model, and the method has important theoretical significance and application value.
According to the invention, the linear regression model of which the model owner is deployed on the cloud server is utilized to perform operation on ciphertext on data uploaded by a user, the calculation result is returned to the user, the result is taken by the user and decrypted to obtain a prediction result in a plaintext form, and the prediction result is verified according to model information disclosed by the model owner in advance.
Linear regression models generally represent the form:
y(x)=w T x+b
wherein x= (x) 1 ,x 2 ,…,x n ) Is a feature vector representing data, w= (w 1 ,w 2 ,…,w n ) Is a trained model parameter, and b is the offset of the model.
As shown in fig. 1, an implementation scenario of an embodiment disclosed in the present specification is schematically shown in which 2 participants, a participant server and a participant Client, where the participant server is a model owner, and the participant Client is a data owner, also called a user. The data owner Client has sample feature data to be processed, wherein the sample may be room price data, patient data, audio data, text data, etc. to be analyzed, respectively, and the sample features may include house features (e.g., area, location, floor, etc.), patient health features (e.g., age, gender, heart rate, blood pressure, etc.), audio frequency spectrum features, text coding features, etc.
The model owner server owns a linear regression model for performing business processing according to the sample characteristic data, for example, when the sample is the house price data, the business processing may be house price prediction; when the sample is patient data, business processes may be prediction of patient disease, and so on.
As shown in fig. 2, the verifiable privacy preserving linear regression method of the present invention includes the following steps:
s1, disclosing verifiable parameters of a model, wherein a model owner discloses verifiable parameters related to a linear regression model.
The model owner (server) discloses the relevant verifiable parameters of the linear regression model by using objective reality with difficult discrete logarithm solution, and the relevant verifiable parameters of the real-published linear regression model comprise: big prime t, group G t Generating a meta h, a parameter vector w 'and a real number b', wherein the meta h, the parameter vector w 'and the real number b' are specifically as follows:
s11, randomly selecting a group G with a large prime number t and an order of t t And a generator h of the group, the generator h ε G t Model parameters assumed to have been trained by the model owner are vector w and real number b, where w= (w 1 ,w 2 ,…,w n ) Is a trained model parameter, b is the offset of the model; calculating a public parameter vector w 'and a real number b' related to w and b:
b′=h b ;
s12, combining big prime numbers t and group G t The generator h, the parameter vector w 'and the real number b' are disclosed.
Let p be prime and a be the primitive root of p, i.e. a 1 ,a 2 ,…,a p-1 All values of 1-p-1 are generated at mod p, so forWith unique i.epsilon. {1, …, p-1}, such that b.ident.a i mod p. I is called the discrete logarithm of a as the base b under the modulus p, i.e. i≡log a (b)(mod p)。
B can be found relatively easily with a fast exponential algorithm when a, p, i are known, but it is very difficult to find i if a, b and p are known. When p is large, the fastest discrete logarithm algorithm known to date is not feasible.
For the purpose of privacy protection of the model, the model owner server cannot directly disclose the original parameters of the model to all users, but discloses the parameters related to the model according to the operation. Solving for sleepiness based on discrete logarithmsDifficulty, malicious adversaries get the public parameters G related to the model t After t, h, w 'and b', the parameters w= (w) of the model are to be solved 1 ;w 2 ;…;w n ) And b is not feasible. When the user needs to verify the correctness of the final result, the user can verify the final result only through the disclosed model related parameters without solving the parameters of the model. Therefore, the safety of the public model is ensured, and a verification method for the correctness of the prediction result is provided. The invention uses the discrete logarithm difficulty problem to ensure the privacy of the model information disclosed by the model owner.
S2, data processing, wherein a user encrypts the data by using a Paillier encryption algorithm to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where the linear regression model is located.
Firstly, a user encrypts data by using a Paillier encryption algorithm to obtain a ciphertext c, and the process is as follows:
presetting user initial data as a vector x= (x) 1 ,x 2 ,…,x n ) Running a Setup (k) algorithm, specifically comprising:
inputting a safety parameter k, selecting two large prime numbers p, q, calculating a natural number N=p.q, and randomly selecting a group element(wherein->) So that gcd (L (g) λ mod N 2 ) N) =1, wherein gcd (,) represents the greatest common divisor of the two numbers, defining +.>The public key is pk= (g, N) and the private key is sk=λ=lcm ((p-1), (q-1)); where lcm (,) function represents the least common multiple of two numbers.
The Enc (pk, m) algorithm is run, and the plaintext m epsilon Z is input N (wherein Z N = {0,1, …, n-1 }) selecting a random number
(wherein->) Calculating to obtain ciphertext c:
c=Enc(pk,m)=g m r N mod N 2
where mod is a modulo operation, a group element
In the subsequent verification process, a Dec (sk, c) algorithm is operated, a private key sk and a ciphertext c are input, and the following formula is calculated to obtain a plaintext m:
specifically, x is i For example, the Enc (pk, x) algorithm is run, and the plaintext x is input i ∈Z n Selecting a random numberCalculation of ciphertext c i :
For convenience of symbol, let the vector obtained after the user encrypts the data as follows:
c=(c 1 ,c 2 ,…,c n )
=(Enc pk (x 1 ),Enc pk (x 2 ),…,Enc pk (x n ))
and then, uploading the encrypted ciphertext c to a cloud server where the linear regression model is located by the user.
The Paillier encryption algorithm has the property of being additive homomorphic, and is specifically as follows:
multiplication between ciphertexts corresponds to the corresponding plaintext m 1 、m 2 The addition is performed in the following form:
the constant exponent operation of ciphertext corresponds to the multiplication of plaintext m with a constant, in the form:
Enc(m) a =Enc(a·m)
wherein a is a constant.
For the purpose of privacy data protection, the data owner Client cannot directly send its sample data to the model owner server, so as not to reveal the sample feature value. After the data is encrypted by the Paillier encryption algorithm, the ciphertext is sent to the model owner Sever, and the model owner Sever does not have the private key sk and cannot calculate the plaintext corresponding to the ciphertext. Therefore, the aim of protecting the privacy of the Client data of the user is fulfilled.
S3, data calculation, wherein a user requests a cloud server to calculate ciphertext, the cloud server calculates and predicts ciphertext data uploaded by the user through a linear regression model, and a calculation prediction result is returned to the user.
And carrying out operation on ciphertext on the data uploaded by the user, returning a calculation result to the user, and carrying out result prediction by the user by using a linear regression model deployed on the cloud server.
After receiving the user ciphertext data c, the cloud server calculates on the ciphertext data c and returns the calculated result to the user. Assuming that model parameters already trained by the model owner are vector w and real number b, the calculation formula of ciphertext data c is as follows:
w=(w 1 ;w 2 ;…;w n ) Vector x= (x) 1 ,x 2 ,…,x n ) For user initial data, b is the bias of the model.
The homomorphic encryption algorithm is an encryption function, and is used for encrypting the plaintext after operation, and is equivalent to the ciphertext after the encryption. Since the user data received by the model owner server is in the form of ciphertext, addition and multiplication cannot be directly performed. The homomorphism of the Paillier encryption function can enable the Sever to operate on the ciphertext, and the operation result is equivalent to that obtained by the established calculation on the plaintext and then encrypted. The model owner Sever also can not unwrap the plaintext corresponding to the final result because of no private key sk, so that the privacy of the calculation result of the user is ensured.
S4, result verification, namely decrypting the calculation prediction result to obtain a plaintext of the calculation prediction result, and verifying the plaintext correctness of the calculation prediction result by utilizing related verifiable parameters of a linear regression model which are disclosed by a model owner in advance.
The user verifying the correctness of the prediction result comprises the following steps:
s41, after the user obtains the prediction result in the ciphertext form returned by the cloud server, decrypting to obtain a prediction result plaintext y, and the specific method is as follows: operating a Dec (sk, c) algorithm, inputting a private key sk and a ciphertext c, and calculating the following formula to obtain a predicted result plaintext y:
s42, according to the prediction result plaintext y and the verifiable parameter G related to the linear regression model disclosed by the model owner t Calculation of the first result y from t, h, w' and b 1 :
y 1 =h y
S43, calculating a second result y based on original model parameters of the linear regression model and initial data of the user 2 :
Wherein w= (w 1 ;w 2 ;…;w n ) Vector x= (x) 1 ,x 2 ,…,x n ) For user initial data, b is the bias of the model.
S44, verifying the first result y 1 Whether or not to equal the second result y 2 If the first result y 1 Equal to the second result y 2 And (5) indicating that the prediction result returned by the computing cloud server is correct, otherwise, indicating that the prediction result returned by the cloud server is incorrect.
Through verification of the correctness of the results, the user Client can detect result errors caused by malicious deployment of wrong model parameters in the cloud server by the model owner or other faults. The user Client may discard the calculation results, either to allow the cloud server to recalculate or to choose to terminate collaboration with the model owner.
Example 2:
the embodiment provides a verifiable privacy protection linear regression system, which comprises a verifiable parameter disclosure module, a data processing module, a data calculation module and a result verification module, wherein the specific functions of the modules are as follows:
the verifiable parameter disclosure module is used for disclosing verifiable parameters of the model, and a model owner discloses verifiable parameters related to the linear regression model;
data processing, wherein a user encrypts data by using a Paillier encryption algorithm to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where a linear regression model is located;
the data processing module is used for requesting the cloud server to calculate the ciphertext by the user, calculating and predicting the ciphertext uploaded by the user by the cloud server through the linear regression model, and returning a calculation and prediction result to the user;
and the result verification module is used for decrypting the calculation prediction result to obtain a plaintext of the calculation prediction result, and verifying the plaintext correctness of the calculation prediction result by using verifiable parameters related to the linear regression model disclosed by the model owner in advance.
The model owner discloses verifiable parameters related to a linear regression model, including:
randomly selecting a group G with a large prime number t and an order of t t Raw materials of groupGenerating element h, generating element h E G t Model parameters assumed to have been trained by the model owner are vector w and real number b, where w= (w 1 ;w 2 ;…;w n ) Is a trained model parameter, b is the offset of the model; calculating a parameter vector w 'and a real number b' related to w and b:
b′=h b ;
large prime number t, group G t The generator h, the parameter vector w 'and the real number b' are disclosed.
The user performs Paillier encryption on the data to obtain ciphertext, which comprises the following steps:
presetting user initial data as a vector x= (x) 1 ,x 2 ,…,x n ) Running a Setup (k) algorithm, inputting a safety parameter k, selecting two large prime numbers p, q, and randomly selecting a group element, wherein the natural number n=p·qLet gcd (L (g) λ mod N 2 ) N) =1, wherein gcd () represents the greatest common divisor of two numbers; definitions->The public key is pk= (g, N), the private key is sk = λ = lcm ((p-1), (q-1)), where lcm () function represents the least common multiple of two numbers;
the Enc (pk, m) algorithm is run, and the plaintext m epsilon Z is input N ,Z N = {0,1, …, n-1}, select random number Calculating to obtain ciphertext c:
c=Enc(pk,m)=g m r N mod N 2
where mod is a modulo operation, a group element
The calculation formula for calculating the ciphertext by the user request cloud server is as follows:
wherein w= (w 1 ;w 2 ;…;w n ) Vector x= (x) 1 ,x 2 ,…,x n ) Initial data for the user.
The above examples are preferred embodiments of the present invention, but the embodiments of the present invention are not limited to the above examples, and any other changes, modifications, substitutions, combinations, and simplifications that do not depart from the spirit and principle of the present invention should be made in the equivalent manner, and the embodiments are included in the protection scope of the present invention.
Claims (7)
1. A verifiable privacy preserving linear regression method, the method comprising the steps of:
disclosing verifiable parameters of the model, and disclosing verifiable parameters related to the linear regression model by a model owner;
data processing, wherein a user encrypts data by using a Paillier encryption algorithm to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where a linear regression model is located;
data calculation, wherein a user requests a cloud server to calculate ciphertext, the cloud server calculates and predicts the ciphertext uploaded by the user through a linear regression model, and a calculation prediction result is returned to the user;
result verification, namely decrypting the calculation prediction result to obtain a plaintext of the calculation prediction result, and verifying the plaintext of the calculation prediction result by using verifiable parameters related to a linear regression model which is disclosed by a model owner in advance;
the model owner discloses verifiable parameters related to a linear regression model, including:
randomly selecting a group G with a large prime number t and an order of t t And a generator h of the group, the generator h ε G t Model parameters assumed to have been trained by the model owner are vector w and real number b, where w= (w 1 ,w 2 ,…,w n ) Is a trained model parameter, b is the offset of the model; calculating a parameter vector w 'and a real number b' related to w and b:
b'=h b
large prime number t, group G t The generator h, the parameter vector w 'and the real number b' are disclosed.
2. The verifiable privacy preserving linear regression method of claim 1, wherein the user performs Paillier encryption on the data to obtain ciphertext, comprising:
presetting user initial data as a vector x= (x) 1 ,x 2 ,…,x n ) Running a Setup (k) algorithm, inputting a safety parameter k, selecting two large prime numbers p, q, and randomly selecting a group element, wherein the natural number n=p·q Let gcd (L (g) λ mod N 2 ) N) =1, wherein gcd () represents the greatest common divisor of two numbers; definitions->Public key pk= (g, N), private key sk = λ = lcm ((p-1), q-1)), where lcm () function represents the least common multiple of two numbers;
the Enc (pk, m) algorithm is run, and the plaintext m epsilon Z is input N ,Z N = {0,1, …, n-1}, select random number Calculating to obtain ciphertext c:
c=Enc pk (m)=g m r N mod N 2
where mod is a modulo operation, a group element
3. The verifiable privacy preserving linear regression method of claim 2, wherein the calculation formula for the user to request the cloud server to calculate the ciphertext is:
wherein w= (w 1 ,w 2 ,…,w n ) Vector x= (x) 1 ,x 2 ,…,x n ) Initial data for the user.
4. The verifiable privacy preserving linear regression method of claim 2, wherein decrypting the computed prediction results to obtain plaintext of the computed prediction results, verifying the plaintext correctness of the computed prediction results using verifiable parameters associated with a linear regression model previously disclosed by the model owner, comprises:
after the user takes the prediction result in the ciphertext form returned by the cloud server, decrypting to obtain a prediction result plaintext y;
calculating a first result y according to the prediction result plaintext y and verifiable parameters related to the linear regression model according to the prediction result plaintext 1 ;
Original model parameters and user initial data based on linear regression model calculate second result y 2 ;
Validating the first result y 1 Whether or not to equal the second result y 2 When the first result y 1 Equal to the second result y 2 And if not, the prediction result returned by the cloud server is wrong.
5. The verifiable privacy preserving linear regression method of claim 4 wherein the calculation formula of the prediction result plaintext y is:
the first result y 1 The calculation formula of (2) is as follows:
y 1 =h y ;
the second result y 2 The calculation formula of (2) is as follows:
wherein w= (w 1 ,w 2 ,…,w n ) Vector x= (x) 1 ,x 2 ,…,x n ) Initial data for the user.
6. A verifiable privacy preserving linear regression system, the system comprising:
the verifiable parameter disclosure module is used for disclosing verifiable parameters of the model, and a model owner discloses verifiable parameters related to the linear regression model;
data processing, wherein a user encrypts data by using a Paillier encryption algorithm to obtain a ciphertext, and the ciphertext is uploaded to a cloud server where a linear regression model is located;
the data processing module is used for requesting the cloud server to calculate the ciphertext by the user, calculating and predicting the ciphertext uploaded by the user by the cloud server through the linear regression model, and returning a calculation and prediction result to the user;
the result verification module is used for decrypting the calculation prediction result to obtain a plaintext of the calculation prediction result, and verifying the plaintext correctness of the calculation prediction result by using verifiable parameters related to a linear regression model which is disclosed by a model owner in advance;
the model owner discloses verifiable parameters related to a linear regression model, including:
randomly selecting a group G with a large prime number t and an order of t t And a generator h of the group, the generator h ε G t Model parameters assumed to have been trained by the model owner are vector w and real number b, where w= (w 1 ,w 2 ,…,w n ) Is a trained model parameter, b is the offset of the model; calculating a parameter vector w 'and a real number b' related to w and b:
b'=h b
large prime number t, group G t The generator h, the parameter vector w 'and the real number b' are disclosed.
7. The verifiable privacy preserving linear regression system of claim 6 wherein the calculation formula for the user requesting the cloud server to calculate the ciphertext is:
wherein w= (w 1 ,w 2 ,…,w n ) Vector x= (x) 1 ,x 2 ,…,x n ) Initial data for the user.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210710116.9A CN115242444B (en) | 2022-06-22 | 2022-06-22 | Verifiable privacy protection linear regression method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210710116.9A CN115242444B (en) | 2022-06-22 | 2022-06-22 | Verifiable privacy protection linear regression method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN115242444A CN115242444A (en) | 2022-10-25 |
CN115242444B true CN115242444B (en) | 2023-08-01 |
Family
ID=83668617
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202210710116.9A Active CN115242444B (en) | 2022-06-22 | 2022-06-22 | Verifiable privacy protection linear regression method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115242444B (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110991655A (en) * | 2019-12-17 | 2020-04-10 | 支付宝(杭州)信息技术有限公司 | Method and device for processing model data by combining multiple parties |
CN112488227A (en) * | 2020-12-07 | 2021-03-12 | 武汉大学 | Auditable outsourcing machine learning service method for providing integrity verification |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111523673B (en) * | 2019-02-01 | 2021-07-27 | 创新先进技术有限公司 | Model training method, device and system |
CN110008717B (en) * | 2019-02-26 | 2023-04-11 | 东北大学 | Decision tree classification service system and method supporting privacy protection |
-
2022
- 2022-06-22 CN CN202210710116.9A patent/CN115242444B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110991655A (en) * | 2019-12-17 | 2020-04-10 | 支付宝(杭州)信息技术有限公司 | Method and device for processing model data by combining multiple parties |
CN112488227A (en) * | 2020-12-07 | 2021-03-12 | 武汉大学 | Auditable outsourcing machine learning service method for providing integrity verification |
Also Published As
Publication number | Publication date |
---|---|
CN115242444A (en) | 2022-10-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108712260B (en) | Multi-party deep learning computing agent method for protecting privacy in cloud environment | |
Madi et al. | A secure federated learning framework using homomorphic encryption and verifiable computing | |
WO2021120861A1 (en) | Method and apparatus for multi-party joint model data processing | |
CN109194507B (en) | Non-interactive privacy protection neural network prediction method | |
CN110912713B (en) | Method and device for processing model data by multi-party combination | |
Chinnasamy et al. | HCAC-EHR: hybrid cryptographic access control for secure EHR retrieval in healthcare cloud | |
Yu et al. | Enhanced privacy of a remote data integrity-checking protocol for secure cloud storage | |
US20180076956A1 (en) | System and method for generating a server-assisted strong password from a weak secret | |
JP2008500598A (en) | Method and apparatus for confidential information retrieval and lost communication with good communication efficiency | |
CN114697073B (en) | Telecommunication operator data security sharing method based on blockchain | |
Araújo et al. | Remote electronic voting can be efficient, verifiable and coercion-resistant | |
US8121290B2 (en) | Pseudo-random function calculating device and method and number-limited anonymous authentication system and method | |
CN111211897B (en) | Time control encryption security enhancement method based on random prediction model | |
US11804960B2 (en) | Distributed symmetric encryption | |
Nguyen-Van et al. | Scalable distributed random number generation based on homomorphic encryption | |
CN111865555B (en) | Homomorphic encryption method based on k-Lin hypothesis | |
CN111581648B (en) | Method of federal learning to preserve privacy in irregular users | |
CN114039785A (en) | Data encryption, decryption and processing method, device, equipment and storage medium | |
CN114257366B (en) | Information homomorphic processing method, device, equipment and computer readable storage medium | |
Backes et al. | Using mobile device communication to strengthen e-voting protocols | |
Lawal et al. | An improved hybrid scheme for e-payment security using elliptic curve cryptography | |
CN116108497B (en) | Medical data lightweight cloud storage method and device based on identity anonymity | |
CN115242444B (en) | Verifiable privacy protection linear regression method and system | |
CN116318696A (en) | Proxy re-encryption digital asset authorization method under condition of no initial trust of two parties | |
Rehman et al. | Securing cloud storage by remote data integrity check with secured key generation |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |