CN116484415A - Privacy decision tree reasoning method based on isomorphic encryption - Google Patents
Privacy decision tree reasoning method based on isomorphic encryption Download PDFInfo
- Publication number
- CN116484415A CN116484415A CN202310188204.1A CN202310188204A CN116484415A CN 116484415 A CN116484415 A CN 116484415A CN 202310188204 A CN202310188204 A CN 202310188204A CN 116484415 A CN116484415 A CN 116484415A
- Authority
- CN
- China
- Prior art keywords
- node
- ciphertext
- decision tree
- tree model
- privacy
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000003066 decision tree Methods 0.000 title claims abstract description 175
- 238000000034 method Methods 0.000 title claims abstract description 60
- 230000008569 process Effects 0.000 claims abstract description 30
- 238000012545 processing Methods 0.000 claims description 18
- 238000004364 calculation method Methods 0.000 claims description 8
- 238000005516 engineering process Methods 0.000 abstract description 14
- 238000004891 communication Methods 0.000 description 5
- 238000010801 machine learning Methods 0.000 description 5
- 230000006870 function Effects 0.000 description 3
- 238000013507 mapping Methods 0.000 description 3
- 238000007792 addition Methods 0.000 description 2
- 238000013528 artificial neural network Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000011156 evaluation Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 238000012549 training Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000005065 mining Methods 0.000 description 1
- 238000007781 pre-processing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000000638 solvent extraction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N5/00—Computing arrangements using knowledge-based models
- G06N5/04—Inference or reasoning models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/008—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Databases & Information Systems (AREA)
- Medical Informatics (AREA)
- Artificial Intelligence (AREA)
- Computational Linguistics (AREA)
- Data Mining & Analysis (AREA)
- Evolutionary Computation (AREA)
- Computing Systems (AREA)
- Mathematical Physics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Complex Calculations (AREA)
Abstract
The privacy decision tree reasoning method comprises a privacy secret decision tree reasoning scheme and a privacy plaintext decision tree reasoning scheme, user privacy data and a decision tree model are encrypted by utilizing technologies such as secret state encryption, and reasoning is carried out on the secret state decision tree/plaintext decision tree by utilizing a homomorphic algorithm, so that the whole flow protection of privacy data security and model data security is realized in the decision tree reasoning process, the privacy data security and model data security are greatly improved, and the information security problem of the existing decision tree cloud service is solved.
Description
Technical Field
The application relates to the technical field of information security, in particular to a privacy decision tree reasoning method based on isomorphic encryption.
Background
The data is used as a novel resource, the productivity of the data is fully released by utilizing the market innovation, and the safety protection of the data is enhanced while the open sharing of the data is promoted. Therefore, the core of the data privacy protection is not to strictly prevent data from dying and artificially set up data islands, but to maintain the confidentiality and the security of the privacy data on the premise of fully guaranteeing the data flow capacity and the data value mining capacity, so that the data can be "available and invisible".
Aiming at the vigorous demand of data privacy protection, research fields surrounding privacy calculation are formed. For example, federal learning technology in the machine learning field, multiparty secure computing and homomorphic encryption technology in the traditional security and cryptography field, trusted execution environment in the chip design field, and the like are all considered as privacy computing technologies. However, since different kinds of privacy computing technologies have different security definitions, security levels and computing efficiencies, and the privacy computing field itself is still in a stage of high-speed development and technology iteration, the various privacy computing technologies lack unified consensus on privacy protection technical schemes among academia, different application industries and government standardization departments, so that a single privacy computing technology cannot be simply used in different privacy protection scenes. The main reason for this is that having a privacy computing protocol that can prove security is often faced with significant computing and communication bandwidth overhead. For example, in the latest top-level conference results, a privacy neural network reasoning protocol based on traditional multiparty security computation requires a wide area network communication bandwidth of 9Gbytes or more to complete a round of reasoning computation (local reasoning computation in plaintext does not require any communication); while privacy neural network reasoning based on full homomorphic encryption only requires very little communication bandwidth (hundreds of Kbytes), the computation time is more than 1000 times slower than plaintext reasoning. In general, different kinds of privacy computing schemes respectively have scientific problems of poor universality of a single protocol, multiple communication rounds, high bandwidth transmission, long computing time and the like, so that users lack understanding and confidence on the privacy computing technology, and the actual landing of the advanced privacy computing scheme in the industry is greatly hindered.
In this context, a lattice-based homomorphic encryption computing technology is rapidly evolving as a privacy computing scheme. In the homomorphic encryption algorithm, a data owner with private data encrypts the data and transmits the encrypted data to a calculator; the computer can directly execute the computer language with complete arbitrary intention on the encrypted ciphertext, and no interaction is needed to be carried out with the data owner in the process, so that the data security of the data owner is further protected.
The homomorphic encryption algorithm is an encryption algorithm meeting homomorphic operation property of ciphertext, namely, after data is homomorphic encrypted, specific calculation is carried out on ciphertext, and plaintext obtained by corresponding homomorphic decryption of ciphertext calculation results is equivalent to the same calculation directly carried out on plaintext data, so that "computable invisibility" of the data is realized. A homomorphic encryption algorithm is said to be homomorphic encryption (Fully Homomorphic Encryption, FHE) if it supports any form of computation on ciphertext; if partial forms of computation are supported on ciphertext, such as only addition, only multiplication, or limited number of additions and multiplications, it is referred to as semi-homomorphic encryption or partial homomorphic encryption, and English is abbreviated as SWHE (Somewhat Homomorphic Encryption) or PHE (Partially Homomorphic Encryption).
The decision tree model is one of the most widely applied machine learning models because of simple feature preprocessing, easy integrated learning, good fitting capability and interpretation, and is different from a linear model, and the decision tree model learns the proper weight of each feature through a data sample and makes a decision after weighting. The decision tree selects the appropriate features and makes decisions after feature partitioning. It has a tree structure in which each internal node represents a judgment on an attribute, each branch represents an output of a judgment result, and finally each leaf node represents a classification result, and can provide useful services such as automatic health evaluation, property value evaluation, data classification, and the like.
With the rapid development of artificial intelligence technology and cloud computing technology, the demand of machine learning as a cloud service is continuously growing, but the service scene generally requires a client to trust a server and provide privacy data in a plaintext form, so that the security of the privacy data is greatly compromised; meanwhile, advanced model training has huge economic cost, massive data in a specific field is needed as training resources, and the value and knowledge attributes of the data exist, wherein the attributes determine that a trained machine learning model has high commercial value and knowledge attributes, and the trained machine learning model must be incorporated into the intellectual property of a legal owner (namely, the party who creates the model). Thus, there is a technically urgent need to protect models from illegal copying, redistribution, or abuse.
Disclosure of Invention
The privacy decision tree reasoning method based on the isomorphic encryption is used for protecting data and models in the decision tree reasoning process and avoiding the problem that the models are illegally copied, redistributed or abused.
An embodiment of a first aspect of the present application provides a privacy decision tree reasoning method based on isomorphic encryption, including the following steps: encrypting the privacy data and the decision tree model by using an isomorphic encryption algorithm to obtain a privacy data ciphertext and a secret state decision tree model, and initializing the secret state decision tree model; comparing the node threshold value ciphertext of the secret state decision tree model with the privacy data ciphertext corresponding to the node by using a full homomorphic secret-secret comparison algorithm to obtain a node control bit ciphertext; and moving the root node value of the secret state decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext, decrypting the inference result ciphertext by using an identical state decryption algorithm, obtaining a classification label value of the node by using an inference result processing algorithm, and completing a decision tree inference process.
Optionally, in an embodiment of the present application, encrypting the privacy data and the decision tree model by using the isomorphic encryption algorithm to obtain the privacy data ciphertext and the secret decision tree model respectively includes: encrypting vector elements of the privacy data one by using an homomorphic encryption key to obtain the privacy data ciphertext, and encrypting node data in the decision tree model by using the homomorphic encryption key to obtain the secret state decision tree model.
Optionally, in one embodiment of the present application, initializing the dense state decision tree model includes: and assigning initial node values to nodes of the secret state decision tree model, wherein the node values of the root nodes of the secret state decision tree model are all identical state ciphertexts with values of 1, and all other node values except the root nodes are all identical state ciphertexts with values of 0.
Optionally, in an embodiment of the present application, comparing, by using the isomorphic secret-secret comparison algorithm, a node threshold ciphertext of the secret decision tree model with a privacy data ciphertext corresponding to a node to obtain the node control bit ciphertext includes: calculation ofIf->Then cb i An isotactic ciphertext of 1, otherwise an isotactic ciphertext of 0, wherein cb i Ciphertext a, which is the control bit of node i i For the attribute number corresponding to node i +.>For privacy data ciphertext corresponding to node i, ct i Is the threshold ciphertext for node i.
Optionally, in an embodiment of the present application, moving the root node value of the secret decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext includes: and starting from the root node of the secret state decision tree model, copying the root node value to a left child node or a right child node according to the node value and the node control bit ciphertext, and outputting the node values of all leaf nodes after copying is completed to obtain the reasoning result ciphertext.
Optionally, in an embodiment of the present application, the decrypting the inferred result ciphertext using an isomorphic decryption algorithm, and obtaining the classification label value of the node using an inferred result processing algorithm includes: and decrypting the reasoning result ciphertext by using the homomorphic decryption key to obtain a series of 0/1 sequences, and obtaining the classification label value of the corresponding node according to the position of 1.
An embodiment of a second aspect of the present application provides a privacy decision tree reasoning method based on isomorphic encryption, including: encrypting the privacy data by using an homomorphic encryption algorithm to obtain a privacy data ciphertext and initializing a plaintext decision tree model; comparing the node threshold value of the plaintext decision tree model with the privacy data ciphertext corresponding to the node by using a full homomorphic plaintext-ciphertext comparison algorithm to obtain a node control bit ciphertext; and moving the root node value of the plaintext decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext, decrypting the inference result ciphertext by using an isomorphic decryption algorithm, obtaining a classification label value of the node by using an inference result processing algorithm, and completing a decision tree inference process.
Optionally, in an embodiment of the present application, encrypting the private data with the homomorphic encryption algorithm to obtain the private data ciphertext includes: and encrypting vector elements of the private data one by using the homomorphic encryption key to obtain the private data ciphertext.
Optionally, in one embodiment of the present application, initializing the plaintext decision tree model includes: and assigning initial node values to nodes of the plaintext decision tree model, wherein the node values of the root nodes of the plaintext decision tree model are all equal-state ciphertexts with values of 1, and all other node values except the root nodes are all equal-state ciphertexts with values of 0.
Optionally, in an embodiment of the present application, comparing, by using the isomorphic bright-secret comparison algorithm, a node threshold value of the plaintext decision tree model and a privacy data ciphertext corresponding to a node to obtain the node control bit ciphertext includes: calculation ofIf->Then cb i An isotactic ciphertext of 1, otherwise an isotactic ciphertext of 0, whichIn cb i Ciphertext a, which is the control bit of node i i For the attribute number corresponding to node i +.>For privacy data ciphertext corresponding to node i, ct i Is the threshold value of node i.
Optionally, in an embodiment of the present application, the decrypting the inferred result ciphertext using an isomorphic decryption algorithm, and obtaining the classification label value of the node using an inferred result processing algorithm includes: and decrypting the reasoning result ciphertext by using the homomorphic decryption key to obtain a series of 0/1 sequences, and obtaining the classification label value of the corresponding node according to the position of 1.
The privacy decision tree reasoning method based on the full homomorphic encryption comprises a privacy secret decision tree reasoning scheme and a privacy plaintext decision tree reasoning scheme, wherein the privacy secret decision tree reasoning scheme can conduct privacy decision tree reasoning under the condition that a decision tree model and user data are in an encryption state, and the privacy plaintext decision tree reasoning scheme can complete plaintext decision tree reasoning under the condition that only the user data are encrypted, so that privacy data safety and decision tree model safety are protected.
Additional aspects and advantages of the application will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the application.
Drawings
The foregoing and/or additional aspects and advantages of the present application will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings, in which:
FIG. 1 is a flow chart of a privacy decision tree reasoning method based on isomorphic encryption provided in accordance with an embodiment of the present application;
FIG. 2 is a flowchart of a privacy decision tree reasoning method based specifically on homomorphic encryption according to an embodiment of the present application;
fig. 3 is a flowchart of another privacy decision tree reasoning method specifically based on homomorphic encryption according to an embodiment of the present application.
Detailed Description
Embodiments of the present application are described in detail below, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals refer to the same or similar elements or elements having the same or similar functions throughout. The embodiments described below by referring to the drawings are exemplary and intended for the purpose of explaining the present application and are not to be construed as limiting the present application.
The decision tree model is a basic classification and regression model, firstly, data are processed, readable rules and decision trees are generated by utilizing a generalization algorithm, and then, new data are analyzed by using the decision tree model. The embodiment of the application provides a dense state decision tree model, which is characterized in that rules and key data in the decision tree model are encrypted by using an isomorphic algorithm, so that the data security of the model is protected. The decision tree model is described as follows:
plaintext decision tree: the plaintext decision tree is a tree structure consisting of a series of leaf nodes and internal nodes, implementing a mapping F: z is Z n →{w 1 ,w 2 ,…,w d One attribute data vector x n ={x 1 ,x 2 ,…,x n Mapping to a finite set of tags { w } 1 ,w 2 ,…,w d And } on. The ith internal node has a threshold t i And attribute number a i The ith leaf has a tag value w i Each node has its own number, which is obtained from breadth-first traversal order starting with a root node number of 0.
A dense state decision tree: the secret state decision tree realizes the mapping from the secret data ciphertext to the classification label, is in a tree structure and consists of a series of internal nodes and leaf nodes. The nodes have respective numbers and node values, the numbers are obtained according to breadth-first traversal sequence, and the isomorphic ciphertext with the node value of 1/0 can be obtained by initialization; the internal node contains a threshold value encrypted using the homomorphic encryption algorithm and a represented attribute value number, and the leaf node contains a classification value encrypted using the homomorphic encryption algorithm and a leaf node number.
The secret state decision tree takes a secret data ciphertext vector encrypted by the homomorphic encryption algorithm as input, and each element in the vector represents an encrypted attribute value.
The output of the secret state decision tree is a classification result ciphertext vector encrypted by using the homomorphic encryption algorithm, the elements in the vector are 1/0 sequences encrypted by using the homomorphic encryption algorithm, and only one element is 1 encrypted by using the homomorphic encryption algorithm, and the position of the value is the classification label result.
The privacy decision tree reasoning scheme based on full homomorphic encryption comprises a privacy secret decision tree reasoning scheme and a privacy plaintext decision tree reasoning scheme, wherein the privacy secret decision tree reasoning scheme can conduct privacy decision tree reasoning under the condition that a decision tree model and user data are in an encryption state, and the privacy plaintext decision tree reasoning scheme can complete plaintext decision tree reasoning under the condition that only the user data are encrypted, so that privacy data safety and decision tree model safety are protected, as shown in figure 1. The following describes two reasoning schemes in detail.
First, a privacy secret state decision tree reasoning scheme is introduced.
Fig. 2 is a flowchart of a privacy decision tree reasoning method specifically based on homomorphic encryption according to an embodiment of the present application.
As shown in fig. 2, the privacy decision tree reasoning method based on isomorphic encryption comprises the following steps:
in step S101, the privacy data and the decision tree model are encrypted by using the isomorphic encryption algorithm, so as to obtain the privacy data ciphertext and the secret state decision tree model, and the secret state decision tree model is initialized.
The data encryption is divided into two parts, namely, the private data encryption and the decision tree key data encryption are carried out, so that the private data and the model data are encrypted, and the security of the private data and the security of the model data are protected. In the data encryption process, vector elements of private data are encrypted one by using an homomorphic encryption key to obtain private data ciphertext, key node data in a decision tree model are encrypted by using the homomorphic encryption key, and a secret state decision tree model is obtained.
Specifically, the encryption of the private data requires taking the homomorphic encryption parameter P, the homomorphic encryption algorithm encryption key EK and the private data M as inputs, and executing the encryption algorithm to obtain the private data ciphertext c= { cr 1 ,cr 2 ,…,cr d }。
The key data encryption of the decision tree needs to encrypt the internal node threshold value and the leaf node label value, and the internal node threshold value t is encrypted by the homomorphic encryption parameter P, the homomorphic encryption algorithm encryption key EK and the ith internal node threshold value t i For input, executing the encryption algorithm to obtain a threshold ciphertext ct i The method comprises the steps of carrying out a first treatment on the surface of the Encryption key EK and ith leaf node label value w with isomorphic encryption parameter P i For input, performing an encryption algorithm to obtain a tag value ciphertext cw i 。
Optionally, in one embodiment of the present application, initializing the dense state decision tree model includes: and assigning initial node values to nodes of the secret state decision tree model, wherein the node values of the root nodes of the secret state decision tree model are all identical state ciphertexts with the value of 1, and all other node values except the root nodes are all identical state ciphertexts with the value of 0.
The purpose of the initialization of the secret state decision tree is to assign an initial node value to the secret state decision tree node so as to carry out subsequent reasoning tasks. And in the process of initializing the secret state decision tree, initializing and assigning the node value of the secret state decision tree.
Specifically, in the process of initializing the secret state decision tree, cv is assigned to all nodes, all node values except the root node are assigned to be identical state encrypted parameters P, identical state encrypted algorithm encryption EK and 0 are used as inputs, and the encryption algorithm outputs the obtained ciphertext, namely, the identical state ciphertext of 0; the node value of the root node is assigned to be the homomorphic encryption parameter P, the homomorphic encryption algorithm encryption keys EK and 1 are taken as input, and the encryption algorithm outputs the obtained ciphertext, namely the homomorphic ciphertext of 1.
In step S102, a node threshold ciphertext of the secret state decision tree model and a privacy data ciphertext corresponding to the node are compared by using a full homomorphic secret-secret comparison algorithm, so as to obtain a node control bit ciphertext.
The purpose of the secret-secret threshold value comparison is to compare the secret data ciphertext with the threshold value ciphertext of the internal nodes of the decision tree to obtain the control bit ciphertext of each internal node. And in the process of comparing the secret-secret threshold value, comparing the decision tree encryption threshold value with the private data ciphertext by using an isohomomorphic secret-secret comparison algorithm to obtain the node control bit ciphertext.
Specifically, the cipher-cipher threshold value comparison uses an isomorphic cipher-cipher comparison algorithm to compare all internal node threshold value ciphertexts with corresponding private data ciphertexts to obtain the control bit ciphertexts cb of the node. Taking the ith internal node as an example, to obtain the control bit ciphertext cb for that node i The threshold value ct of the ith node needs to be compared i And an ith node attribute number a i Corresponding privacy data ciphertext elementI.e. calculate +.>If->Then cb i An isotactic ciphertext of 1, otherwise an isotactic ciphertext of 0.
In step S103, the root node value of the dense state decision tree model is moved according to the node control bit ciphertext to obtain an inference result ciphertext, the inference result ciphertext is decrypted by using the full state decryption algorithm, the classification label value of the node is obtained by using the inference result processing algorithm, and the decision tree inference process is completed.
The purpose of privacy state decision tree reasoning is to move the value of the root node according to the control bit ciphertext, so as to complete the reasoning process. In the reasoning process of the secret state decision tree, the secret state decision tree is deduced according to the ciphertext control bits and the privacy decision tree reasoning algorithm, and a reasoning result ciphertext is obtained.
Optionally, in an embodiment of the present application, moving the root node value of the secret decision tree model according to the node control bit ciphertext to obtain the inference result ciphertext includes: starting from a root node of the secret state decision tree model, copying the root node value to a left child node or a right child node according to the node value and the node control bit ciphertext, and outputting the node values of all leaf nodes after copying is completed to obtain an inference result ciphertext.
Specifically, the privacy decision tree reasoning starts from the root node, takes the value of the node (the root node is identical ciphertext 1) cv and the control bit cb as inputs, and copies the node value to the left child node or the right child node. Taking node i as an example, assume that the node value of node i is cv i Control bit cb i An isomorphic ciphertext of 1, i.e. the threshold ciphertext ct of the node i And corresponding private data ciphertextSatisfy->Then the left child node value cv lchild Assigned cv i If control bit cb i Isohomomorphic ciphertext of 0, then right child node value cv rchild Assigned v i I.e. cv lchild =HomAND(cb i ,cv i ),cv rchild =cv i -cv lchild Where HomAND (·) is a homomorphic AND gate AND the subtraction is a homomorphic subtraction. The algorithm is executed on the whole secret state decision tree, the node value of the root node can be copied to the corresponding leaf node, at the moment, only one identical state ciphertext with the node value of 1 of one leaf node exists, the identical state ciphertexts with the node values of 0 of the other leaf nodes exist, and the node values { cv of all the leaf nodes are output 1 ,cv 2 ,…,cv d }。
Optionally, in one embodiment of the present application, decrypting the inferred result ciphertext using an isomorphic decryption algorithm, and obtaining the classification label value of the node using an inferred result processing algorithm includes: and decrypting the reasoning result ciphertext by using the homomorphic decryption key to obtain a series of 0/1 sequences, and obtaining the classification label value of the corresponding node according to the position of the 1.
The purpose of the inference result processing is to convert the inference result ciphertext into a classification tag value. And in the reasoning result processing process, decrypting the reasoning result ciphertext by using the isomorphic decryption key, and obtaining a corresponding classification result by using a reasoning result processing algorithm.
Specifically, { cv 1 ,cv 2 ,…,cv d And (3) taking the isomorphic encryption parameter P and the isomorphic decryption key DK as inputs, decrypting by using an isomorphic decryption algorithm to obtain a series of 0/1 sequences, obtaining a classification label value of a corresponding leaf node according to the position of 1, and returning the classification label value to complete the whole reasoning process of the secret state decision tree.
The privacy decision tree reasoning method based on the isomorphic encryption, provided by the embodiment of the application, encrypts the user privacy data and the decision tree model by utilizing isomorphic encryption and other technologies, and makes reasoning on the secret decision tree by utilizing homomorphic algorithm, so that the whole flow protection of privacy data safety and model data safety is realized in the decision tree reasoning process, the secret decision tree reasoning can be completed in the encryption state of the privacy data and the decision tree model, the security of the privacy data and the model data in the decision tree cloud service process is greatly improved, and the information safety problem of the existing decision tree cloud service is solved.
The privacy plaintext decision tree reasoning scheme in the embodiment of the present application is similar to the privacy decision tree reasoning process, except that in the privacy plaintext decision tree reasoning, the decision tree is not needed, only the user privacy data is encrypted, and the plaintext decision tree reasoning is completed, as shown in fig. 3.
Fig. 3 is a flowchart of another privacy decision tree reasoning method specifically based on homomorphic encryption according to an embodiment of the present application.
As shown in fig. 3, the privacy decision tree reasoning method based on the full homomorphic encryption comprises the following steps:
step S201, encrypting the privacy data by using the homomorphic encryption algorithm to obtain a privacy data ciphertext, and initializing a plaintext decision tree model.
Similar to step S101, the difference is that only the private data of the user is encrypted at the time of data encryption. And encrypting the privacy data vector elements one by using the homomorphic encryption key to obtain the privacy data ciphertext.
Specifically, the encryption of the private data needs to take the homomorphic encryption parameter P, the homomorphic encryption algorithm encryption key EK and the private data M as inputs, and execute the encryption algorithm to obtain the private data ciphertext c= { cr 1 ,cr 2 ,…,cr d }。
Optionally, in one embodiment of the present application, initializing a plaintext decision tree model includes: and assigning initial node values to nodes of the plaintext decision tree model, wherein the node values of the root nodes of the plaintext decision tree model are all identical-state ciphertexts with 1, and the rest node values except the root nodes are all identical-state ciphertexts with 0.
The purpose of the plaintext decision tree initialization is to assign initial node values to the plaintext decision tree nodes so as to perform subsequent reasoning tasks. And in the process of initializing the plaintext decision tree, initializing and assigning the node value of the plaintext decision tree.
The initialization process of the plaintext decision tree assigns v to all nodes, and all other nodes except the root node assign 0 to the isotactic ciphertext; the fully homomorphic ciphertext having a node value of 1 for the root node.
Step S202, comparing the node threshold value of the plaintext decision tree model with the privacy data ciphertext corresponding to the node by using a full homomorphic bright-secret comparison algorithm to obtain the node control bit ciphertext.
The purpose of the plaintext-ciphertext threshold comparison is to compare the ciphertext of the private data with the threshold value of the internal node of the plaintext decision tree to obtain the ciphertext of the control bit of each internal node. And in the process of comparing the plaintext decision tree threshold value and the privacy data ciphertext, comparing the plaintext decision tree threshold value with the privacy data ciphertext by using an isomorphic ciphertext comparison algorithm to obtain a node control bit ciphertext.
Specifically, the comparison of the bright-secret threshold value uses an isomorphic bright-secret comparison algorithm to compare all the internal node threshold values with the corresponding private data ciphertext to obtain the control bit ciphertext cb of the node. Taking the ith internal node as an example, to obtain the control bit ciphertext cb for that node i The threshold t of the ith node needs to be compared i And an ith node attribute number a i Corresponding privacyData ciphertext elementI.e. calculate +.>If->Cbi is an isotactic ciphertext of 1, otherwise is an isotactic ciphertext of 0.
And step S203, moving the root node value of the plaintext decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext, decrypting the inference result ciphertext by using an isomorphic decryption algorithm, obtaining the classification label value of the node by using an inference result processing algorithm, and completing the decision tree inference process.
The privacy decision tree reasoning and reasoning result processing procedure is similar to that of the above-described embodiment.
The purpose of privacy decision tree reasoning is to move the value of the root node according to the control bit ciphertext, so as to complete the reasoning process. In the reasoning process of the privacy decision tree, reasoning is carried out on the plaintext decision tree according to the ciphertext control bits and the privacy decision tree reasoning algorithm, and a reasoning result ciphertext is obtained.
Specifically, the privacy decision tree reasoning starts from the root node, takes the value (the root node is identical ciphertext 1) cv of the node and the control bit cb as input, and copies the node value to the left child node or the right child node. Taking node i as an example, assume that the node value of node i is cv i Control bit cb i An isohomomorphic ciphertext of 1, i.e., the node's threshold ciphertext cti and corresponding private data ciphertextSatisfy->Then the left child node value cv lchild Assigned cv i If control bit cb i Isohomomorphic ciphertext of 0, then right child node value cv rchild Assigned v i I.e. cv lchild =HomAND(cb i ,cv i ),cv rchild =cv i -cv lchild Where HomAND (·) is a homomorphic AND gate AND the subtraction is a homomorphic subtraction. The algorithm is executed on the whole plaintext decision tree, the node value of the root node can be copied to the corresponding leaf node, at the moment, only one homomorphic ciphertext with the node value of 1 of one leaf node exists, homomorphic ciphertexts with the node values of 0 of the other leaf nodes exist, and the node values { cv of all the leaf nodes are output 1 ,cv 2 ,…,cv d }。
The purpose of the inference result processing is to convert the inference result ciphertext into a classification tag value. And in the reasoning result processing process, decrypting the reasoning result ciphertext by using the isomorphic decryption key, and obtaining a corresponding classification result by using a reasoning result processing algorithm.
Specifically, { cv 1 ,cv 2 ,…,cv d And (3) taking the isomorphic encryption parameter P and the isomorphic decryption key DK as inputs, decrypting by using an isomorphic decryption algorithm to obtain a series of 0/1 sequences, obtaining a classification label value of a corresponding leaf node according to the position of 1, and returning the classification label value to complete the whole privacy decision tree reasoning process.
The privacy decision tree reasoning method based on the isomorphic encryption, provided by the embodiment of the application, encrypts the user privacy data by utilizing technologies such as isomorphic encryption and the like, and performs reasoning on a plaintext decision tree by utilizing a homomorphic algorithm, so that the whole flow protection of privacy data security and model data security is realized in the decision tree reasoning process, the privacy data security and the model data security can be greatly improved, and the information security problem of the existing decision tree cloud service is solved.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present application. In this specification, schematic representations of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or N embodiments or examples. Furthermore, the different embodiments or examples described in this specification and the features of the different embodiments or examples may be combined and combined by those skilled in the art without contradiction.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In the description of the present application, the meaning of "N" is at least two, such as two, three, etc., unless explicitly defined otherwise.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more N executable instructions for implementing specific logical functions or steps of the process, and further implementations are included within the scope of the preferred embodiment of the present application in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the embodiments of the present application.
Claims (10)
1. The privacy decision tree reasoning method based on isomorphic encryption is characterized by comprising the following steps of:
encrypting the privacy data and the decision tree model by using an isomorphic encryption algorithm to obtain a privacy data ciphertext and a secret state decision tree model, and initializing the secret state decision tree model;
comparing the node threshold value ciphertext of the secret state decision tree model with the privacy data ciphertext corresponding to the node by using a full homomorphic secret-secret comparison algorithm to obtain a node control bit ciphertext;
and moving the root node value of the secret state decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext, decrypting the inference result ciphertext by using an identical state decryption algorithm, obtaining a classification label value of the node by using an inference result processing algorithm, and completing a decision tree inference process.
2. The method of claim 1, wherein encrypting the private data and the decision tree model with the fully homomorphic encryption algorithm to obtain the private data ciphertext and the secret state decision tree model, respectively, comprises:
encrypting vector elements of the privacy data one by using an homomorphic encryption key to obtain the privacy data ciphertext, and encrypting node data in the decision tree model by using the homomorphic encryption key to obtain the secret state decision tree model.
3. The method of claim 1, wherein initializing the dense state decision tree model comprises:
and assigning initial node values to nodes of the secret state decision tree model, wherein the node values of the root nodes of the secret state decision tree model are all identical state ciphertexts with values of 1, and all other node values except the root nodes are all identical state ciphertexts with values of 0.
4. The method of claim 1, wherein comparing the node threshold ciphertext of the encrypted decision tree model with the node-corresponding privacy data ciphertext using the isotactic secret-secret comparison algorithm to obtain the node control bit ciphertext comprises:
calculation ofIf->Then cb i An isotactic ciphertext of 1, otherwise an isotactic ciphertext of 0, wherein cb i Ciphertext a, which is the control bit of node i i For the attribute number corresponding to node i +.>For privacy data ciphertext corresponding to node i, ct i Is the threshold ciphertext for node i.
5. The method of claim 1, wherein moving the root node value of the dense state decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext comprises:
and starting from the root node of the secret state decision tree model, copying the root node value to a left child node or a right child node according to the node value and the node control bit ciphertext, and outputting the node values of all leaf nodes after copying is completed to obtain the reasoning result ciphertext.
6. The method of claim 1, wherein decrypting the inferred result ciphertext using an isomorphic decryption algorithm and deriving the classification tag value for the node using an inferred result processing algorithm comprises:
and decrypting the reasoning result ciphertext by using the homomorphic decryption key to obtain a series of 0/1 sequences, and obtaining the classification label value of the corresponding node according to the position of 1.
7. The privacy decision tree reasoning method based on isomorphic encryption is characterized by comprising the following steps of:
encrypting the privacy data by using an homomorphic encryption algorithm to obtain a privacy data ciphertext and initializing a plaintext decision tree model;
comparing the node threshold value of the plaintext decision tree model with the privacy data ciphertext corresponding to the node by using a full homomorphic plaintext-ciphertext comparison algorithm to obtain a node control bit ciphertext;
and moving the root node value of the plaintext decision tree model according to the node control bit ciphertext to obtain an inference result ciphertext, decrypting the inference result ciphertext by using an isomorphic decryption algorithm, obtaining a classification label value of the node by using an inference result processing algorithm, and completing a decision tree inference process.
8. The method of claim 7, wherein encrypting the private data using the homomorphic encryption algorithm to obtain the private data ciphertext comprises:
encrypting vector elements of the private data one by using an homomorphic encryption key to obtain the private data ciphertext;
initializing the plaintext decision tree model, comprising:
and assigning initial node values to nodes of the plaintext decision tree model, wherein the node values of the root nodes of the plaintext decision tree model are all equal-state ciphertexts with values of 1, and all other node values except the root nodes are all equal-state ciphertexts with values of 0.
9. The method of claim 7, wherein comparing the node threshold value of the plaintext decision tree model with the node-corresponding privacy data ciphertext using the isomorphic bright-dark comparison algorithm to obtain the node control bit ciphertext comprises:
calculation ofIf->Then cb i An isotactic ciphertext of 1, otherwise an isotactic ciphertext of 0, wherein cb i Ciphertext a, which is the control bit of node i i For the attribute number corresponding to node i +.>For privacy data ciphertext corresponding to node i, ct i Is the threshold value of node i.
10. The method of claim 7, wherein decrypting the inferred result ciphertext using an isomorphic decryption algorithm and deriving the classification tag value for the node using an inferred result processing algorithm comprises:
and decrypting the reasoning result ciphertext by using the homomorphic decryption key to obtain a series of 0/1 sequences, and obtaining the classification label value of the corresponding node according to the position of 1.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310188204.1A CN116484415A (en) | 2023-02-22 | 2023-02-22 | Privacy decision tree reasoning method based on isomorphic encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310188204.1A CN116484415A (en) | 2023-02-22 | 2023-02-22 | Privacy decision tree reasoning method based on isomorphic encryption |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116484415A true CN116484415A (en) | 2023-07-25 |
Family
ID=87222129
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310188204.1A Pending CN116484415A (en) | 2023-02-22 | 2023-02-22 | Privacy decision tree reasoning method based on isomorphic encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116484415A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117251805A (en) * | 2023-11-20 | 2023-12-19 | 杭州金智塔科技有限公司 | Federal gradient lifting decision tree model updating system based on breadth-first algorithm |
| CN117725620A (en) * | 2024-02-07 | 2024-03-19 | 蓝象智联(杭州)科技有限公司 | Classification result disclosure verification privacy protection method and system based on decision tree |
-
2023
- 2023-02-22 CN CN202310188204.1A patent/CN116484415A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117251805A (en) * | 2023-11-20 | 2023-12-19 | 杭州金智塔科技有限公司 | Federal gradient lifting decision tree model updating system based on breadth-first algorithm |
| CN117251805B (en) * | 2023-11-20 | 2024-04-16 | 杭州金智塔科技有限公司 | Federal gradient lifting decision tree model updating system based on breadth-first algorithm |
| CN117725620A (en) * | 2024-02-07 | 2024-03-19 | 蓝象智联(杭州)科技有限公司 | Classification result disclosure verification privacy protection method and system based on decision tree |
| CN117725620B (en) * | 2024-02-07 | 2024-04-30 | 蓝象智联(杭州)科技有限公司 | Classification result disclosure verification privacy protection method and system based on decision tree |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Tahir et al. | CryptoGA: a cryptosystem based on genetic algorithm for cloud data security | |
| Gai et al. | Blend arithmetic operations on tensor-based fully homomorphic encryption over real numbers | |
| CN110008717B (en) | Decision tree classification service system and method supporting privacy protection | |
| Riad et al. | A dynamic and hierarchical access control for IoT in multi-authority cloud storage | |
| CN116484415A (en) | Privacy decision tree reasoning method based on isomorphic encryption | |
| Cong et al. | Sortinghat: Efficient private decision tree evaluation via homomorphic encryption and transciphering | |
| Kazymyrov et al. | Influence of addition modulo 2 n on algebraic attacks | |
| WO2021129470A1 (en) | Polynomial-based system and method for fully homomorphic encryption of binary data | |
| Ren et al. | Improving availability of vertical federated learning: Relaxing inference on non-overlapping data | |
| Liu et al. | Quantum searchable encryption for cloud data based on full-blind quantum computation | |
| Soykan et al. | A survey and guideline on privacy enhancing technologies for collaborative machine learning | |
| Zhu et al. | Enhanced federated learning for edge data security in intelligent transportation systems | |
| Priyadharshini et al. | Efficient Key Management System Based Lightweight Devices in IoT. | |
| Raja et al. | Opposition based joint grey wolf-whale optimization algorithm based attribute based encryption in secure wireless communication | |
| Wang et al. | Protecting data privacy in federated learning combining differential privacy and weak encryption | |
| CN117349685A (en) | Clustering method, system, terminal and medium for communication data | |
| Gupta et al. | C 3 T: Cloud based cyclic cryptographic technique and it’s comparative analysis with classical cipher techniques | |
| Peng et al. | On the security of fully homomorphic encryption for data privacy in Internet of Things | |
| Barni et al. | Parallel implementation of GC-based MPC protocols in the semi-honest setting | |
| Marquet et al. | Secure key management for multi-party computation in mozaik | |
| Luqman et al. | Privacy and security implications of cloud-based ai services: A survey | |
| Xu et al. | Revisiting secure computation using functional encryption: Opportunities and research directions | |
| Wang et al. | Research on full homomorphic encryption algorithm for integer in cloud environment | |
| Eliseev et al. | Neural network cryptographic obfuscation for trusted cloud computing | |
| Kumar | Advanced RSA cryptographic algorithm for improving data security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |