JP7440149B1 - Data generation method, data generation program, and data generation system - Google Patents

Abstract

The present invention facilitates optimal parameter design without disclosing data contents. [Solution] A user terminal having a control unit and a user storage unit, a cryptographic calculation unit that performs calculations involving data encrypted using a homomorphic encryption method, and a machine learning model that outputs prediction results from parent data are stored. A method for use in a system comprising: an arithmetic device having an encrypted data storage; , a step of encrypting using a homomorphic encryption method using a public key, and a cryptographic operation unit and a control unit input a plurality of encrypted parent data to a machine learning model and based on a plurality of output prediction results, a next generation generation step of generating a plurality of child data; an update step in which the encrypted data storage unit stores the generated plurality of child data as a plurality of encrypted parent data; a next generation generation step and an update step; and repeating the steps. [Selection diagram] Figure 1

Description

The present disclosure relates to a data generation method, a data generation program, and a data generation system.

There are efforts to design optimal parameters using machine learning technology. For example, Patent Document 1 discloses an invention that is a technology related to materials informatics for efficiently developing new substances and discovers new material candidates from a chemical database.

Special Publication No. 2022-516697

In recent years, there has been a growing momentum in various fields to not only utilize data held internally (including information on machine learning models), but also to collaborate with external companies and organizations to utilize data. There is. However, providing and utilizing highly confidential data to other companies poses security issues such as information leaks and unauthorized use.

Therefore, the present disclosure has been made to solve the above problems, and the purpose is to generate data that facilitates optimal parameter design by utilizing data held by each organization without disclosing the contents. The purpose is to provide a method.

In order to achieve the above object, a data generation method according to the present disclosure includes a user terminal having a control unit, a user storage unit storing a plurality of parent data, and data encrypted using a homomorphic encryption method. A method used in a system comprising an arithmetic unit having a cryptographic arithmetic unit that performs an arithmetic operation and an encrypted data storage unit that stores a machine learning model that outputs a prediction result from parent data, the control unit a step of generating a key and a private key; a step of the control unit encrypting the plurality of parent data acquired from the user storage unit using a homomorphic encryption method using the public key; a cryptographic operation unit and the control unit; A next-generation generation step generates a plurality of child data based on a plurality of encrypted parent data input to a machine learning model and a plurality of output prediction results; The method includes an update step of storing child data as a plurality of encrypted parent data, a step of repeating the next generation generation step and the update step.

Furthermore, in order to achieve the above object, a data generation program according to the present disclosure includes a user terminal having a control unit, a user storage unit that stores a plurality of parent data, and a data generation program that generates data encrypted using a homomorphic encryption method. A program for use in a system comprising: a cryptographic computation unit that performs computations including; and a cryptographic data storage unit that stores a machine learning model that outputs prediction results from parent data; , a step of generating a public key and a private key, a step of the control unit encrypting a plurality of parent data acquired from the user storage unit using a homomorphic encryption method using the public key, a cryptographic operation unit and a control unit. However, a next generation generation step that generates multiple child data based on multiple prediction results output by inputting multiple encrypted parent data to a machine learning model, and an encrypted data storage unit are generated. The method includes an update step of storing a plurality of child data as a plurality of encrypted parent data, a step of repeating the next generation generation step and the update step.

Furthermore, in order to achieve the above object, a data generation system according to the present disclosure includes a user terminal having a control unit, a user storage unit that stores a plurality of parent data, and a data generation system that stores data encrypted using a homomorphic encryption method. and a cryptographic data storage unit that stores a machine learning model that outputs a prediction result from parent data. a step of generating a private key; a step of the control unit encrypting the plurality of parent data acquired from the user storage unit using a homomorphic encryption method using the public key; a next-generation generation step that generates a plurality of child data based on the plurality of prediction results outputted by inputting the plurality of parent data into a machine learning model; The method includes an update step of storing the data as a plurality of encrypted parent data, a next generation generation step, and a step of repeating the update step.

According to the present disclosure, it is possible to utilize the contents of data held by each organization without disclosing them, thereby facilitating optimal parameter design.

1 is an overall diagram of a data generation system 1. FIG. 1 is a diagram showing a hardware configuration of a terminal device 100. FIG. 1 is a block diagram showing a functional configuration of a terminal device 100. FIG. It is a figure showing the data structure of material data. FIG. 3 is a diagram showing a specific example of material data. It is a figure which shows an example of the screen which sets the material data of a search target. FIG. 3 is a diagram showing an example of a screen for setting objective variables. It is a figure explaining calculation of an evaluation value. 2 is a block diagram showing the functional configuration of a computing device 200. FIG. 6 is a diagram illustrating an example of identification difficulty processing according to the first embodiment. FIG. 6 is a diagram illustrating an example of identification difficulty processing according to the first embodiment. FIG. It is a figure showing an example of application of a genetic algorithm. 3 is a sequence diagram showing processing in the data generation system 1. FIG. 3 is a sequence diagram showing processing in the data generation system 1. FIG. 7 is a diagram illustrating an example of identification difficulty processing in Embodiment 2. FIG. 3 is a block diagram showing the functional configuration of a computing device 300. FIG. 3 is a sequence diagram showing processing in the data generation system 2. FIG. 1 is an overall diagram of a data generation system 4. FIG. 4 is a block diagram showing the functional configuration of a terminal device 400. FIG. 5 is a block diagram showing the functional configuration of a computing device 500. FIG. 4 is a sequence diagram showing processing in the data generation system 4. FIG.

Embodiments of the present disclosure will be described below with reference to the drawings. In all the figures explaining the embodiments, common components are given the same reference numerals and repeated explanations will be omitted. Note that the following embodiments do not unduly limit the content of the present disclosure described in the claims. Furthermore, not all components shown in the embodiments are essential components of the present disclosure.

<Summary of data generation method according to the present invention>
There are efforts to utilize machine learning technology to design optimal parameters and use them for setting delivery routes, predicting demand, designing the shape of industrial products, developing new substances, etc. For example, materials informatics uses a predictive model generated by machine learning using a large amount of data, with the characteristics of a chemical substance (composition, etc.) as an explanatory variable, and the properties of that chemical substance (hardness, etc.) as an objective variable. By doing so, it is possible to reduce the effort required to actually conduct experiments and confirm the properties of new substances.

Additionally, a genetic algorithm, which is an optimization algorithm that imitates natural evolution, is known as a method for searching for optimal parameters. Genetic algorithms are a method of searching for better individuals by repeatedly applying survival selection operations such as crossover and mutation to a population of individuals in the parent generation to obtain a child generation population. For example, by using a chemical substance having parameters searched by such an algorithm and a predictive model as described above, it is possible to efficiently develop a new substance.

In recent years, there has been a growing trend to collaborate with outside companies and utilize the data that each company owns, and there is a need for a method to link data while keeping highly confidential data hidden from other companies. According to the data generation method according to the present invention, the model provider who provides the predictive model does not disclose to the model user the child generation data that is currently being generated by the genetic algorithm. can be used without being guessed. Furthermore, the model user can obtain the final optimal solution without disclosing the prediction target data to the model provider.

Specifically, this is achieved by using homomorphic encryption, which allows calculations to be made while data is encrypted. On the other hand, if calculations are performed with all calculation steps encrypted, the calculation cost will be enormous. Therefore, in order to prevent the model user from inferring the predictive model, the survival selection operation for the parent generation population in the genetic algorithm is performed after processing that makes it difficult to identify the correct correspondence between the input and output of the predictive model. A child generation group is generated based on the evaluation value for the prediction result.

Thereby, in the genetic algorithm, a child generation population can be efficiently generated, and calculation costs can be reduced. Further, it is possible to prevent the model user from guessing the prediction model.

<Embodiment 1>
In the data generation system 1 according to the present embodiment, as described above, the operation of survival selection for the parent generation population in the genetic algorithm is performed using the input of the prediction model (prediction target data) so that the model user cannot infer the prediction model. As a process that makes it difficult to specify the correspondence between the output and the output (prediction result), a process of rearranging the correspondence is performed.

(Configuration of data generation system 1)
FIG. 1 is an overall diagram of the data generation system 1. Referring to FIG. 1, an overall diagram of a data generation system 1 according to the present embodiment will be described.

The data generation system 1 according to this embodiment includes one or more terminal devices 100 used by a user and a calculation device 200. The terminal device 100 and the arithmetic device 200 are communicably connected via the network NW. The network NW includes a WAN (Wide Area Network), a LAN (Local Area Network), and the like. In the data generation system 1, a user who wants to search for a new substance uses the computing device 200, which provides a predictive model owned by another organization, via the terminal device 100.

Terminal device 100 accepts input from a user, and transmits the input content to computing device 200 via network NW. Furthermore, the terminal device 100 receives data transmitted from the arithmetic device 200 via the network NW, and presents the data to the user.

The computing device 200 is a server of a model provider (or a platformer of the data generation system 1) that provides a predictive model. The arithmetic device 200 performs arithmetic processing such as machine learning inference processing and a search for a new substance using a genetic algorithm while keeping the data transmitted from the terminal device 100 in an encrypted state.

(Hardware configuration of terminal device 100)
FIG. 2 is a diagram showing the hardware configuration of the terminal device 100. With reference to FIG. 2, the hardware configuration of the terminal device 100 according to this embodiment will be described.

The terminal device 100 is a user terminal used by a user, and may be realized by a general-purpose computer such as a stationary or laptop PC (Personal Computer), or may be realized by a smartphone or a tablet. It's okay.

The terminal device 100 includes a processor 11, a memory 12, a storage 13, a communication IF 14, and an input/output IF 15.

The processor 11 is hardware for executing a set of instructions written in a program, and is composed of an arithmetic unit, registers, peripheral circuits, and the like.

The memory 12 is for temporarily storing programs and data processed by the programs. The memory 12 is realized, for example, by a volatile memory such as DRAM (Dynamic Random Access Memory). The program stored in the memory 12 is a program for executing the data generation method according to the present invention.

The storage 13 is a storage device for storing data. The storage 13 is realized by, for example, a flash memory, an HDD (Hard Disc Drive), or the like.

The communication IF 14 is an interface for transmitting and receiving signals so that the terminal device 100 communicates with an external device. Examples include a wireless communication device for wireless communication, a USB (Universal Serial Bus) connector for serial communication, and the like.

The input/output IF 15 is an interface with an input device for receiving input from a user and an output device for presenting information to the user. The input device is realized by, for example, a keyboard, a mouse, a touch panel, a button, a microphone, or the like. The output device is realized by, for example, a display, a printer, a speaker, or the like.

Note that the hardware configuration of the arithmetic device 200 may be the hardware configuration of the terminal device 100 shown in FIG. The computing device 200 may be realized by a general-purpose computer such as a workstation, a server computer, a stationary PC (Personal Computer), a laptop PC, etc., or it may be realized logically by cloud computing. may be done. The operation of each component of the arithmetic device 200 is realized by the processor 11 according to a program stored in the memory 12, similarly to the above-described terminal device 100.

(Functional configuration of terminal device 100)
FIG. 3 is a block diagram showing the functional configuration of the terminal device 100. The functional configuration of the terminal device 100 according to this embodiment will be described with reference to FIG. 3.

The terminal device 100 includes a communication section 110, an input section 120, an output section 130, a storage section 140, and a control section 150.

The communication unit 110 performs processing for the terminal device 100 to communicate with the computing device 200 and other devices. The other devices mentioned here may be PCs connected via a network, or terminals such as smartphones, tablets, and XR (Cross Reality) (AR: Augmented Reality, MR: Mixed Reality, VR: Virtual Reality). Good too. Further, the other device may be an input/output device, for example, a device that inputs and outputs data using a flash memory, an HDD, or the like.

The communication unit 110 also transmits and receives data to and from devices via the network NW, locally connected devices, and the like through a secure communication channel where security is ensured. The construction of a secure communication channel and the communication method are well-known techniques that use a common key (such as a session key), a public key, etc., and therefore their explanation will be omitted.

The input unit 120 is an interface that receives user input from the terminal device 100. The input unit 120 is, for example, a keyboard, a touch panel, a display panel in a virtual space, or a microphone that detects voice input, but is not limited to these. The user can input parameters and the like necessary for searching for new substances via the input unit 120. Examples of the parameters include explanatory variables to be searched, search constraints, objective variables to be predicted, target values of objective variables, priorities (weights), and the like.

Alternatively, search stopping conditions may be input. The stopping condition may be, for example, the number of generations generated by a genetic algorithm, a threshold value of an evaluation value (described later), or the maximum execution time required for the search. Input examples will be explained in FIGS. 6 and 7.

The output unit 130 is an interface that outputs information and notifies the user of the terminal device 100. The output unit 130 is, for example, a display or a speaker that outputs audio, but is not limited to these. The output unit 130 displays, for example, data received from the arithmetic device 200 or the like on a display.

The storage unit 140 includes, for example, a volatile memory such as a RAM, a flash memory, an HDD, etc., and stores data used by the terminal device 100 and computer programs used for various processes. The computer program may be installed from a predetermined server or the like, or may be installed from a computer-readable portable recording medium using a known setup program or the like. The portable recording medium is, for example, a CD-ROM (Compact Disc Read Only Memory) or a DVD-ROM (Digital Versatile Disc Read Only Memory).

The storage unit 140 functions as a “user storage unit” and includes a key storage unit 141 and a material database 142.

The key storage unit 141 stores a public key and a private key generated by a control unit 150, which will be described later. Note that the public key and the private key may be managed in a secure key management system (KMS) that is connected to the terminal device 100 via a network or directly. Further, the key storage unit 141 may store a plurality of key pairs of a public key and a private key, or may store a communication key (session key).

The material database 142 is a database that stores a plurality of material data. The plurality of material data is unknown material data to be searched for, but may also include known material data. The material database 142 stores a plurality of material data to be searched as a plurality of parent data of the genetic algorithm. Further, the material database 142 may store material data (child data) of search results.

The material data includes information indicating a plurality of characteristics regarding the material and information regarding a plurality of properties. The data structure of material data will be explained with reference to FIG.

The control unit 150 is a processor such as a CPU (Central Processing Unit) that controls each function of the terminal device 100 and operates based on a program stored in the storage unit 140 in advance.

The control unit 150 includes a key generation unit 151, an encryption/decryption unit 152, and an evaluation value calculation unit 153.

The key generation unit 151 generates a key pair of a public key and a private key for encrypting data or decrypting encrypted data. The generated public key and private key are stored in the key storage unit 141.

The encryption/decryption unit 152 encrypts a plurality of pieces of parent data stored in the material database 142 using a homomorphic encryption method using the generated public key. Homomorphic encryption methods include, for example, the Paillier method, the Lifted-ElGamal method, the Somewhat Homomorphic Encryption method, the Fully Homomorphic Encryption method, and the like. As described above, the material data includes information indicating a plurality of characteristics regarding the material, and the encryption/decryption unit 152 encrypts each value for each characteristic.

Further, the encryption/decryption unit 152 decrypts the encrypted data received from the arithmetic device 200 using the private key paired with the public key.

The evaluation value calculation unit 153 calculates an evaluation value for the target value from a prediction result (prediction value) output by a prediction model (described later) of the calculation device 200. The evaluation value is a value indicating how much the two values differ, and may be evaluated by a known method such as using an absolute difference, a square difference, a relative error, a specific index, weighting, etc. Note that in this embodiment, the evaluation value is the absolute difference between the prediction result and the target value. For example, if the prediction result is "20" and the target value is "24", the evaluation value is the absolute difference between the target value and the prediction result of "4" (=|20-24|).

FIG. 4 is a diagram showing the data structure of material data. The data structure of material data will be explained with reference to FIG. 4.

The material data 1000 includes a material ID 1100, information 1200 indicating characteristics of the material, and information 1300 indicating characteristics of the material.

The material ID 1000 is an identifier that identifies each piece of material data.

Information 1200 indicating the characteristics of the material includes, for example, substances that constitute the material, and is expressed as a plurality of explanatory variables x1 to xn. For each material data, numerical values such as experimental values and calculated values are input as information indicating the characteristics of the material. Note that the explanatory variables are not limited to information indicating the characteristics of the material, but may also include information indicating process conditions (temperature, pressure, time, etc.) in the reaction step or production step of the material.

The information 1300 indicating the properties of the material is, for example, the physical properties, chemical properties, mechanical properties, and electrical properties of the material, such as the density, hardness, conductivity, and strength of the material, and includes a plurality of objective variables. Represented as y1~ym.

If the material data identified by the material ID 1100 is unknown material data to be searched for, a symbol or the like indicating that the information is unknown is input to the information 1300 indicating the characteristics of the material. On the other hand, if the material identified by the material ID 1100 is a known material, numerical values such as experimental values, calculated values, etc. of the characteristics are input to the information 1300 indicating the characteristics of the material.

Note that, as described in FIG. 3, in the example of FIG. 4, the encryption/decryption unit 152 of the terminal device 100 encrypts each cell (explanatory variable) of the unknown material data to be searched.

FIG. 5 is a diagram showing a specific example of material data. A specific example of material data stored in the material database 142 will be described with reference to FIG. 5.

The material data 2000 is a data set that includes a material ID, material characteristics (explanatory variables), and material characteristics (objective variables).

In the example of FIG. 5, the characteristics of the material include "Raw material A", "Raw material B", "Raw material C", etc., "Additive X", "Additive Y", "Additive Z" constituting the material. . The material properties also include the "viscosity" of the material. Note that in the example of FIG. 5, there is one objective variable, but there may be a plurality of objective variables.

For each material ID that identifies the material, material characteristics (explanatory variables) and material characteristics (objective variables) are associated. In addition, numerical values such as experimental values indicating the characteristics of each material are input as explanatory variables. "NULL" indicating that a numerical value does not exist is input to the target variable of the material data that is the search target, but a numerical value is input to the target variable of the known material.

The material data identified by the material IDs "1" to "5" are the material data to be searched, and "NULL" is input to the viscosity, which is the objective variable. Specifically, when the material ID is "1", raw material A is "80", raw material B is "0", raw material C is "0", ..., additive X is "4", additive Y is " 0", additive Z is "8", and viscosity is "NULL". The material data to be searched for is stored in the material database 142 as parent data for the genetic algorithm. That is, the plurality of parent data is a data set in which records including respective values corresponding to the plurality of explanatory variables are arranged in a predetermined order.

The material data identified by the material IDs "51" to "55" are known material data, and numerical values are input to the explanatory variables and objective variables. Specifically, when the material ID is "51", raw material A is "40", raw material B is "0", raw material C is "0", ..., additive X is "2", additive Y is " 0'', additive Z is ``8'', and viscosity is ``10''. The known material data may be, for example, searched material data or material data whose actual measured values are known in advance. Known material data may be used as training data for machine learning.

FIG. 6 is a diagram showing an example of a screen for setting material data to be searched. An example of setting material data to be searched will be described with reference to FIG. 6.

Screen 3000 includes information 3100 indicating characteristics of the material, selection field 3200, and information 3300 indicating range. Screen 3000 is displayed on output unit 130 of terminal device 100, for example. The user inputs parameters necessary for searching for material data via the input unit 120.

Information 3100 indicating the material indicates characteristics (explanatory variables) of the material data. For example, in the example of FIG. 6, all the explanatory variables shown in FIG. Alternatively, the selection may be made using a pull-down display.

A selection column 3200 shows checkboxes for selecting explanatory variables to be optimized from among the explanatory variables. In the example of FIG. 6, "Additive X", "Additive Y", and "Additive Z" are selected as targets to be optimized.

Information 3300 indicating the range indicates the constraint conditions of the explanatory variable selected as the optimization target. In the example of FIG. 6, the user can input a minimum value and a maximum value as parameters and set the optimization to be performed within this value range. That is, in the example of FIG. 6, among the material characteristics, "additive It is set to search for material data that falls within the range of 3.

FIG. 7 is a diagram showing an example of a screen for setting objective variables. An example of setting target variables to be predicted will be described with reference to FIG. 7.

Screen 4000 includes information 4100 indicating objective variables, selection field 4200, information 4300 indicating target values, and information 4400 indicating weights. Screen 4000 is displayed on output unit 130 of terminal device 100, for example. The user inputs parameters necessary for setting the objective variable via the input unit 120.

Information 4100 indicating the objective variable indicates the characteristics (objective variable) of the material data. For example, in the example of FIG. 7, the properties of the material are shown: strength, solubility, . . . , viscosity, conductivity, and resistance. Note that the target variable may be input by the user or may be selected from a pull-down display.

A selection column 4200 shows checkboxes for selecting the target variable to be predicted. In the example of FIG. 7, "solubility" and "viscosity" are selected as the targets to be predicted. Note that a plurality of objective variables or only one objective variable may be selected.

Information 4300 indicating the target value indicates the target value of the objective variable, and sets the final value of the objective variable of the searched material data. In the example of FIG. 7, the target values are set as "10" for "solubility" and "40" for "viscosity."

Information 4400 indicating weight is a parameter indicating which objective variable is to be emphasized when a plurality of objective variables are selected. In the example of FIG. 7, for weights with a setting range of 0 to 100, "40" is entered for "solubility" and "60" is entered for "viscosity." In other words, the setting is such that material data is searched with emphasis on "viscosity".

FIG. 8 is a diagram illustrating calculation of evaluation values. With reference to FIG. 8, an example of a method by which the evaluation value calculation unit 153 of the control unit 150 in the terminal device 100 calculates an evaluation value will be described.

The example in FIG. 8 shows evaluation values for each material ID when viscosity is the objective variable and its target value is "40". The evaluation value represents the distance (absolute difference) between the target value and the predicted value of the target variable. For material ID "11", the predicted value of viscosity is "20", so "20" (=|40-20|), which is the distance from the target value "40", is calculated as the evaluation value.

Similarly, for material ID "13", the predicted viscosity value is "50", so "10" (=|40-50|), which is the distance from the target value "40", is calculated as the evaluation value. .

In the example of FIG. 8, the evaluation value of material ID "14" among material IDs "11" to "15" is "0", and the predicted value of the objective variable of material ID "14" has achieved the target value. It shows that you are doing it.

(Functional configuration of arithmetic device 200)
FIG. 9 is a block diagram showing the functional configuration of the arithmetic device 200. With reference to FIG. 9, the functional configuration of the arithmetic device 200 according to the first embodiment will be described.

The arithmetic device 200 includes a communication section 210, an input section 220, an output section 230, a storage section 240, and a control section 250.

The communication unit 210 performs processing for the arithmetic device 200 to communicate with the terminal device 100 and other devices. The communication unit 210 has the same function as the communication unit 110 of the terminal device 100, so a redundant explanation will be omitted.

The input unit 220 is an interface that receives user input from the arithmetic device 200. The input unit 220 is, for example, a keyboard, a touch panel, or a microphone that detects voice input, but is not limited to these.

The output unit 230 is an interface that outputs information and notifies the user of the computing device 200. The output unit 230 is, for example, a display or a speaker that outputs audio, but is not limited to these. For example, the output unit 230 displays data received from the terminal device 100 or the like on a display.

The storage unit 240 is configured of, for example, a volatile memory such as a RAM, a flash memory, an HDD, etc., and stores data used by the arithmetic unit 200 and computer programs used for various processes. The storage unit 240 has the same function as the storage unit 140 of the terminal device 100, so a duplicate explanation will be omitted.

The storage unit 240 functions as a “cipher data storage unit” and includes a model database 241 and a parent data storage unit 242.

The model database 241 stores a predictive model constructed by machine learning using material data as training data, with material characteristics as explanatory variables and material characteristics as objective variables. Specifically, the training data is a data set in which, for each of a plurality of material data, the values of a plurality of explanatory variables regarding material characteristics are associated with the values of one or more objective variables regarding material characteristics. be.

The prediction model is a machine learning model that outputs prediction results from parent data acquired from the terminal device 100. Model database 241 may store multiple predictive models. For example, predictive models differ in model construction algorithms such as linear regression, logistics regression, support vector machine (SVM), and neural networks, in the amount of training data, in the accuracy of labeling, and in the selection of explanatory variables and preprocessing. etc., or the parameters of the learning process may be different.

The parent data storage unit 242 stores encrypted parent data obtained from the terminal device 100. Furthermore, the parent data storage unit 242 updates and stores child data generated by the next generation generation unit 252, which will be described later, as parent data. The parent data acquired from the terminal device 100 is, in other words, the material data to be searched.

The control unit 250 is a processor such as a CPU (Central Processing Unit) that controls each function of the arithmetic device 200 and operates based on a program stored in the storage unit 240 in advance.

The control unit 250 functions as a “cipher calculation unit” that performs calculations involving data encrypted using a homomorphic encryption method, and includes a prediction unit 251, a next generation generation unit 252, and an identification difficulty unit 253. .

The prediction unit 251 outputs the prediction result of the target variable from the parent data encrypted by the homomorphic encryption method based on the prediction model of the model database 241. Specifically, the prediction unit 251 selects a prediction model from the model database 241 according to the target variable set in the terminal device 100. The prediction unit 251 then encrypts the prediction model using a homomorphic encryption method using the public key of the terminal device 100. Next, the prediction unit 251 inputs the parent data into the encrypted prediction model and outputs the predicted value of the objective variable. The output predicted value is encrypted by homomorphic encryption using the public key of the terminal device 100, and is not disclosed to the user of the computing device 200.

The next generation generation unit 252 generates a plurality of child data by applying a genetic algorithm to a plurality of encrypted parent data that satisfy a predetermined condition. The predetermined condition may be, for example, data whose evaluation value is within the top 10, or data whose evaluation value is within a predetermined threshold. Additionally, genetic algorithms may be applied to randomly selected parent data from data that meet these conditions, or multiple sets of parent data, including randomly selected parent data and parent data extracted based on evaluation values, may be applied. A genetic algorithm may be applied to the parent data. The generation of child data using the genetic algorithm will be outlined in FIG. 12, but since the genetic algorithm is a well-known technique, detailed explanation will be omitted here.

The identification difficulty unit 253 performs a process of rearranging the correspondence between the input (parent data) and the output (prediction result) to the prediction model. Further, the identification difficulty unit 253 performs processing to restore the rearranged correspondence relationships to their original state (cancellation of identification difficulty processing). By performing the rearrangement process, it is possible to hide the correct correspondence between the input and output of the prediction model, thereby preventing the prediction model from being estimated.

Further, the identification difficulty unit 253 may perform a process of rearranging the correspondence relationships for explanatory variables included in a plurality of child data (material data). This makes it possible to hide the correspondence between correct child data (input) and output, thereby preventing the prediction model from being estimated. Note that a specific example of the rearrangement process will be explained with reference to FIGS. 10 and 11.

FIG. 10 is a diagram illustrating an example of identification difficulty processing in the first embodiment. With reference to FIG. 10, a process of rearranging the correspondence between explanatory variables of material data and target variables will be described as a process to make identification difficult.

The material data 5100 is a data set in which explanatory variables regarding material characteristics correspond to objective variables regarding material characteristics. Material ID 5110 and material ID 5120 indicate the same identifier. For example, the explanatory variable of material ID "1" and the objective variable of material ID "1" have a corresponding relationship.

The material data 5200 is a data set after performing processing on the material data 5100 to rearrange the correspondence between explanatory variables and objective variables as a process to make identification difficult. Material ID 5210 corresponds to material ID 5110 and indicates the same identifier. The material ID 5220 is obtained by rearranging the identifiers (numbers) of the material ID 5120. For example, for the explanatory variable of material ID "1", the objective variable of material ID "4" (viscosity "30") is associated with the objective variable (viscosity "30") instead of the objective variable (viscosity "20") of material ID "1". ing. Similarly, the explanatory variable of material ID "2" is associated with the objective variable of material ID "1" (viscosity "20") instead of the objective variable of material ID "2" (viscosity "10"). It is being In this manner, the identification difficulty processing rearranges the correspondence between explanatory variables and objective variables. After sorting, a new identifier may be assigned, for example, as the temporary material ID 5230.

When transmitting the prediction results to the terminal device 100, by transmitting the rearranged prediction results, the terminal device 100 cannot identify the correct predicted value of the objective variable corresponding to the explanatory variable for the material ID. . That is, since the user of the terminal device 100 who is a model user cannot acquire material data consisting of explanatory variables and objective variables, it is difficult to infer a predictive model based on these material data. Therefore, the model provider can allow the model user to use the predictive model without having the model user guess the predictive model.

Further, the identification difficulty making unit 253 can cancel the identification difficulty processing by storing the correspondence relationship between the material ID 5220 and the temporary material ID 5230.

FIG. 11 is a diagram illustrating an example of the identification difficulty processing in the first embodiment. With reference to FIG. 11, a process of rearranging the correspondence of explanatory variables of material data will be described as a process to make identification difficult.

Material data 5300 is a dataset of parent data composed of explanatory variables related to material characteristics. Material data 5400 is a data set in which identification difficulty processing has been performed on the explanatory variables of material data 5300.

As identification difficulty processing, processing is performed for the material data 5300 to rearrange the values corresponding to the explanatory variable "raw material A" of each material ID. For example, the values corresponding to "raw material A" of material ID "21" to material ID "25" are "80", "10", "20", "70", and "30", respectively. Accordingly, the values corresponding to "raw material A" are set to "10", "80", "70", "30", and "20", respectively. Similarly, the values corresponding to "raw material B" of material ID "21" to material ID "25" are "10", "80", "20", "30", and "70", respectively. By changing, the values corresponding to "raw material B" are set to "20", "30", "10", "70", and "80", respectively.

By rearranging the correspondence of each explanatory variable in this way, a data set indicated by material data 5400 is obtained. That is, for example, the material data identified by material ID "21'" is "10" for "raw material A", "20" for "raw material B", "80" for "raw material C", etc., "additive", etc. "X" is "0", "Additive Y" is "6", and "Additive Z" is "0". By performing the identification difficulty processing on the material data 5300, the material data identified by the material ID "21" becomes difficult to identify from the material data 5400.

In addition, in the example of FIG. 11, the correspondence of all the explanatory variables of the material data 5300 was rearranged, but if it becomes difficult to identify each material data, it may be necessary to make it difficult to identify only some of the explanatory variables. Processing may also be executed. Furthermore, the identification difficulty making unit 253 can cancel the identification difficulty processing by storing the correspondence relationship with the rearranged material IDs for each explanatory variable.

FIG. 12 is a diagram showing an example of application of the genetic algorithm. Referring to FIG. 11, when optimizing the explanatory variables “Additive X”, “Additive Y”, and “Additive Z” of material data 6100, genetic algorithm is used to The process of generating child data (material ID "C1" and material ID "C2") from material ID "5") will be described.

In the genetic algorithm, the process of selecting two from N individuals (each material data) of the parent generation and performing crossover, or selecting one and performing mutation, or copying it as is, is performed on the child. This process is repeated until the number of individuals in each generation reaches N. Then, when the number of child generations reaches N, the child generation is updated as the parent generation, and the same process is repeated. For example, after repeating the process a predetermined number of times, individuals in the parent generation with good evaluation values (that is, close to the target value) are output as "solutions."

In the example of FIG. 12, when the material data of material ID "1" and material ID "5" intersect at one point, first, the intersecting location is randomly selected. In the material data 6100, the intersection point L1 is between the additive X and the additive Y.

Then, data after the intersection point L1 is replaced. In the material data 6100, if data is arranged from raw material A to additive Z, the values of "additive Y" and "additive Z" of material ID "1" located after the intersection point L1 are Replace the values of "Additive Y" and "Additive Z" with ID "5".

Material data 6200 is child data (material ID "C1" and material ID "C5") generated by crossover. Due to the crossover, material data of compositions different from those of material ID "1" and material ID "5" is generated for "additive X", "additive Y", and "additive Z".

(Processing in data generation system 1)
FIG. 13 is a sequence diagram showing processing in the data generation system 1. Referring to FIG. 13, in the data generation system 1, next generation child data is generated (next generation generation step) from the search target material data (parent data) input to the terminal device 100, and the child data is converted into the parent data. The process of updating (update step) as follows will be explained.

FIG. 13 shows an example of processing in the terminal device 100 and the arithmetic device 200 (in particular, the prediction unit 251, the next generation generation unit 252, and the identification difficulty unit 253).

In step S100, parameters and the like are set in the data generation system 1. Specifically, the key generation unit 151 of the terminal device 100 generates a public key and a private key, and stores them in the key storage unit 141 of the storage unit 140. Further, the terminal device 100 transmits the generated public key to the computing device 200, and the computing device 200 stores the public key in the storage unit 240.

The terminal device 100 also acquires parameters necessary for searching for material data. The parameters are, for example, objective variables, target values, and explanatory variables to be optimized. Alternatively, the stop condition may be the number of times the arithmetic device 200 repeats the next generation generation step and the update step, or the maximum execution time of an algorithm. Note that the optimum stop conditions may be set in advance by the developer of the data generation system 1, and may be changed by the user of the terminal device 100 as appropriate.

Further, the terminal device 100 acquires a plurality of material data to be searched as a plurality of parent data and stores them in the material database 142 of the storage unit 140.

In step S101, the encryption/decryption unit 152 of the terminal device 100 reads a plurality of parent data to be searched from the material database 142, and encrypts them using the homomorphic encryption method using the generated public key. Parent data is encrypted in explanatory variable units (cell units).

In step S102, the communication unit 210 of the computing device 200 acquires a plurality of parent data encrypted by the terminal device 100, and the parent data storage unit 242 stores the acquired plurality of parent data.

In step S103, the prediction unit 251 of the arithmetic device 200 predicts the characteristics of the material. Specifically, the prediction unit 251 reads from the model database 241 a prediction model according to the objective variable set in step S100. Then, the prediction unit 251 inputs a plurality of parent data, which is material data to be searched, into the prediction model, and outputs a plurality of prediction results (predicted values) corresponding to each of the parent data. Note that the prediction model is encrypted using the public key obtained from the terminal device 100 (that is, the public key used in encrypting the parent data) so that it is in the same cryptographic space as the plurality of encrypted parent data. Thereby, it is possible to efficiently calculate and output prediction results.

In step S104, the identification difficulty unit 253 acquires a plurality of prediction results output by the prediction unit 251.

In step S105, the identification difficulty unit 253 performs identification difficulty processing on the plurality of output prediction results to make it difficult to identify the plurality of prediction results corresponding to the plurality of parent data. Specifically, the identification difficulty unit 253 performs a process of rearranging the correspondence between the input (explanatory variable) and the output (objective variable) of the prediction model, as shown in FIG. The identification difficulty unit 253 stores the rearranged correspondence relationships.

In step S<b>106 , the communication unit 110 of the terminal device 100 acquires, via the communication unit 210 of the arithmetic device 200 , a plurality of prediction results on which the identification difficulty processing has been performed.

In step S107, the encryption/decryption unit 152 of the terminal device 100 reads the secret key from the key storage unit 141, and uses the secret key to decrypt the obtained plurality of prediction results that have been subjected to the identification difficulty processing. The prediction results are disclosed to the user of the terminal device 100, but since the correspondence between the explanatory variables of the parent data and the target variables (prediction results) has been rearranged in step S105, the predictions corresponding to which parent data I can't know what the results are. That is, since the input and output of the prediction model are not disclosed in the correct correspondence to the user of the terminal device 100, it is difficult to infer the prediction model. The provider of the predictive model can allow the model user to utilize the predictive model while keeping it confidential.

In step S108, the evaluation value calculation unit 153 of the terminal device 100 calculates a plurality of evaluation values for each target value of the plurality of prediction results from the plurality of decoded prediction results. Specifically, the evaluation value calculating unit 153 calculates the distance between the target value set in step S100 and the prediction result (predicted value). Note that in this embodiment, the absolute difference is calculated as a distance, but any method may be used to calculate the value as long as it indicates how much the target value and the predicted value differ.

In step S109, the identification difficulty unit 253 of the arithmetic device 200 acquires the plurality of evaluation values calculated in step S108 via the communication unit 210. Note that the plurality of evaluation values are transmitted to the arithmetic device 200 in a manner that allows the correspondence with the prediction results used to calculate the evaluation values to be understood. For example, an identifier corresponding to an ID for identifying a prediction result may be given to the evaluation value, and the evaluation value may be transmitted to the calculation device 200 together with the correspondence between the evaluation value and the prediction result.

Note that since the evaluation value is not encrypted in the terminal device 100, the evaluation value is disclosed to the user of the arithmetic device 200. However, the explanatory variables of the material data input to the prediction model and their prediction results cannot be determined from the evaluation values. That is, since it is not disclosed to the user of the calculation device 200 what kind of feature (explanatory variable) is the characteristic (objective variable) for the material data, it is difficult to obtain the material data to be predicted. The model user can use the predictive model while keeping the material data to be searched secret from the model provider.

In step S110, the identification difficulty section 253 of the arithmetic device 200 cancels the identification difficulty processing for the plurality of prediction results corresponding to the plurality of acquired evaluation values. Specifically, the identification difficulty unit 253 executes a process of restoring the correspondence relationship rearranged in step S105, and sets the prediction result for the explanatory variable of the parent data as the correct correspondence relationship.

In step S111, the next generation generation unit 252 of the arithmetic device 200 acquires a plurality of evaluation values corresponding to a plurality of parent data via a plurality of prediction results for which the identification difficulty processing has been canceled. Since there is a correspondence relationship between the parent data and the prediction result, and a correspondence relationship between the prediction result and the evaluation value calculated from the prediction result, it is possible to obtain the evaluation value corresponding to the parent data via the prediction result. I can do it.

In step S112, the next generation generation unit 252 generates the next generation. Specifically, the next generation generation unit 252 extracts a plurality of parent data corresponding to evaluation values that satisfy a predetermined condition. Then, a genetic algorithm is applied to the extracted plurality of parent data to generate a plurality of child data. The predetermined condition may be, for example, that the evaluation value is within the top 10 or that the evaluation value is within a predetermined threshold. An application example of the genetic algorithm is as shown in FIG. 11. Since the material data is encrypted for each explanatory variable, the generated child data is not disclosed to the user of the computing device 200.

In step S113, the identification difficulty unit 253 acquires the plurality of generated child data.

In step S114, the identification difficulty making unit 253 performs identification difficulty processing on the generated explanatory variables of the plurality of child data. Specifically, as explained in FIG. 11, the correspondence of explanatory variables included in each child data is rearranged.

In step S115, the communication unit 110 of the terminal device 100 acquires a plurality of child data on which the identification difficulty processing has been performed.

In step S116, the encryption/decryption unit 152 of the terminal device 100 re-encrypts the plurality of child data. Specifically, the encryption/decryption unit 152 reads the private key from the key storage unit 141, and uses the private key to decrypt the plurality of child data acquired in step S115. Further, the encryption/decryption unit 152 reads the public key from the key storage unit 141 and re-encrypts the plurality of decrypted child data using the homomorphic encryption method using the public key. Child data is encrypted in units of explanatory variables.

The re-encryption process performed in step S116 is necessary to control errors accumulated in the process of calculations using homomorphic encryption and to continue to perform calculations efficiently. For the re-encryption process, the child data is decrypted in step S116, but even if the child data is decrypted, the child data has been processed to make it difficult to identify in step S114, so the terminal device 100 users cannot specify child data.

In step S117, the identification difficulty unit 253 of the arithmetic device 200 acquires the plurality of re-encrypted child data via the communication unit 210.

In step S118, the identification difficulty making unit 253 cancels the identification difficulty processing for the explanatory variables of the plurality of child data. Specifically, the rearrangement is performed to restore the correspondence of explanatory variables that was performed in step S114.

In step S119, the next generation generation unit 252 of the arithmetic device 200 acquires a plurality of child data from which the identification difficulty processing has been canceled.

In step S120, the next generation generation unit 252 updates the child data as parent data. Specifically, the next generation generation unit 252 causes the parent data storage unit 242 to store the child data acquired in step S119. That is, the parent data storage unit 242 stores a plurality of child data as a plurality of encrypted parent data.

In step S121, the prediction unit 251 of the arithmetic device 200 acquires a plurality of encrypted parent data.

As described above, the processing from step S103 to step S119 is performed by the control unit 250 of the arithmetic device 200 and the control unit 150 of the terminal device 100 inputting a plurality of encrypted parent data to the machine learning model and outputting the data. This is a next generation generation step that generates a plurality of child data based on a plurality of prediction results. Further, step S120 is an update step in which the parent data storage unit 242 of the arithmetic device 200 stores the plurality of generated child data as a plurality of encrypted parent data.

After step S121, the next generation child data can be repeatedly generated by repeating the processes performed in steps S103 to S120.

Note that the re-encryption process performed in step S116 may be omitted if the calculation using homomorphic encryption can be executed in a realistic time depending on the homomorphic encryption algorithm, the processing performance of the calculation device 200, etc. You may. If the re-encryption process is omitted, the plurality of child data generated by the next generation generation unit 252 in step S112 are then updated as parent data in step S120. That is, since the re-encryption process is not performed in the terminal device 100 (the child data is not decrypted), there is no need to perform the identification difficulty process for concealing the child data, and the processes from step S113 to step S119 are omitted. be able to.

FIG. 14 is a sequence diagram showing processing in the data generation system 1. With reference to FIG. 14, the process of outputting the searched material data, which is performed after the process shown in FIG. 13, will be described.

In step S200, a step of repeating a next generation generation step and an update step is performed between the terminal device 100 and the arithmetic device 200. The number of repetitions may be input as a setting parameter in step S100 of FIG. 13.

In step S201, the prediction unit 201 of the arithmetic device 200 acquires a plurality of parent data (that is, a plurality of generated child data) updated in step S200, inputs the acquired data to a prediction model, and outputs a prediction result.

In step S202, the communication unit 110 of the terminal device 100 acquires a plurality of parent data input to the prediction model in step S201 and a prediction result corresponding to the parent data, as a search result using the genetic algorithm.

In step S203, the encryption/decryption unit 152 of the terminal device 100 reads the private key from the key storage unit 141 and decrypts the obtained parent data and prediction result.

Through the above processing, the user of the terminal device 100 can obtain the material data to be searched and the predicted value of the objective variable predicted from the material data.

In the data generation system 1 according to the present embodiment, the search target is material data, but in addition to this, for example, in the manufacturing process of industrial products, design (shape, appearance, dimensions, etc.) and specifications (function) can be searched. It is also possible to search for parameters related to performance, performance, standards, etc.), delivery route optimization, and demand forecasting.

(Explanation of effects)
According to the data generation method according to the present invention, homomorphic encryption is used that allows calculations to be made while data is encrypted, and material data generated by a genetic algorithm and a prediction model that predicts the characteristics of the material data are used. This allows us to explore unknown material data. Here, the survival selection operation for the parent generation population in the genetic algorithm is performed after processing that makes it difficult to identify the correspondence between the input (prediction target data) and output (prediction result) of the prediction model, and the prediction results are evaluated. Generate a child generation population based on the value. This can prevent the model user from guessing the predictive model, and the provider of the predictive model can allow the model user to utilize the predictive model while keeping it confidential.

Furthermore, in the genetic algorithm, the next generation population can be efficiently generated and calculation costs can be reduced.

Furthermore, the model user can use the prediction model without disclosing the prediction target data to the model provider (or platform provider).

Further, according to the data generation method according to the present invention, the identification difficulty processing is realized by rearranging the correspondence relationships. Thereby, sensitive data can be kept secret while reducing calculation costs compared to encrypting using an encryption key.

Further, according to the data generation method according to the present invention, regarding the re-encryption process necessary to control errors accumulated in the process of calculation using homomorphic encryption and continue to perform calculations efficiently, Before the child data is decrypted for re-encryption, processing to make identification difficult is performed on the explanatory variables of the child data. As a result, even if the model user decrypts the child data, the model user cannot identify the child data. Therefore, it is possible to hide the child generation data that is being generated by the genetic algorithm from the model user, and it is possible to prevent the prediction model from being inferred based on the child generation data and prediction results. .

<Embodiment 2>
In the first embodiment, processing for rearranging the correspondence relationships was performed as the processing for making identification difficult. The data generation system 2 according to the second embodiment performs a process of adding noise as the process of making identification difficult.

The data generation system 2 includes a calculation device 300 in place of the calculation device 200 of the data generation system 1 according to the first embodiment. First, the identification difficulty processing in this embodiment will be explained, and then the functional configuration of the arithmetic device 300 will be explained.

FIG. 15 is a diagram illustrating an example of identification difficulty processing in the second embodiment. For the sake of explanation, FIG. 15 shows a case where the objective variable of the material data is only "viscosity." With reference to FIG. 15, a process of adding noise to the target variable of material data will be described as a process to make identification difficult.

Table 7000 shows changes in values due to noise addition and noise removal to predicted values and evaluation values of the objective variable "viscosity" of material data identified by material IDs "31" to "35".

Column 7100 shows predicted values of the target variable "viscosity" of material data identified by material IDs "31" to "35". No noise is added to the predicted values shown in column 7100.

Column 7200 shows the noise values added to the predicted values of material IDs "31" to "35". For example, "+10" is added as noise to the predicted value "20" of material ID "31". Further, for example, "-2" is added as noise to the predicted value "30" of the material ID "34".

Column 7300 shows the predicted values after noise is added. For example, if "+10" is added as noise to the predicted value "20" of material ID "31", the predicted value including noise becomes "30".

Column 7400 shows evaluation values between the predicted value including noise and the target value when the target value is "20". Note that in this embodiment, the evaluation value is the distance (absolute difference) between the target value and the predicted value. Using "absolute difference" as the evaluation value is just one example, and evaluation may be performed using other well-known methods.

For example, the distance between the noise-containing predicted value "30" of the material ID "31" and the target value "20" is "10" (=|30-20|). Further, for example, the distance between the noise-containing predicted value "2" of the material ID "32" and the target value "20" is "18" (=|2-20|).

Column 7500 shows evaluation values after noise is removed from evaluation values that include noise. That is, each value shown in column 7500 is a value obtained by removing each value of noise shown in column 7200 from each evaluation value including noise shown in column 7400. For example, if noise "+5" is removed from the noise-containing evaluation value "35" of material ID "33", the evaluation value becomes "30".

(Functional configuration of arithmetic device 300)
FIG. 16 is a block diagram showing the functional configuration of the arithmetic device 300. The functional configuration of the arithmetic device 300 according to this embodiment will be described with reference to FIG. 16. Note that the same components as those in the arithmetic device 200 according to the first embodiment are given the same reference numerals, and repeated explanations will be omitted.

The arithmetic device 300 includes a control section 350 instead of the control section 250 of the arithmetic device 200. The control unit 350 includes a prediction unit 251, a next generation generation unit 252, and an identification difficulty unit 353.

The identification difficulty unit 353 performs a process of adding noise to the predicted value output by the prediction unit 251 for each of a plurality of parent data (material data). Further, the identification difficulty unit 353 performs a process of removing noise added to the predicted value from the evaluation value calculated in the terminal device 100 (cancellation of identification difficulty processing). By performing the process of adding noise, it is possible to make it impossible to specify the predicted value corresponding to the parent data. Note that noise is added to the predicted value by performing calculations between numerical values encrypted using homomorphic encryption. On the other hand, since the evaluation value calculated in the terminal device 100 is a plain text, noise removal from the evaluation value is performed by calculating the numerical values of the plain text.

Further, the identification difficulty unit 353 performs a process of adding noise to explanatory variables included in a plurality of child data (material data). This makes it possible to prevent the characteristics (explanatory variables) of child data from being specified. Note that noise is added to and removed from explanatory variables by performing calculations between numerical values encrypted using homomorphic encryption.

The specific processing example of the identification difficulty unit 353 is as described in FIG. 15 .

(Processing in data generation system 2)
FIG. 17 is a sequence diagram showing processing in the data generation system 2. The processing in the data generation system 2 is the same as the processing performed by the data generation system 1 according to the first embodiment (see FIGS. 13 and 14), except that the identification difficulty processing is different. Therefore, with reference to FIG. 17, steps related to the identification difficulty processing, which is different from the processing in the data generation system 1, among the processing in the data generation system 2 will be described.

In step S305, the identification difficulty unit 353 performs identification difficulty processing on the plurality of output prediction results to make it difficult to identify the plurality of prediction results corresponding to the plurality of parent data. Specifically, as shown in FIG. 15, the identification difficulty unit 353 performs a process of adding noise to the prediction results (predicted values) corresponding to each of the plurality of parent data. The identification difficulty unit 353 stores the added noise.

In step S310, the identification difficulty making unit 353 cancels the identification difficulty processing for the plurality of prediction results corresponding to the plurality of acquired evaluation values. Specifically, the identification difficulty unit 353 executes a process of removing the noise added in step S305 from the evaluation value, and makes the prediction result for the explanatory variable of the parent data a correct correspondence.

In step S314, the identification difficulty making unit 353 performs identification difficulty processing on the generated explanatory variables of the plurality of child data. Specifically, noise is added to the explanatory variables of child data. The explanatory variables to which noise is added may be all the explanatory variables included in the child data, or may be some of the explanatory variables. The identification difficulty unit 353 stores the added noise.

In step S318, the identification difficulty making unit 353 cancels the identification difficulty processing for the explanatory variables of the plurality of child data. Specifically, the noise added to the explanatory variables in step S314 is removed. Note that the noise addition/removal in steps S314 and S318 is performed by calculating numerical values encrypted using homomorphic encryption.

By performing the above-described identification difficulty processing, it is possible to make identification difficult without encrypting the correspondence between the input and output of the prediction model and the child data.

<Embodiment 3>
In Embodiment 1 and Embodiment 2, processing for rearranging correspondence relationships and processing for adding noise were performed as processing for making identification difficult, respectively. In the data generation system 3 according to the third embodiment, the identification difficulty processing is a combination of processing for rearranging correspondence relationships or processing for adding noise.

Specifically, among the identification difficulty processing, the processing for making it difficult to identify the correspondence between the input and output of the prediction model (e.g., corresponding to step S105 in FIG. 13) is a process for rearranging the correspondence. shall be. Further, the process for making it difficult to identify the child data (e.g., corresponding to step S114 in FIG. 13) is the process of adding noise.

Alternatively, the reverse combination may be used. That is, the process for making it difficult to identify the correspondence between the input and output of the prediction model (e.g., corresponding to step S105 in FIG. 13) is a process for adding noise, which makes it difficult to identify the child data. The process (for example, corresponding to step S114 in FIG. 13) may be a process of rearranging the correspondence relationships.

Further, as the identification difficulty processing, processing for rearranging the correspondence relationships may be performed, and then processing for adding noise may be performed. Conversely, after performing the process of adding noise, the process of rearranging the correspondence relationships may be performed.

By combining processes that make it difficult to identify data, the risk of information disclosure can be further reduced.

<Embodiment 4>
In Embodiments 1 to 3, the terminal device 100 calculated the evaluation value. In the data generation system 4 according to the fourth embodiment, evaluation values are calculated not on the terminal device side but on the arithmetic device side. By encrypting and decoding data on the terminal device side and consolidating arithmetic processing related to data other than data encryption and decoding on the arithmetic device side, arithmetic processing can be efficiently executed.

(Configuration of data generation system 4)
FIG. 18 is an overall diagram of the data generation system 4. An overall diagram of the data generation system 4 according to this embodiment will be described with reference to FIG. 18.

The data generation system 4 according to the present embodiment includes a terminal device 400 and a calculation device 500 in place of the terminal device 100 and the calculation device 200 of the data generation system 1 according to the first embodiment.

(Functional configuration of terminal device 400)
FIG. 19 is a block diagram showing the functional configuration of the terminal device 400. Components common to the terminal device 100 according to Embodiment 1 are given the same reference numerals, and repeated explanations will be omitted.

The terminal device 400 differs from the terminal device 100 in that it includes a control section 450 instead of the control section 150 of the terminal device 100. The control unit 450 includes a key generation unit 151 and an encryption/decryption unit 152. The control unit 450 differs from the control unit 150 of the terminal device 100 in that it does not include the evaluation value calculation unit 153.

The terminal device 100 decoded the prediction result obtained from the arithmetic device 200 and subjected to the identification difficulty processing, and calculated an evaluation value. On the other hand, the terminal device 400 decodes the prediction result on which the identification difficulty processing has been performed, and then transmits it to the arithmetic device 500 via the communication unit 110.

(Functional configuration of computing device 500)
FIG. 20 is a block diagram showing the functional configuration of arithmetic device 500. Components common to the arithmetic device 200 according to the first embodiment are denoted by the same reference numerals, and repeated explanations will be omitted.

The arithmetic device 500 differs from the arithmetic device 200 in that it includes a control section 550 instead of the control section 250 of the arithmetic device 200. The control unit 550 differs from the control unit 250 of the arithmetic device 200 in that it includes an evaluation value calculation unit 554 in addition to a prediction unit 251, a next generation generation unit 252, and an identification difficulty unit 253.

The evaluation value calculation unit 554 calculates an evaluation value for the target value from the prediction result (prediction value) output by the prediction unit 251 and decoded by the terminal device 100. The evaluation value is a value that indicates how much two values differ. Similarly to Embodiment 1, for ease of explanation, in this embodiment, the evaluation value is expressed as the absolute difference between the predicted result and the target value. do.

(Processing in data generation system 4)
FIG. 21 is a sequence diagram showing processing in the data generation system 4. More specifically, in the data generation system 4, next generation child data is generated (next generation generation step) from the search target material data (parent data) input to the terminal device 400, and the child data is used as the parent data. This is a process of updating (update step).

The process in the data generation system 4 shown in FIG. 21 is the process from step S408 to step S411 instead of the process from step S108 to step S111 in the data generation system 1 shown in the first embodiment (FIG. 13). This is different from the processing in the data generation system 1. That is, the processing steps other than step S408 to step S411 in the data generation system 4 are the same as the processing steps in the data generation system 1, and are given the same reference numerals. Therefore, repeated description of steps having the same reference numerals will be omitted. Following the process shown in FIG. 21, the process shown in FIG. 14 is performed, and the searched material data is output.

Step S408 is a process performed subsequent to the process of step S107. The terminal device 400 transmits the plurality of prediction results decoded in step S107 and subjected to the identification difficulty processing to the arithmetic device 500. The identification difficulty section 253 of the arithmetic device 500 acquires the plurality of decoded prediction results via the communication section 210.

In step S409, the identification difficulty section 253 of the arithmetic device 500 cancels the identification difficulty processing for the plurality of acquired prediction results. Specifically, the identification difficulty unit 253 executes a process of restoring the correspondence relationship rearranged in step S105, and sets the prediction result for the explanatory variable of the parent data as the correct correspondence relationship. Next, the identification difficulty unit 253 sends the plurality of parent data and the prediction result showing the correct correspondence to the parent data to the evaluation value calculation unit 554.

In step S410, the evaluation value calculation unit 554 calculates a plurality of evaluation values for each target value of the plurality of prediction results from the plurality of prediction results decoded by the terminal device 400. Specifically, similarly to the evaluation value calculation section 153, the evaluation value calculation section 554 calculates the distance between the target value set in step S100 and the prediction result (prediction value). Note that in this embodiment, the absolute difference is calculated as a distance, as in the first embodiment, but any method used to calculate it can be used as long as it is a value that indicates how much the target value and the predicted value differ. good.

In step S411, the next generation generation unit 252 of the arithmetic device 500 acquires a plurality of encrypted parent data and evaluation values corresponding to the parent data from the evaluation value calculation unit 554. The next generation generation unit 252 continues to generate the next generation in step S112 based on the plurality of parent data and the evaluation values that correspond to the parent data. The subsequent processing is similar to that described in Embodiment 1 (FIG. 13).

In the data generation system 4 according to the present embodiment, the identification difficulty processing is realized by rearranging the correspondence between the input (prediction target data) and the output (prediction result) of the prediction model. However, in addition to this, as processing to make identification difficult, there is also the "processing to add noise" explained in the second embodiment, the "processing to rearrange the correspondence relationships, or the process to add noise" explained in the third embodiment. It is also possible to realize this by a combination.

(Explanation of effects)
In this embodiment, data is encrypted and decrypted in the terminal device 400, and arithmetic processing related to data other than data encryption and decryption is consolidated in the arithmetic device 500. Thereby, calculation processing can be executed more efficiently.

The embodiments described above can be implemented in various other forms, and various omissions, substitutions, and changes can be made without departing from the gist of the invention. These embodiments and their modifications are included within the scope and gist of the invention as well as within the scope of the invention described in the claims and its equivalents.

1, 2, 3 data generation system, 100,400 terminal device, 200,300,500 arithmetic unit, 110,210 communication unit, 120,220 input unit, 130,230 output unit, 140,240 storage unit, 141 key storage part, 142 material database, 150,250,350,450 control unit, 151 key generation unit, 152 encryption/decryption unit, 153,554 evaluation value calculation unit, 251 prediction unit, 252 next generation generation unit, 253,353 identification difficulty Department.

Claims (11)

a user terminal having a control unit and a user storage unit storing a plurality of parent data;
an arithmetic device having a cryptographic operation unit that performs an operation involving data encrypted using a homomorphic encryption method; and an encrypted data storage unit that stores a machine learning model that outputs a prediction result from the parent data;
A method used in a system comprising:
the control unit generating a public key and a private key;
a step in which the control unit encrypts the plurality of parent data acquired from the user storage unit using a homomorphic encryption method using the public key;
a next-generation generation step in which the cryptographic operation unit generates a plurality of child data based on a plurality of prediction results outputted by inputting the plurality of encrypted parent data to the machine learning model;
an updating step in which the encrypted data storage unit stores the plurality of generated child data as the plurality of encrypted parent data;
repeating the next generation generation step and the update step;
Equipped with
The next generation generation step includes executing, on the plurality of output prediction results, an identification difficulty process that makes it difficult to specify the plurality of prediction results corresponding to the plurality of parent data. The next generation generation step includes:
the cryptographic operation unit acquiring the plurality of parent data encrypted by the control unit;
a step in which the cryptographic operation unit inputs the acquired plurality of parent data into the machine learning model and outputs a plurality of prediction results corresponding to each of the parent data;
a step in which the cryptographic operation unit performs identification difficulty processing on the plurality of output prediction results to make it difficult to specify the plurality of prediction results corresponding to the plurality of parent data;
a step in which the control unit obtains the plurality of prediction results on which the identification difficulty processing has been performed, and decrypts them using the secret key;
The control unit calculates a plurality of evaluation values for each target value of the plurality of prediction results from the plurality of decoded prediction results on which the identification difficulty processing has been performed;
a step in which the cryptographic operation unit obtains the plurality of calculated evaluation values;
the cryptographic calculation unit canceling the identification difficulty processing for the plurality of prediction results corresponding to the plurality of acquired evaluation values;
a step in which the cryptographic calculation unit obtains a plurality of evaluation values corresponding to the plurality of parent data via the plurality of prediction results for which the identification difficulty processing has been canceled;
a step in which the cryptographic operation unit extracts the plurality of parent data corresponding to the evaluation value satisfying a predetermined condition;
the cryptographic operation unit applying a genetic algorithm to the extracted plurality of parent data to generate a plurality of child data;
The data generation method according to claim 1, comprising: The next generation generation step includes:
the cryptographic operation unit acquiring the plurality of parent data encrypted by the control unit;
a step in which the cryptographic operation unit inputs the acquired plurality of parent data into the machine learning model and outputs a plurality of prediction results corresponding to each of the parent data;
a step in which the cryptographic operation unit performs identification difficulty processing on the plurality of output prediction results to make it difficult to specify the plurality of prediction results corresponding to the plurality of parent data;
a step in which the control unit obtains the plurality of prediction results on which the identification difficulty processing has been performed, and decrypts them using the secret key;
a step in which the cryptographic calculation unit obtains the plurality of decrypted prediction results on which the identification difficulty processing has been performed;
a step in which the cryptographic calculation unit cancels the identification difficulty processing for the plurality of acquired prediction results on which the identification difficulty processing has been performed;
a step in which the cryptographic calculation unit calculates a plurality of evaluation values corresponding to the plurality of parent data from the plurality of prediction results from which the identification difficulty processing has been canceled;
a step in which the cryptographic operation unit extracts the plurality of parent data corresponding to the evaluation value satisfying a predetermined condition;
the cryptographic operation unit applying a genetic algorithm to the extracted plurality of parent data to generate a plurality of child data;
The data generation method according to claim 1, comprising: The plurality of parent data is a data set in which records including each value corresponding to a plurality of explanatory variables are arranged in a predetermined order,
The next generation generation step includes:
a step in which the cryptographic operation unit performs the identification difficulty processing on explanatory variables of the plurality of generated child data;
a step in which the control unit obtains a plurality of child data on which the identification difficulty processing has been performed, and decrypts the plurality of child data using the private key;
the control unit re-encrypting the plurality of decrypted child data using a homomorphic encryption method using the public key;
the cryptographic operation unit acquiring the plurality of re-encrypted child data;
the cryptographic operation unit canceling the identification difficulty processing for the explanatory variables of the acquired plurality of child data;
further including;
In the updating step, the encrypted data storage unit stores the plurality of child data from which the identification difficulty processing has been canceled as the plurality of encrypted parent data.
The data generation method according to claim 2 or claim 3. 4. The data generation method according to claim 2, wherein the identification difficulty process is a process of rearranging correspondence relationships. 4. The data generation method according to claim 2, wherein the identification difficulty process is a process of adding noise. 4. The data generation method according to claim 2, wherein the identification difficulty processing is a combination of processing for rearranging correspondence relationships or processing for adding noise. The control unit further comprises a step of acquiring a plurality of child data generated by performing the repeating step a plurality of times and a prediction result corresponding to the child data, and decrypting the same using the private key. The data generation method according to any one of claims 1 to 3. The data generation method according to claim 8, further comprising a step in which the control unit receives the number of times the repeating step is executed. a user terminal having a control unit and a user storage unit storing a plurality of parent data;
an arithmetic device having a cryptographic operation unit that performs an operation involving data encrypted using a homomorphic encryption method; and an encrypted data storage unit that stores a machine learning model that outputs a prediction result from the parent data;
A program used in a system comprising,
the control unit generating a public key and a private key;
a step in which the control unit encrypts the plurality of parent data acquired from the user storage unit using a homomorphic encryption method using the public key;
a next-generation generation step in which the cryptographic operation unit generates a plurality of child data based on a plurality of prediction results outputted by inputting the plurality of encrypted parent data to the machine learning model;
an updating step in which the encrypted data storage unit stores the plurality of generated child data as the plurality of encrypted parent data;
repeating the next generation generation step and the update step;
Equipped with
The next generation generation step includes executing, on the plurality of output prediction results, an identification difficulty process that makes it difficult to specify the plurality of prediction results corresponding to the plurality of parent data. a user terminal having a control unit and a user storage unit storing a plurality of parent data;
an arithmetic device having a cryptographic operation unit that performs an operation involving data encrypted using a homomorphic encryption method; and an encrypted data storage unit that stores a machine learning model that outputs a prediction result from the parent data;
A system comprising:
the control unit generating a public key and a private key;
a step in which the control unit encrypts the plurality of parent data acquired from the user storage unit using a homomorphic encryption method using the public key;
a next-generation generation step in which the cryptographic operation unit generates a plurality of child data based on a plurality of prediction results outputted by inputting the plurality of encrypted parent data to the machine learning model;
an updating step in which the encrypted data storage unit stores the plurality of generated child data as the plurality of encrypted parent data;
repeating the next generation generation step and the update step;
Equipped with
The next generation generation step includes executing, on the plurality of output prediction results, a process for making it difficult to specify the plurality of prediction results corresponding to the plurality of parent data.