SwaNN: Switching among cryptographic tools for privacy-preserving neural network predictions

Tillem, Gamze; Bozdemir, Beyza; Önen, Melek
Research Report RR-19-342, 31 August 2019

The rise of cloud computing technology led to a paradigm shift in technological
services that enabled enterprises to delegate their data analytics tasks
to cloud servers which have domain-specific expertise and computational resources
for the required analytics. Machine Learning as a Service (MLaaS)
is one such service which provides the enterprises to perform machine learning
tasks on a cloud platform. Despite the advantage of eliminating the need
for computational resources and domain expertise, sharing potentially sensitive
data with the cloud brings a privacy risk to the enterprises. In this
paper, we propose SwaNN, a protocol to perform neural network predictions
for MLaaS under privacy preservation. SwaNN brings together two
well-known techniques for secure computation: partially homomorphic encryption
(PHE) and secure two-party computation (2PC), and computes neural
network predictions by switching between the two methods. The hybrid
nature of SwaNN enables to maintain the accuracy of predictions and to optimize
the computation time and bandwidth usage. Our experiments show that
SwaNN achieves a good balance between computation and communication
cost in neural network predictions compared to the state-of-the-art proposals.

Sécurité numérique
Eurecom Ref:
© EURECOM. Personal use of this material is permitted. The definitive version of this paper was published in Research Report RR-19-342, 31 August 2019 and is available at :

PERMALINK : https://www.eurecom.fr/publication/5999