Collaborative Research: SHF: Small: Efficient and Scalable Privacy-Preserving Neural Network Inference based on Ciphertext-Ciphertext Fully Homomorphic Encryption

合作研究：SHF：小型：基于密文-密文全同态加密的高效、可扩展的隐私保护神经网络推理

• 批准号: 2412357
• 负责人: Yingjie Lao
• 金额: $ 27.5万
• 依托单位: Tufts University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2024
• 资助国家: 美国
• 起止时间: 2024-01-01 至 2026-03-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2412357&HistoricalAwards=false
• 关键词: Collaborative; Research; SHF; Small; Efficient

Along with the evolution of artificial intelligence, privacy-preserving machine learning has emerged as an important and promising technique for protecting user-data privacy in cloud applications. Among the existing approaches, fully homomorphic encryption (FHE) based methods allow machine learning algorithms to be computed on encrypted data, while no original data information is leaked. This project addresses ciphertext-ciphertext FHE that preserves the privacy of both the user and model providers. This project aims to improve the hardware efficiency of ciphertext-ciphertext FHE-based neural network inference by orders of magnitude through algorithm-hardware co-optimization. This project yields a novel framework for ensuring the root of trust in cloud computing and cryptosystems to meet the future needs of both commercial products and national defense.This project develops efficient and scalable hardware architectures for privacy-preserving neural network inference based on ciphertext-ciphertext FHE. This project leverages scheme switching - using arithmetic-based schemes for linear functions and Boolean logic-based schemes for non-linear functions - to accelerate the neural network computations. Research thrusts include: a) Designing efficient fundamental hardware building blocks with high scalability over word-length of modulus and degree of polynomial for privacy-preserving neural network, i.e., polynomial multipliers, by employing novel reconfigurable and pipelining framework and exploiting special primes to perform fast modular reduction; b) Further improving the efficiency of polynomial multiplier designs by utilizing a divide and conquer strategy based on a novel parallel filter technique; c) Developing a reconfigurable and neural network friendly FHE architecture using scheme switching; and d) Designing an efficient accelerator of privacy-preserving neural network inference with ciphertext-ciphertext operations via scheme switching that protects the privacy of both the user and model.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

随着人工智能的演变，保护隐私的机器学习已成为保护云应用程序中用户数据隐私的重要而有希望的技术。在现有方法中，基于同构的加密（FHE）方法允许在加密数据上计算机器学习算法，而没有原始数据信息泄漏。该项目介绍了保留用户和模型提供商的隐私性的Ciphertext-ciphertext。该项目旨在通过通过算法 - 硬件合作限制来提高基于数量级的基于密码 - ciphertext基于神经网络的硬件的硬件效率。该项目产生了一个新颖的框架，以确保对云计算和加密系统的信任根源满足商业产品和国防的未来需求。该项目开发了基于Ciphertext-ciphertext-ciphertext FHE的有效且可扩展的硬件体系结构，以实现隐私保护神经网络推断。该项目利用方案切换 - 使用基于算术的方案进行线性函数和基于布尔逻辑的方案进行非线性函数 - 以加速神经网络计算。研究推力包括：a）设计有效的基本硬件构建块，具有高度可扩展性超过单词长度的模量和多项式的程度，以保存隐私的神经网络，即多项式乘数，通过采用新颖的重新配置和管道上的框架，并利用特殊的框架，并利用特殊的素材来进行快速的模块化降低； b）通过利用基于新型并行滤波器技术的鸿沟和征服策略来进一步提高多项式乘数设计的效率； c）使用方案切换开发可重构和神经网络友好的架构； D）通过方案切换设计有效的保护神经网络推断的有效加速神经网络推断，以保护用户和模型的隐私性。该奖项反映了NSF的法定任务，并被认为是值得通过基金会的智力功能和广泛影响的评估来评估CRETERIA的智力。

项目成果

PaReNTT: Low-Latency Parallel Residue Number System and NTT-Based Long Polynomial Modular Multiplication for Homomorphic Encryption

• DOI: 10.1109/tifs.2023.3338553
• 发表时间: 2023-03
• 期刊: IEEE Transactions on Information Forensics and Security
• 影响因子: 6.8
• 作者: Weihang Tan;S.W. Chiu;Antian Wang;Yingjie Lao;K. Parhi

KyberMat: Efficient Accelerator for Matrix-Vector Polynomial Multiplication in CRYSTALS-Kyber Scheme via NTT and Polyphase Decomposition

KyberMat：通过 NTT 和多相分解实现 CRYSTALS-Kyber 方案中矩阵向量多项式乘法的高效加速器

• DOI: 10.1109/iccad57390.2023.10323839
• 发表时间: 2023
• 期刊: 2023 IEEE/ACM International Conference on Computer Aided Design (ICCAD
• 作者: Tan, Weihang;Lao, Yingjie;Parhi, Keshab K.
• 通讯作者: Parhi, Keshab K.