ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (10): 2163-2186.doi: 10.7544/issn1000-1239.2021.20210626

所属专题: 2021密码学与网络空间安全治理专题

• 信息安全 • 上一篇    下一篇

安全多方计算及其在机器学习中的应用

郭娟娟1,2,王琼霄1,2,许新1,2,王天雨3,林璟锵4   

  1. 1(信息安全国家重点实验室(中国科学院信息工程研究所) 北京 100195);2(中国科学院大学网络空间安全学院 北京 100049);3(华控清交信息科技(北京)有限公司 北京 100084);4(中国科学技术大学网络空间安全学院 合肥 230026) (guojuanjuan@iie.ac.cn)
  • 出版日期: 2021-10-01
  • 基金资助: 
    国家自然科学基金面上项目(61772518)

Secure Multiparty Computation and Application in Machine Learning

Guo Juanjuan1,2, Wang Qiongxiao1,2, Xu Xin1,2, Wang Tianyu3, Lin Jingqiang4   

  1. 1(State Key Laboratory of Information Security (Institute of Information Engineering, Chinese Academy of Sciences), Beijing 100195);2(School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049);3(Huakong TsingJiao Information Science (Beijing) Limited, Beijing 100084);4(School of Cyber Security, University of Science and Technology of China, Hefei 230026)
  • Online: 2021-10-01
  • Supported by: 
    This work was supported by the General Program of the National Natural Science Foundation of China (61772518).

摘要: 随着人工智能、大数据等技术的发展,数据采集、数据分析等应用日渐普及,隐私泄露问题越来越严重.数据保护技术的缺乏限制了企业之间数据的互通,导致形成“数据孤岛”.安全多方计算(secure multiparty computation, MPC)技术能够在不泄露明文的情况下实现多方参与的数据协同计算,实现安全的数据流通,达到数据“可用不可见”.隐私保护机器学习是当前MPC技术最典型也是最受关注的应用与研究领域,MPC技术的应用可以保证在不泄露用户数据隐私和服务商模型参数隐私的情况下进行训练和推理.针对MPC及其在隐私保护机器学习领域的应用进行全面的分析与总结,首先介绍了MPC的安全模型和安全目标;梳理MPC基础技术的发展脉络,包括混淆电路、不经意传输、秘密分享和同态加密;并对MPC基础技术的优缺点进行分析,提出不同技术方案的适用场景;进一步对基于MPC技术实现的隐私保护机器学习方案进行了介绍与分析;最后进行总结和展望.

关键词: 安全多方计算, 混淆电路, 不经意传输, 秘密分享, 同态加密, 隐私保护机器学习

Abstract: With the emergence and development of artificial intelligence and big data, large-scale data collection and analysis applications have been widely deployed, which introduces the concern of privacy leakage. This privacy concern further prevents data exchanges among originations and results in “data silos”. Secure multiparty computation (MPC) allows multiple originations to perform privacy-preserving collaborative data analytics, without leaking any plaintext data during the interactions, making the data “usable but not visible”. MPC technologies have been extensively studied in the academic and engineering fields, and derive various technical branches. Privacy-preserving machine learning (PPML) is becoming a typical and widely deployed application of MPC. And various PPML schemes have been proposed to perform privacy-preserving training and inference without leaking model parameters nor sensitive data. In this paper, we systematically analyze various MPC schemes and their applications in PPML. Firstly, we list various security models and objectives, and the development of MPC primitives (i.e., garble circuit, oblivious transfer, secret sharing and homomorphic encryption). Then, we summarize the strengths and weaknesses of these primitives, and list the corresponding appropriate usage scenarios, which is followed by the thorough analysis of their applications in PPML. Finally, we point out the further research direction on MPC and their applications in PPML.

Key words: secure multiparty computation (MPC), garbled circuit, oblivious transfer, secret sharing, homomorphic encryption, privacy-preserving machine learning

中图分类号: