Recent success of machine learning is due in part to the availability of large datasets for training and testing purposes. However, the training process is computationally intensive and collected datasets are often privacy sensitive. This has led to providing Machine Learning as a Service (MLaaS), where data providers store their data in the cloud and clients purchase trained models or predictions through the cloud. This is an attractive solution, however it requires the data providers to trust the cloud. A compromised cloud can put the privacy of a large population at risk. Existing cryptographic solutions to this problem modify the underlying model of MLaaS and not specifically tailored for machine learning tasks. Accordingly, there is a need for developing secure machine learning procedures, that takes into account both cryptographic and machine learning aspects holistically. This project takes such a holistic approach, focusing on two primary directions: designing machine learning algorithms that are more cryptographic-friendly and new protocols for secure computation in the cloud specialized to machine learning algorithms. As a result, both the state of the art of machine learning and cryptographic research will be advanced thanks to an interdisciplinary approach. This project will support and promote involvement of students from under-represented groups in research.
This project has two primary directions: Almost-Linear Machine Learning Components, and Secure Computation over the MLaaS Topology. For the first research goal, the team of researchers aims at finding new representations of learning algorithms that minimize non-linear operations, that are costly for cryptographic algorithms. In particular, this project will focus on a new design for critical machine learning components: stochastic approximation of activation and loss functions that allows to reduce the number of non-linear operations during training and/or testing. This will directly reduce the computational overhead incurred during secure computation. In addition to developing these design principles in depth, the project will also explore techniques for parallelization of certain non-linear components of deep learning, to further amortize cryptographic overhead through batching. At the same time, the aim will be on retaining the guarantees of the machine learning algorithms under modification. For the second research direction, the focus will be on the concept of secure multiparty computation (MPC). A secure MPC protocol is a general method that allows two or more mutually distrustful parties to compute any function over their private inputs so that each party learns nothing beyond its intended output. Traditional MPC protocols are designed for network topologies that are vastly different from the MLaaS topology. Hence, new MPC protocols will be designed, to easily fit the specific needs of machine learning frameworks such as MLaaS. These results will be achieved through the development of two new techniques for secure computation. The first technique will develop a multi-key homomorphic encryption scheme that is simultaneously a decentralized attribute-based encryption. The second technique will develop a new method for extending laconic protocols for oblivious-transfer. Successful development of these techniques will also directly advance the state-of-the-art in homomorphic encryption and secure computation protocols.
This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.
