ProteiNN: Privacy-preserving One-to-Many Neural Network Classifications

Beyza Bozdemir, Orhan Ermis, Melek Önen


In this work, we propose ProteiNN, a privacy-preserving neural network classification solution in a one-to-many scenario whereby one model provider outsources a machine learning model to the cloud server for its many different customers, and wishes to keep the model confidential while controlling its use. On the other hand, these customers take advantage of this machine learning model without revealing their sensitive inputs and the corresponding results. The solution employs homomorphic proxy re-encryption and a simple additive encryption to ensure the privacy of customers’ inputs and results against the model provider and the cloud server, and to give the control on the privacy and use of the model to the model provider. A detailed security analysis considering potential collusions among different players is provided.


Paper Citation