Privacy-Preserving Convolutional Neural Network Classification Scheme With Multiple Keys

Convolutional Neural Networks (CNNs) possess extensive applicability across diverse domains, particularly in the realm of image recognition. In light of the advent of machine learning as a service, the utilization of a well-trained CNN model by servers to execute image classification based on user queries has become a significant service, catering to a wide array of applications. Nevertheless, this convenience is accompanied by the inherent risk of data privacy and model privacy disclosure, which can have severe ramifications, particularly in the context of specialized scenarios like medical images and location images. Hence, how to perform classification for CNN with privacy protection emerges as a crucial research concern. Furthermore, the nonlinearity of CNN's activation function renders it unsuitable for homomorphic cryptosystems. In order to address these challenges, we put forth a privacy-preserving CNN classification scheme employing a distributed two trapdoors public-key cryptosystem (DT-PKC). Initially, we introduce a security protocol toolkit encompassing protocols for secure multiplication, secure activation function computing, and average pooling. In addition, we propose a novel continuous and derivative Tanhplus function as an approximation of the Relu function, aiming to enhance the accuracy of classification results. The secure activation function computing protocol utilizes the aforementioned Tanhplus function in conjunction with the proposed homogenization algorithm to compute the activation function. This protocol guarantees more precise and accurate output in the activation function calculation of CNN when operating under ciphertext. Furthermore, the adoption of the DT-PKC cryptosystem not only ensures privacy protection for CNN classification but also provides support for lightweight users and multiple keys. Finally, security analysis and performance evaluations demonstrate that the proposed scheme is secure, practicable, and efficient with high accuracy.