Abstract: Convolutional Neural Networks (CNNs), as a powerful tool for efficient inference, have rapidly developed into a Machine Learning as a Service paradigm facilitated by cloud computing. Nevertheless, this service model raises privacy concerns, particularly in scenarios where relying on two non-colluding servers is unfeasible. To address this issue, we present EPCNN, an Efficient and Practical CNN inference scheme, which concurrently ensures data privacy, model privacy, and inference results with only a single server. EPCNN leverages Paillier homomorphic encryption for secure convolution operations on encrypted data and involves minimal client-server interactions. The client only participates in evaluating non-linear activation functions by judging the signs of blinded convolution results to streamline the interactions and enhance the system's practicality. Our security analysis validates the reliability of the proposed scheme, while experimental results demonstrate high inference accuracy comparable to plaintext-based methods. Compared to the state-of-the-art work, EPCNN attains huge improvements in both runtime and communication overhead.
Loading