Secure Sum Outperforms Homomorphic Encryption in (Current) Collaborative Deep Learning
This addresses privacy concerns in collaborative deep learning for domains like medical and industrial applications, though it is incremental as it improves upon existing methods.
The paper tackles the problem of training neural networks on horizontally distributed data from a limited number of parties while preserving privacy, showing that a secure sum protocol outperforms homomorphic encryption in collusion-resistance and runtime.
Deep learning (DL) approaches are achieving extraordinary results in a wide range of domains, but often require a massive collection of private data. Hence, methods for training neural networks on the joint data of different data owners, that keep each party's input confidential, are called for. We address a specific setting in federated learning, namely that of deep learning from horizontally distributed data with a limited number of parties, where their vulnerable intermediate results have to be processed in a privacy-preserving manner. This setting can be found in medical and healthcare as well as industrial applications. The predominant scheme for this is based on homomorphic encryption (HE), and it is widely considered to be without alternative. In contrast to this, we demonstrate that a carefully chosen, less complex and computationally less expensive secure sum protocol in conjunction with default secure channels exhibits superior properties in terms of both collusion-resistance and runtime. Finally, we discuss several open research questions in the context of collaborative DL, especially regarding privacy risks caused by joint intermediate results.