Blind Faith: Privacy-Preserving Machine Learning using Function Approximation
This addresses privacy concerns for users of cloud-based ML services, though it is incremental as it builds on existing homomorphic encryption and approximation techniques.
The paper tackles the problem of preserving user privacy when deploying machine learning models on untrusted cloud servers by proposing Blind Faith, a model that performs classification on homomorphically encrypted data using Chebyshev polynomial approximations, achieving high accuracy predictions on encrypted images.
Over the past few years, a tremendous growth of machine learning was brought about by a significant increase in adoption of cloud-based services. As a result, various solutions have been proposed in which the machine learning models run on a remote cloud provider. However, when such a model is deployed on an untrusted cloud, it is of vital importance that the users' privacy is preserved. To this end, we propose Blind Faith -- a machine learning model in which the training phase occurs in plaintext data, but the classification of the users' inputs is performed on homomorphically encrypted ciphertexts. To make our construction compatible with homomorphic encryption, we approximate the activation functions using Chebyshev polynomials. This allowed us to build a privacy-preserving machine learning model that can classify encrypted images. Blind Faith preserves users' privacy since it can perform high accuracy predictions by performing computations directly on encrypted data.