Machine learning models are increasingly deployed in sensitive domains, raising urgent concerns about data privacy during training and inference. Functional Encryption (FE) offers a promising cryptographic approach by allowing function evaluation on encrypted data, but existing FE schemes suffer from two major limitations in multi-model settings: ciphertext size scales with the number of models, and untrusted models may infer private inputs from outputs. To address these issues, we propose a privacy-preserving machine learning framework based on Registered Functional Encryption (RFE). In our system, each model must be transparently registered with a key manager, ensuring only approved models are allowed to compute on encrypted data. Our scheme supports constant-size ciphertexts, regardless of the number of authorized models, and guarantees input privacy even against malicious or untrusted models. We further optimize the scheme with online/offline encryption to reduce real-time costs and introduce a batch verification algorithm to lower key management overhead. We implement a prototype and evaluate its performance on the MNIST dataset. Results show that our method achieves the desired security goals and practical efficiency for secure inference across multiple models.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Privacy-Preserving Machine Learning Using Functional Encryptions for Multiple Models with Constant Ciphertext

  • Yizhen Hua,
  • Jiangtao Li,
  • Yufeng Li

摘要

Machine learning models are increasingly deployed in sensitive domains, raising urgent concerns about data privacy during training and inference. Functional Encryption (FE) offers a promising cryptographic approach by allowing function evaluation on encrypted data, but existing FE schemes suffer from two major limitations in multi-model settings: ciphertext size scales with the number of models, and untrusted models may infer private inputs from outputs. To address these issues, we propose a privacy-preserving machine learning framework based on Registered Functional Encryption (RFE). In our system, each model must be transparently registered with a key manager, ensuring only approved models are allowed to compute on encrypted data. Our scheme supports constant-size ciphertexts, regardless of the number of authorized models, and guarantees input privacy even against malicious or untrusted models. We further optimize the scheme with online/offline encryption to reduce real-time costs and introduce a batch verification algorithm to lower key management overhead. We implement a prototype and evaluate its performance on the MNIST dataset. Results show that our method achieves the desired security goals and practical efficiency for secure inference across multiple models.