With data-outsourcing becoming commonplace, there grows a need for secure outsourcing of data and machine learning models. Namely, data and model owners (client) often have a need for their information to remain private and secure against the potentially untrusted computing resource (server) to whom they want to outsource said data and models to. Various approaches to privacy-preserving machine learning (PPML) have been devised with different techniques and solutions introduced in the past. These solutions often involved one of two compromises: (1) client-server interactions to allow intermediary rounds of decryption and re-encryption of data or (2) complex architectures for multi-party computation. This paper devises a paradigm using Fully Homomorphic Encryption (FHE) that minimizes architectural complexity and removes client-side involvement during the training and prediction lifecycle of machine learning models. In addition, the paradigm proposed in this work achieves both model security as well as data security. To remove client-side involvement, the devised paradigm proposes a no decryption approach that allows the server to handle PPML in its entirety without rounds of decryption and re-encryption. To the best of our knowledge, this paradigm is the first to achieve privacy-preserving decision tree training with no decryption while maintaining a simple client-server architecture.

翻译：随着数据外包成为常态，对数据和机器学习模型的安全外包需求日益增长。具体而言，数据和模型拥有者（客户端）常需确保其信息在可能不可信的计算资源（服务器端）上保持隐私与安全。此前已设计出多种隐私保护机器学习方法，引入不同技术与解决方案，但这些方案往往存在两种折衷之一：（1）客户端-服务端交互以实现数据中间轮次的解密与重加密，或（2）用于多方计算的复杂架构。本文提出一种基于全同态加密的范式，该范式最小化架构复杂性，并在机器学习模型训练与预测生命周期中消除客户端参与。此外，本工作提出的范式同时实现了模型安全与数据安全。为消除客户端参与，该范式提出一种无解密方法，使服务器能够全权处理隐私保护机器学习，无需进行解密与重加密轮次。据我们所知，该范式是首个在保持简单客户端-服务端架构的同时，实现无解密隐私保护决策树训练的解决方案。