While machine learning has become pervasive in as diversified fields as industry, healthcare, social networks, privacy concerns regarding the training data have gained a critical importance. In settings where several parties wish to collaboratively train a common model without jeopardizing their sensitive data, the need for a private training protocol is particularly stringent and implies to protect the data against both the model's end-users and the actors of the training phase. Differential privacy (DP) and cryptographic primitives are complementary popular countermeasures against privacy attacks. Among these cryptographic primitives, fully homomorphic encryption (FHE) offers ciphertext malleability at the cost of time-consuming operations in the homomorphic domain. In this paper, we design SHIELD, a probabilistic approximation algorithm for the argmax operator which is both fast when homomorphically executed and whose inaccuracy is used as a feature to ensure DP guarantees. Even if SHIELD could have other applications, we here focus on one setting and seamlessly integrate it in the SPEED collaborative training framework from "SPEED: Secure, PrivatE, and Efficient Deep learning" (Grivet S\'ebert et al., 2021) to improve its computational efficiency. After thoroughly describing the FHE implementation of our algorithm and its DP analysis, we present experimental results. To the best of our knowledge, it is the first work in which relaxing the accuracy of an homomorphic calculation is constructively usable as a degree of freedom to achieve better FHE performances.

翻译：尽管机器学习已广泛应用于工业、医疗、社交网络等多元化领域，但训练数据的隐私问题已变得至关重要。在多方希望在不泄露敏感数据的前提下协同训练公共模型的场景中，隐私保护协议的需求尤为迫切，这要求数据需同时抵御模型终端用户和训练参与方的攻击。差分隐私与密码学原语是应对隐私攻击的互补性主流方法。在全同态加密这类密码学原语中，密文的可塑性以同态域中高耗时计算为代价。本文设计了SHIELD——一种面向argmax算子的概率近似算法，该算法在同态执行时具有高效性，且其计算误差被用于确保差分隐私保障。尽管SHIELD可能存在其他应用场景，本文聚焦于特定场景，将其无缝整合至《SPEED: Secure, PrivatE, and Efficient Deep learning》(Grivet Sébert et al., 2021)的SPEED协作训练框架中，以提升计算效率。在详尽描述算法的全同态加密实现及其差分隐私分析后，我们展示了实验结果。据我们所知，这是首次将同态计算精度的放松作为可调自由度，以系统性实现更优全同态加密性能的研究工作。