Confidential and Protected Disease Classifier using Fully Homomorphic Encryption

TL;DR

The paper tackles privacy concerns in AI-assisted disease diagnosis by proposing an end-to-end framework that processes encrypted patient data using Fully Homomorphic Encryption (FHE), specifically CKKS via the HEAAN implementation. It adapts a deep-learning–style disease classifier to operate in the encrypted domain, including encrypted matrix multiplication for the fully connected layer and a fast Rotate-and-Add-based summation method, along with activation approximations (favoring ReLU) to fit FHE constraints. Key contributions include a fast ciphertext summation algorithm, an evaluation of activation-function approximations in encrypted inference, and a demonstration that the encrypted classifier can achieve about $95\%$ accuracy on a 90-disease task using 266 symptoms mapped to diseases. The work demonstrates that privacy-preserving, encrypted health diagnostics are feasible with only modest performance loss, supporting secure telemedicine and HIPAA-aligned data privacy in AI-driven diagnosis pipelines.

Abstract

With the rapid surge in the prevalence of Large Language Models (LLMs), individuals are increasingly turning to conversational AI for initial insights across various domains, including health-related inquiries such as disease diagnosis. Many users seek potential causes on platforms like ChatGPT or Bard before consulting a medical professional for their ailment. These platforms offer valuable benefits by streamlining the diagnosis process, alleviating the significant workload of healthcare practitioners, and saving users both time and money by avoiding unnecessary doctor visits. However, Despite the convenience of such platforms, sharing personal medical data online poses risks, including the presence of malicious platforms or potential eavesdropping by attackers. To address privacy concerns, we propose a novel framework combining FHE and Deep Learning for a secure and private diagnosis system. Operating on a question-and-answer-based model akin to an interaction with a medical practitioner, this end-to-end secure system employs Fully Homomorphic Encryption (FHE) to handle encrypted input data. Given FHE's computational constraints, we adapt deep neural networks and activation functions to the encryted domain. Further, we also propose a faster algorithm to compute summation of ciphertext elements. Through rigorous experiments, we demonstrate the efficacy of our approach. The proposed framework achieves strict security and privacy with minimal loss in performance.

Figures (5)

• Figure 1: (a) Threat in the current system; (b) Proposed Fully Homomorphic Enryption-enabled Secure Disease Predictor.
• Figure 2: An illustration of the summation of ciphertext elements using Rotate and Add algorithm.
• Figure 3: High-level architecture diagram of Fully Homomorphic Encryption-enabled Secure Disease Predictor containing fully connected layer and activation functions.
• Figure 4: A graph of exact Leaky ReLU (Original Data) and 8-degree polynomial approximation of Leaky ReLU.
• Figure 5: Summation of ciphertext elements can be performed using two methods - (i) Discrete Fourier Transform (DFT); (ii) Rotate and Add (RA). This plot depicts relative error percentage and relative speedup percentage of these methods for various ciphertext lengths in summing ciphertext elements. Relative error percentage = $\frac{DFT - RA}{RA} * 100$. Relative speedup percentage = $\frac{T_{DFT} - T_{RA}}{T_{RA}} * 100$, where $T$ denotes time taken using the respective method.