Secure Inference for Vertically Partitioned Data Using Multiparty Homomorphic Encryption
Shuangyi Chen, Yue Ju, Zhongwen Zhu, Ashish Khisti
TL;DR
The paper tackles secure inference when data are vertically partitioned across multiple clients and the model resides on a server. It introduces an end-to-end protocol based on Multiparty Homomorphic Encryption (MPHE) and a packing scheme called V-Pack to assemble a full encrypted input from per-client parts without transmitting encrypted model weights. Building on POSEIDON, it implements a two-phase workflow with a target key pair to enable end-to-end decryption by a coordinator, preserving data and model confidentiality even under collusion of up to $N-1$ parties. Experimental results on a CNN with MNIST show the approach is feasible, with setup costs dominating but inference overhead modest and scalable linearly with the number of clients.
Abstract
We propose a secure inference protocol for a distributed setting involving a single server node and multiple client nodes. We assume that the observed data vector is partitioned across multiple client nodes while the deep learning model is located at the server node. Each client node is required to encrypt its portion of the data vector and transmit the resulting ciphertext to the server node. The server node is required to collect the ciphertexts and perform inference in the encrypted domain. We demonstrate an application of multi-party homomorphic encryption (MPHE) to satisfy these requirements. We propose a packing scheme, that enables the server to form the ciphertext of the complete data by aggregating the ciphertext of data subsets encrypted using MPHE. While our proposed protocol builds upon prior horizontal federated training protocol~\cite{sav2020poseidon}, we focus on the inference for vertically partitioned data and avoid the transmission of (encrypted) model weights from the server node to the client nodes.