Efficient Privacy-Preserving Convolutional Neural Networks with CKKS-RNS for Encrypted Image Classification

Tchernykh, Andrei, Salgado-Ramos, Marianne, Pulido-Gaytan, Bernardo, González-Vélez, Horacio, Mosckos, Esteban and Babenko, Mikhail (2025) Efficient Privacy-Preserving Convolutional Neural Networks with CKKS-RNS for Encrypted Image Classification. In: 2025 IEEE International Parallel and Distributed Processing Symposium (IPDPS). IEEE, Milano, Italy, pp. 343-352. ISBN 979-8-3315-2643-6

Preview

PDF Download (1MB) | Preview

Abstract

The rise of security concerns in cloud-shared infrastructures has introduced significant challenges for maintaining privacy in data processing. Although standard encryption methods provide robust protection for data at rest and during transmission, vulnerabilities arise when data must be decrypted for processing, exposing sensitive raw information to potential privacy risks. This issue is particularly pronounced in sectors governed by stringent regulatory requirements, such as healthcare, genomics, smart government, and finance, among many others, where protecting confidential data is critical. Homomorphic Encryption (HE) cryptosystems are solutions to address privacy concerns by providing encrypted data computations. HE allows a non-trustworthy third-party resource to process encrypted information without disclosure. However, the main challenge toward deploying lattice-based HE schemes in Convolutional Neural Network (CNN) models lies in overcoming the high computational costs associated with these cryptosystems. Efficient cryptographically compatible methods become imperative for designing a privacy-preserving CNN with HE (CNN-HE). This paper proposes a method to improve the performance of CNN-HE using the Residual Number System (RNS)-based Cheon-Kim-Kim Song (CKKS) HE scheme, which enables approximate arithmetic over encrypted real numbers. The CNN-HE with CKKS-RNS enables encrypted inputs to be decomposed into several parts and propagated homomorphically and independently in parallel across the model. The RNS representation enables parallel processing in our models, significantly reducing processing time. Experimental analysis on the MNIST optical character recognition benchmark dataset demonstrates that the proposed CNN-HE-RNS models reduce classification latency concerning state-of-the-art CNN-HE solutions without compromising security and accuracy.

Item Type:	Book Section
Additional Information:	© 2025 IEEE.  Personal use of this material is permitted.  Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
Uncontrolled Keywords:	cloud security; homomorphic encryption; neural networks; polynomial approximation; privacy-preserving; residual number system decomposition
Subjects:	Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Cloud computing Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions:	School of Computing > Staff Research and Publications
Depositing User:	Tamara Malone
Date Deposited:	25 Aug 2025 11:47
Last Modified:	25 Aug 2025 11:47
URI:	https://norma.ncirl.ie/id/eprint/8628

Actions (login required)

View Item