SBIR/STTR Award attributes
Deep-learning Ephemeral-Pad Encryption Neural Networks (DEPENN) software applies one-time pad and quantized neural network technologies to provide efficient, moving-target encryption of all data associated with neural network operations. DEPENN overcomes the significant computational burden and technical challenges of fully homomorphically encrypted neural network operation while providing comparable or better information assurance and defense against black-box and white-box attacks. DEPENN protects input data, network parameters, layer sizes, and output predictions by encoding the flow of information through the entire network with secret, ephemeral pads that are known only to the remote user of the modeling service. Pad-encoded neural networks are efficiently represented as sets of look-up tables, where each table contains values reflecting discrete activation levels for a node in the network. The meanings of table values are known only to the creator of the model, including whether a given table is actually useful in the prediction computation. Using DEPENN software, a model creator can enable other authorized users to perform predictions with a new encrypted model by securely sharing just the input and output layer encodings. Model security can be increased and access can be time-limited by re-encoding the neural network data with a new pad at a desired frequency.
