Multi-Source Encrypted Image Retrieval Method Based on Federated Learning and Secret Sharing

Abstract

Disclosed is a multi-source encrypted image retrieval method based on federated learning and secret sharing, including the following steps: S1. performing model training on a convolutional neural network of double cloud platforms based on federated learning, with an image owner joining the double cloud platforms as a coalition member; and S2. completing, by an authorized user, encrypted image retrieval based on additive secret sharing with the assistance of the double cloud platforms. The present disclosure provides a multi-source encrypted retrieval scheme based on federated learning and secret sharing, which simplifies the neural network model structure for retrieval by using federated learning, to obtain better network parameters. Better neural network parameters and a more simplified network model structure are achieved by compromising overheads on the image owner side, such that a better convolutional neural network can be used in encrypted image retrieval.

Claims

1. A multi-source encrypted image retrieval method based on federated learning and secret sharing, comprising the following steps: S1. performing model training on a convolutional neural network of double cloud platforms S.sub.i based on federated learning, with an image owner joining the double cloud platforms as a coalition member; and S2. completing, by an authorized user, encrypted image retrieval based on additive secret sharing with the assistance of the double cloud platforms; wherein in step S1, the image owner trains the neural network in the following manner: S11. obtaining, by the image owner, a network structure, weight information W.sub.i, and bias information b.sub.i of the convolutional neural network from the double cloud platforms S.sub.i, and restoring the convolutional neural network: W=W.sub.1+W.sub.2, b=b.sub.1+b.sub.2; S12. making labels of to-be-uploaded pictures, and train the convolutional neural network by using the to-be-uploaded pictures; S13. after the training is finished, sending two gradient shares G.sub.1 and G.sub.2 of gradient information G, two image shares {I.sub.1} and {I.sub.2} of to-be-uploaded image information {I}, and two tension shares {T.sub.1}, {T.sub.2} of to-be-uploaded tension information {T} to two cloud platforms S.sub.1 and S.sub.2 respectively; and S14. updating, by the double cloud platforms S.sub.i, the weight information according to the gradient shares G.sub.i, and performing calculation on the tension shares T.sub.i by using the network after the weight update to obtain comparison features {F.sub.i}; wherein in step S14, the comparison features {F.sub.i} are obtained in the following manner: S141. performing, by the double cloud platforms S.sub.i, encrypted feedforward computing on the received tension shares T.sub.i by using the network after the weight update, and extracting features of last pooling layers; S142. performing additive aggregation on the features of the pooling layers; and S143. using feature vectors after the additive aggregation as the comparison features {F.sub.i}; a computing strategy of the encrypted feedforward computing comprises an activation layer protocol SecReLU for the activation layers, and the activation layer protocol SecReLU is as follows: the double cloud platforms own shares of a value a; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: SecSgn(a)=b.sub.i; 3. S.sub.i calculate SS(b.sub.i, a, 0); wherein SecSgn is a secure positive/negative judgment protocol, SS is a secure selection protocol, and the secure positive/negative judgment protocol SecSgn comprises a secure value comparison protocol SecCmp, a secure bit comparison protocol SecBitCmp, and a three-number multiplication protocol SecThreeMul.

2. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 1, wherein in step S11, the network structure of the convolutional neural network comprises convolutional layers, activation function layers, pooling layers, and fully connected layers; node quantities of the fully connected layers of the double cloud platforms S.sub.i are consistent with image types involved in the double cloud platforms S.sub.i, and convolutional layers of initial networks of the double cloud platforms S.sub.i use pre-trained weights, initial weights of the fully connected layers are generated randomly based on a normal distribution, and all subsequent image owners re-train the model having updated network parameters through steps S11 to S14.

3. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 2, wherein step S2 specifically comprises: S21. converting, by the authorized user, a to-be-queried picture into tension information, splitting the tension information {QT} by means of additive secret sharing, and sending the split tension information to the double cloud platforms S.sub.i respectively; S22. performing, by the double cloud platforms S.sub.i, collaborative encryption computing according to the tension shares QT.sub.i of the tension information, to obtain respective encrypted features QF.sub.i; S23. collaboratively measuring, by the double cloud platforms S.sub.i, distances between the extracted encrypted features QF.sub.i and the comparison features {F.sub.i}, and returning image information {I.sub.i} of similar images to the authorized user according to measurement results; and S24. restoring, by the authorized user, an original plaintext image {I} based on the two image shares {I.sub.i}.

4. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 3, wherein in step S22, the encrypted features QF.sub.i are obtained in the following manner: S221. performing, by the double cloud platforms S.sub.i, encrypted feedforward computing on the received tension shares QT.sub.i, and extracting features of last pooling layers; S222. performing additive aggregation on the features of the pooling layers; and S223. using feature vectors after the additive aggregation as the encrypted features QF.sub.i.

5. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 4, wherein the computing strategy of the encrypted feedforward computing further comprises a Beaver's triplet-based secure multiplication protocol SecMul for the fully connected layers and the convolutional layers and a pooling layer protocol SecMaxpool for max pooling layers; the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−a.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i restore α and β; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ, wherein in this case, f.sub.1+f.sub.2=uv, that is, this protocol implements SecMul(x.sub.i, y.sub.i).fwdarw.(x*y).sub.i.

6. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 1, wherein the secure positive/negative judgment protocol SecSgn is as follows: the double cloud platforms S.sub.i own secret shares a.sub.i of a value a; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i collaboratively perform the following calculation: SecCmp(2*a.sub.i)=b.sub.i; 3. S.sub.i perform the following calculation: MSB(a.sub.i)⊕b.sub.i=res.sub.i; the secure selection protocol SS is as follows: the double cloud platforms S.sub.i own shares custom-character b.sub.i.sup.2 of a bit value b, and two to-be-selected values x, y; in an offline stage: 1. the image owner generates a random bit value c as well as shares c.sub.i.sup.2 and c.sub.i of the random bit on Z.sub.2 and Z.sub.L, and sends the random bit value as well as the shares to S.sub.i; 2. the image owner generates random numbers and sends the random numbers to S.sub.i; in an online stage: 3. S.sub.i perform the following calculation: custom-character e.sub.i.sup.2=b.sub.i.sup.2⊕c.sub.i.sup.2; 4. S.sub.i Restore e; 5. if e=1, S.sub.1 lets c.sub.1=1−c.sub.1, and S.sub.2 lets c.sub.2=−c.sub.2; 6. S.sub.i perform the following calculation: res.sub.i=SecMul(y.sub.i−x.sub.i, c.sub.i)+x.sub.i, the secure value comparison protocol SecCmp is as follows: the double cloud platforms S.sub.i own secret shares a.sub.i of a value a; in an offline stage: 1. the image owner generates a random value x as well as bits corresponding to the random value; 2. the image owner calculates share values x.sub.i of x as well as share values custom-character x[t].sub.i.sup.2 of the bits of the random value, and sends the calculated share values to the double cloud platforms S.sub.i; 3. the image owner calculates whether x.sub.i+x.sub.2 is greater than L; if yes, α=0; otherwise, α=1; then, the image owner generates a share α.sub.i.sup.2 of α on Z.sub.2; in an online stage: 4. S.sub.i perform the following calculation: r.sub.i=a.sub.i+x.sub.i and determine whether a.sub.i+x.sub.i is greater than L; if yes β.sub.i=1; otherwise, β.sub.i=0; 5. S.sub.i restore r and determine whether r.sub.1+r.sub.2 is greater than L; if yes, δ=1; otherwise, δ=0; 6. S.sub.i collaboratively perform the following calculation: SecBitCmp( custom-character x[t].sub.i.sup.2, r+1)=η.sub.i.sup.2, wherein in step 6, S.sub.1 performs the calculation of θ.sub.1=β.sub.1⊕δ⊕η.sub.1⊕α.sub.1 and S.sub.2 performs the calculation of θ.sub.2=β.sub.2 ⊕η.sub.2⊕α.sub.2; and the secure bit comparison protocol SecBitCmp is as follows: the double cloud platforms S.sub.i each own a share custom-character x[t].sub.i.sup.p of all l bits x[t] of a secret value x under Z.sub.p, l bits r[t] of a public number r, a share β.sub.i.sup.2 and β.sub.i.sup.p of a random bit β under Z.sub.2 and Z.sub.p, and a secret share of a random number m; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: u[i]=SecMul( custom-character 1−2β.sub.i.sup.p, x[t].sub.i.sup.p−r[t])t∈[0, l−1]; 3. S.sub.i perform the following calculation w[t].sub.i.sup.p=x[t].sub.i.sup.p−2*r[t]*x[t].sub.i.sup.p(mod p), and S.sub.1 performs the calculation of w[t].sub.1.sup.p=w[t].sub.1.sup.p+r[t](mod p); 4. S.sub.i perform the following calculation: custom-character c[t].sub.i.sup.p=u[t].sub.i.sup.p+Σ.sub.k=1+1.sup.lw[k].sub.i.sup.p(mod p), and then S.sub.1 performs the calculation of c[t].sub.i.sup.p=1c[t].sub.i.sup.p(mod p); 5. S.sub.i perform the following calculation d=m.sub.i*Π.sub.t=0.sup.l-1c[t] (mod p), wherein the calculation is completed by using a three-number multiplication protocol SecThreeMul and a secure multiplication protocol SecMul; 6. if d=0, S.sub.1 obtains bits custom-character η.sub.1.sup.2=β.sub.1.sup.2; otherwise, S.sub.1 obtains bits η.sub.1.sup.2=β.sub.1.sup.2⊕1; S.sub.2 obtains bits η.sub.2.sup.2=β.sub.2.sup.2.

7. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 6, wherein in step S11, the network structure of the convolutional neural network comprises convolutional layers, activation function layers, pooling layers, and fully connected layers; node quantities of the fully connected layers of the double cloud platforms S.sub.i are consistent with image types involved in the double cloud platforms S.sub.i, and convolutional layers of initial networks of the double cloud platforms S.sub.i use pre-trained weights, initial weights of the fully connected layers are generated randomly based on a normal distribution, and all subsequent image owners re-train the model having updated network parameters through steps S11 to S14.

8. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 7, wherein step S2 specifically comprises: S21. converting, by the authorized user, a to-be-queried picture into tension information, splitting the tension information {QT} by means of additive secret sharing, and sending the split tension information to the double cloud platforms S.sub.i respectively; S22. performing, by the double cloud platforms S.sub.i, collaborative encryption computing according to the tension shares QT.sub.i of the tension information, to obtain respective encrypted features QF.sub.i; S23. collaboratively measuring, by the double cloud platforms S.sub.i, distances between the extracted encrypted features QF.sub.i and the comparison features {F.sub.i}, and returning image information {I.sub.i} of similar images to the authorized user according to measurement results; and S24. restoring, by the authorized user, an original plaintext image {I} based on the two image shares {I.sub.i}.

9. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 8, wherein in step S22, the encrypted features QF.sub.i are obtained in the following manner: S221. performing, by the double cloud platforms S.sub.i, encrypted feedforward computing on the received tension shares QT.sub.i, and extracting features of last pooling layers; S222. performing additive aggregation on the features of the pooling layers; and S223. using feature vectors after the additive aggregation as the encrypted features QF.sub.i.

10. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 9, wherein the computing strategy of the encrypted feedforward computing further comprises a Beaver's triplet-based secure multiplication protocol SecMul for the fully connected layers and the convolutional layers and a pooling layer protocol SecMaxpool for max pooling layers; the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−a.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i restore α and β; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ, wherein in this case, f.sub.1+f.sub.2=uv, that is, this protocol implements SecMul(x.sub.i, y.sub.i).fwdarw.(x*y).sub.i.

11. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 6, wherein the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−a.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i share α.sub.i and β.sub.i; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ, f.sub.1+f.sub.2=uv; the three-number multiplication protocol SecThreeMul is as follows: the double cloud platforms S.sub.i own x.sub.i, y.sub.i, z.sub.i; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; 2. the image owner generates random integers a, b, c and performs the following calculation: d=abc; 3. the image owner calculates secret shares of a, b, c, d and sends the secret shares to S.sub.i; in an online stage: 4. S.sub.i collaboratively calculate SecMul(x.sub.i, y.sub.i), SecMul(x.sub.i, z.sub.i), and SecMul(y.sub.i, z.sub.i) to obtain xy.sub.i, xz.sub.i, and yz.sub.i; 5. S.sub.i perform the following calculation e.sub.i=x.sub.i−a.sub.i, f.sub.i=y.sub.i−b.sub.i, and g.sub.i=z.sub.i−c.sub.i, and collaboratively restore e, f, g; 6. S.sub.i perform the following calculation: xyz.sub.i=d.sub.i−x.sub.i*f*g−y.sub.i*e*g−z.sub.i*e*f+e*yz.sub.i+f*xz.sub.i+g*xy.sub.i; 7. S.sub.1 perform the following calculation: xyz.sub.1=xyz.sub.1+e*f*g; the pooling layer is a max pooling layer, and the pooling layer protocol SecMaxpool is as follows: the double cloud platforms S.sub.i own to-be-compared data x.sub.i, y.sub.i, z.sub.i, t.sub.i; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i call SecSgn and SS to calculate max(x.sub.i, y.sub.i) and max(z.sub.i, t.sub.i); 3. S.sub.i call SecSgn and SS to calculate max(max(x.sub.i, y.sub.i), max(z.sub.i, t.sub.i)).

12. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 7, wherein the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−α.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i share α.sub.i and β.sub.i; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+α.sub.iβ+(i−1)αβ, f.sub.1+f.sub.2=uv; the three-number multiplication protocol SecThreeMul is as follows: the double cloud platforms S.sub.i own x.sub.i, y.sub.i, z.sub.i; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; 2. the image owner generates random integers a, b, c and performs the following calculation: d=abc; 3. the image owner calculates secret shares of a, b, c, d and sends the secret shares to S.sub.i; in an online stage: 4. S.sub.i collaboratively calculate SecMul(x.sub.i, y.sub.i), SecMul(x.sub.i, z.sub.i), and SecMul(y.sub.i, z.sub.i) to obtain xy.sub.i, xz.sub.i, and yz.sub.i; 5. S.sub.i perform the following calculation e.sub.i=x.sub.i−a.sub.i, f.sub.i=y.sub.i−b.sub.i, and g.sub.i=z.sub.i−c.sub.i, and collaboratively restore e, f, g; 6. S.sub.i perform the following calculation: xyz.sub.i=d.sub.i−x.sub.i*f*g−y.sub.i*e*g−z.sub.i*e*f+e*yz.sub.i+f*xz.sub.i+g*xy.sub.i; 7. S.sub.1 perform the following calculation: xyz.sub.1=xyz.sub.1+e*f*g; the pooling layer is a max pooling layer, and the pooling layer protocol SecMaxpool is as follows: the double cloud platforms S.sub.i own to-be-compared data x.sub.i, y.sub.i, z.sub.i, t.sub.i; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i call SecSgn and SS to calculate max(x.sub.i, y.sub.i) and max(z.sub.i, t.sub.i); 3. S.sub.i call SecSgn and SS to calculate max(max(x.sub.i, y.sub.i), max(z.sub.i, t.sub.i)).

13. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 8, wherein the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−α.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i share α.sub.i and β.sub.i; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ, f.sub.1+f.sub.2=uv; the three-number multiplication protocol SecThreeMul is as follows: the double cloud platforms S.sub.i own x.sub.i, y.sub.i, z.sub.i; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; 2. the image owner generates random integers a, b, c and performs the following calculation: d=abc; 3. the image owner calculates secret shares of a, b, c, d and sends the secret shares to S.sub.i; in an online stage: 4. S.sub.i collaboratively calculate SecMul(x.sub.i, y.sub.i), SecMul(x.sub.i, z.sub.i), and SecMul(y.sub.i, z.sub.i) to obtain xy.sub.i, xz.sub.i, and yz.sub.i; 5. S.sub.i perform the following calculation e.sub.i=x.sub.i−a.sub.i, f.sub.i=y.sub.i−b.sub.i, and g.sub.i=z.sub.i−c.sub.i, and collaboratively restore e, f, g; 6. S.sub.i perform the following calculation: xyz.sub.i=d.sub.i−x.sub.i*f*g−y.sub.i*e*g−z.sub.i*e*f+e*yz.sub.i+f*xz.sub.i+g*xy.sub.i; 7. S.sub.1 perform the following calculation: xyz.sub.1=xyz.sub.1+e*f*g; the pooling layer is a max pooling layer, and the pooling layer protocol SecMaxpool is as follows: the double cloud platforms S.sub.i own to-be-compared data x.sub.i, y.sub.i, z.sub.i, t.sub.i; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i call SecSgn and SS to calculate max(x.sub.i, y.sub.i) and max(z.sub.i, t.sub.i); 3. S.sub.i call SecSgn and SS to calculate max(max(x.sub.i, y.sub.i), max(z.sub.i, t.sub.i)).

14. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 9, wherein the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−α.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i share α.sub.i and β.sub.i; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ, f.sub.1+f.sub.2=uv; the three-number multiplication protocol SecThreeMul is as follows: the double cloud platforms S.sub.i own x.sub.i, y.sub.i, z.sub.i; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; 2. the image owner generates random integers a, b, c and performs the following calculation: d=abc; 3. the image owner calculates secret shares of a, b, c, d and sends the secret shares to S.sub.i; in an online stage: 4. S.sub.i collaboratively calculate SecMul(x.sub.i, y.sub.i), SecMul(x.sub.i, z.sub.i), and SecMul(y.sub.i, z.sub.i) to obtain xy.sub.i, xz.sub.i, and yz.sub.i; 5. S.sub.i perform the following calculation e.sub.i=x.sub.i−a.sub.i, f.sub.i=y.sub.i−b.sub.i, and g.sub.i=z.sub.i−c.sub.i, and collaboratively restore e, f, g; 6. S.sub.i perform the following calculation: xyz.sub.i=d.sub.i−x.sub.i*f*g−y.sub.i*e*g−z.sub.i*e*f+e*yz.sub.i+f*xz.sub.i+g*xy.sub.i; 7. S.sub.1 perform the following calculation: xyz.sub.1=xyz.sub.1+e*f*g; the pooling layer is a max pooling layer, and the pooling layer protocol SecMaxpool is as follows: the double cloud platforms S.sub.i own to-be-compared data x.sub.i, y.sub.i, z.sub.i, t.sub.i; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i call SecSgn and SS to calculate max(x.sub.i, y.sub.i) and max(z.sub.i, t.sub.i); 3. S.sub.i call SecSgn and SS to calculate max(max(x.sub.i, y.sub.i), max(z.sub.i, t.sub.i)).

15. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 10, wherein the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−a.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i share α.sub.i and β.sub.i; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ, f.sub.1+f.sub.2=uv; the three-number multiplication protocol SecThreeMul is as follows: the double cloud platforms S.sub.i own x.sub.i, y.sub.i, z.sub.i; in an offline stage: 1. the image owner generates random numbers and sends the random numbers to S.sub.i; 2. the image owner generates random integers a, b, c and performs the following calculation: d=abc; 3. the image owner calculates secret shares of a, b, c, d and sends the secret shares to S.sub.i; in an online stage: 4. S.sub.i collaboratively calculate SecMul(x.sub.i, y.sub.i), SecMul(x.sub.i, z.sub.i), and SecMul(y.sub.i, z.sub.i) to obtain xy.sub.i, xz.sub.i, and yz.sub.i; 5. S.sub.i perform the following calculation e.sub.i=x.sub.i−a.sub.i, f.sub.i=y.sub.i−b.sub.i, and g.sub.i=z.sub.i−c.sub.i, and collaboratively restore e, f, g; 6. S.sub.i perform the following calculation: xyz.sub.i=d.sub.i−x.sub.i*f*g−y.sub.i*e*g−z.sub.i*e*f+e*yz.sub.i+f*xz.sub.i+g*xy.sub.i; 7. S.sub.1 perform the following calculation: xyz.sub.1=xyz.sub.1+e*f*g; the pooling layer is a max pooling layer, and the pooling layer protocol SecMaxpool is as follows: the double cloud platforms S.sub.i own to-be-compared data x.sub.i, y.sub.i, z.sub.i, t.sub.i; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i call SecSgn and SS to calculate max(x.sub.i, y.sub.i) and max(z.sub.i, t.sub.i); 3. S.sub.i call SecSgn and SS to calculate max(max (x.sub.i, y.sub.i), max(z.sub.i, t.sub.i)).

16. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 11, wherein in step S3, a method for distance measurement comprises a secure distance protocol SecDis, which is as follows: the double cloud platforms S.sub.i own encrypted vectors {x.sub.i} and {y.sub.i}; in an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; in an online stage: 2. S.sub.i calculate differences between vector elements, and collaboratively calculate SecMul(x.sub.i−y.sub.i, x.sub.i−y.sub.i); 3. S.sub.i calculate a sum of all vector values; in this case, the double cloud platforms S.sub.i obtain secret shares of a squared value of a Euclidean distance between two vectors.

17. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 12, wherein in step S3, a method for distance measurement comprises a secure distance protocol SecDis, which is as follows: the double cloud platforms S.sub.i own encrypted vectors {x.sub.i} and {y.sub.i}; in an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; in an online stage: 2. S.sub.i calculate differences between vector elements, and collaboratively calculate SecMul(x.sub.i−y.sub.i, x.sub.i−y.sub.i); 3. S.sub.i calculate a sum of all vector values; in this case, the double cloud platforms S.sub.i obtain secret shares of a squared value of a Euclidean distance between two vectors.

18. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 13, wherein in step S3, a method for distance measurement comprises a secure distance protocol SecDis, which is as follows: the double cloud platforms S.sub.i own encrypted vectors {x.sub.i} and {y.sub.i}; in an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; in an online stage: 2. S.sub.i calculate differences between vector elements, and collaboratively calculate SecMul(x.sub.i−y.sub.i, x.sub.i−y.sub.i); 3. S.sub.i calculate a sum of all vector values; in this case, the double cloud platforms S.sub.i obtain secret shares of a squared value of a Euclidean distance between two vectors.

19. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 14, wherein in step S3, a method for distance measurement comprises a secure distance protocol SecDis, which is as follows: the double cloud platforms S.sub.i own encrypted vectors {x.sub.i} and {y.sub.i}; in an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; in an online stage: 2. S.sub.i calculate differences between vector elements, and collaboratively calculate SecMul(x.sub.i−y.sub.i, x.sub.i−y.sub.i); 3. S.sub.i calculate a sum of all vector values; in this case, the double cloud platforms S.sub.i obtain secret shares of a squared value of a Euclidean distance between two vectors.

20. The multi-source encrypted image retrieval method based on federated learning and secret sharing according to claim 16, wherein in step S23, a method for distance measurement comprises a secure distance protocol SecSort, which is as follows: the double cloud platforms S.sub.i each own a share {x.sub.i} of a large quantity of to-be-compared values; in an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; 2. the image owner generates a random positive value k and a random value b, and sends share values thereof to the double cloud platforms S.sub.i, wherein value ranges of the value k and the value b are determined in advance, and it is ensured that a result of kx+b is definitely within a share range of x; in an online stage: 3. the double cloud platforms S.sub.i calculate SecMul(k.sub.i, {x.sub.i})+b.sub.i and disclose the value of {kx+b}.

Description

BRIEF DESCRIPTION OF THE DRAWINGS

[0051] FIG. 1 is a flowchart of a multi-source encrypted image retrieval method based on federated learning and secret sharing according to the present disclosure;

[0052] FIG. 2 is a diagram of accuracy comparison between the scheme in the present disclosure and some schemes in the prior art in the case of 50 returned results on a Corel1 k dataset; and

[0053] FIG. 3 is a diagram of accuracy comparison between the scheme in the present disclosure and some schemes in the prior art in the case of 50 returned results on a Corel10 k dataset.

DETAILED DESCRIPTION OF THE EMBODIMENTS

[0054] The present disclosure is described in further detail with reference to the accompanying drawings.

[0055] As shown in FIG. 1, steps during practical use of a multi-source encrypted image retrieval method based on federated learning and secret sharing according to the present disclosure are described in detail below:

[0056] Initialization of double cloud platforms:

[0057] S11: Two non-collaborating service providers form double cloud platforms, and identify a quantity of image types n involved in respective business scopes.

[0058] S12: The double cloud platforms use a VGG11 network as a network structure of a convolutional neural network, which includes convolutional layers, activation function layers, pooling layers, and fully connected layers, where parameters trained using an ImageNet database are used as initial weights, the last fully connected layer in the neural network in step S11 is replaced with a new fully connected layer according to a quantity of classes, to ensure that a node quantity of the last layer is n. For example, the cloud platform involves three classes: characters, houses and flowers; in this case, the last layer includes three nodes. Network weights and bias values in the fully connected layers are randomly generated based on a normal distribution. It should be noted that, the fully connected layer is mainly used for satisfying the training process of the federated learning, and features for retrieval are mainly extracted from the pooling layer.

[0059] An image owner is added to serve as a coalition member to perform model training on the convolutional neural network, so as to continuously improve the accuracy of the model and optimize parameters of the model, thus ensuring that a neural network with a simpler structure can be used in retrieval. An authorized user is a user with a retrieval permission authorized by the platform; the authorized user may or may not be an image owner.

[0060] First round of image owner joining:

[0061] S21: The image owner downloads two share values W.sub.i, b.sub.i of an initial network structure and weight bias information from the double cloud platforms S.sub.i, and restores real network initial weight parameters: W=W.sub.1+W.sub.2, b=b.sub.1+b.sub.2.

[0062] S22: The image owner makes labels for its own images according to the classes predefined by the cloud platforms, and trains the neural network locally for a fixed number of rounds or until model convergence. In the present disclosure, 100 rounds of training is used as an example. The label is preferably encoded as one-hot vector. For example, the cloud platform divides images into three classes: characters, houses and flowers; in this case, a character image can be encoded as [1, 0, 0], and other images are encoded in a similar way.

[0063] Preferably, additive secret sharing is defined in an integer field Z.sub.2.sub.32, where 12 places are fixedly defined as decimal places, and the rest are integer places. In addition, update of parameter weights of the scheme is also restricted in the integer field Z.sub.2.sub.32. It should be noted that, this range is perfectly adequate for common neural network models.

[0064] S23: The image owner calculates total gradient information G by comparing network parameters at convergence and the initial network weights, generates two additive shares G.sub.1 and G.sub.2 of the gradient information G, where G.sub.1+G.sub.2=G, and sends the shares to the double cloud platforms S.sub.i; at the same time, the image owner splits the image itself into two additive shares {I.sub.1}, {I.sub.2}, and sends the shares to the double cloud platforms S.sub.i; meanwhile, the image owner generates tension information {T} of each image after initial retrieval conversion, splits the tension information into additive shares {T.sub.1}, {T.sub.2}, and sends the shares to the double cloud platforms S.sub.i. The initial image retrieval conversion is as follows: 1. adjusting the size of the image to be 256*256; 2. converting the image into a vector ranging from 0 to 1; 3. normalizing the image, where mean coefficients are (0.4914, 0.4822, 0.4465), and standard deviation coefficients are (0.2023, 0.1994, 0.2010).

[0065] S24: The double cloud platforms S.sub.i update the weights according to the gradient shares G.sub.i by using a federated averaging algorithm; the double cloud platforms S.sub.i save secret shares of the image information, to wait for subsequent user retrieval; the double cloud platforms S.sub.i perform encrypted feedforward computing on the received tension shares T.sub.i by using the updated weight information, extract features of last pooling layers, perform additive aggregation on the pooling layer features 512*16*16, that is, calculate 256 values in 512 dimensions to serve as 512-dimensional features, use feature vectors after the additive aggregation as comparison features {F.sub.i}, and store the features for use in distance measurement during subsequent user retrieval.

[0066] S25: The image owner generates random numbers involved in secure protocols SecMul, SecThreeMul, SecBitCmp, SecCmp, SecSgn, SecReLU, SecMaxpool, and SecSort. That is, in an offline stage, a large quantity of available random numbers are generated for each protocol.

[0067] Subsequent image owners repeat the foregoing steps to train the model having the updated network parameters, so as to update the model again. User retrieval:

[0068] S31: An authorized user performs initial retrieval conversion on a to-be-queried image to obtain tension information {QT}, and transmits the image to the double cloud platforms S.sub.i by using additive secret shares on domain Z.sub.2.sub.32, where the initial retrieval conversion is consistent with that performed by the image owner, and the authorized user mainly refers to an image owner joining the double cloud platforms.

[0069] S32: The double cloud platforms S.sub.i complete encrypted feedforward of the convolutional neural network according to tension share values QT.sub.i, and extract values of last pooling layers after additive aggregation to serve as encrypted features QF.sub.i.

[0070] S33: The double cloud platforms perform the following calculation: SecMul(QF.sub.i−{F.sub.i}, QF.sub.i−{F.sub.i}), to obtain encrypted squared values of euclidean distances, then sort the secure distance values based on a SecSort protocol, find a fixed quantity of most similar image shares {I.sub.i}, and return the found image shares to the authorized user, where the most similar image shares may be a fixed quantity of image shares {I.sub.i} that are most similar to the to-be-queried image.

[0071] S34: The authorized user restores an original plaintext image {I} from the two image shares {I.sub.i} of the image. In this case, the user has obtained a plurality of images most similar to the queried image.

[0072] Specifically, a computing strategy of the encrypted feedforward computing in S24 and S32 include a Beaver's triplet-based secure multiplication protocol SecMul for the fully connected layers and the convolutional layers, where the triplet is provided by the image owner, an activation layer protocol SecReLU for the activation function layers, and a pooling layer protocol SecMaxpool for max pooling layers.

[0073] In the following protocols, (mod p) represent a mapping relation from outside the domain to inside the domain, which ensures that the operation always occurs in the corresponding modulus field.

[0074] The letters in each protocol have no real meaning. For example, a, b, c, d generally denote random number; x, y, z, t generally denote input; u, v, α, β, f, r and the like generally denote calculation results or output, which are not described in detail below.

[0075] The secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.1, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−a.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i restore α and β; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ. In this case, f.sub.1+f.sub.2=uv; specifically, this protocol implements SecMul(x.sub.i, y.sub.i).fwdarw.(x*y).sub.i.

[0076] In the present disclosure, the activation layer adopts a ReLU function for calculating a magnitude relationship between the secret shares and 0. In other words, it is necessary to calculate a highest bit of the value is 0 or 1. The present disclosure innovatively designs a new secure positive/negative judgment protocol SecSgn, which includes three sub-protocol: a three-number multiplication protocol SecThreeMul, a secure bit comparison protocol SecBitCmp, and a secure value comparison protocol SecCmp, and introduces the protocols to the feedforward process of the neural network to reduce the rounds of interaction. The specific implementation is as follows:

[0077] The activation layer protocol SecReLU is as follows: the double cloud platforms S.sub.i own secret shares a.sub.i of a value a; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: SecSgn(a)=b.sub.i; 3. S.sub.i calculate SS(b.sub.i, a, 0); in this case, the activation layer protocol SecReLU only requires log.sub.3(l+1)└+4 rounds of interaction, where ┌A┐ represents rounding A up.

[0078] The secure positive/negative judgment protocol SecSgn is as follows: the double cloud platforms S.sub.i own secret shares a.sub.i of a value a; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i collaboratively perform the following calculation: SecCmp(2*a.sub.i)=b.sub.i; 3. S.sub.i perform the following calculation: MSB (a.sub.i)⊕b.sub.i=res.sub.i; thus, the double cloud platforms S.sub.i obtain share values with a plus or minus sign; and if res.sub.1⊕res.sub.2=1, the original value a is a positive number; otherwise, a is a negative number. This scheme only requires ┌log.sub.3(l+1)┐+3 rounds of interaction.

[0079] The secure selection protocol SS is as follows: the double cloud platforms S.sub.i own shares custom-character b.sub.i.sup.2 of a bit value b, and two to-be-selected values x, y; in an offline stage: 1. the image owner generates a random bit value c as well as shares c.sub.i.sup.2 and c.sub.i of the random bit value on Z.sub.2 and Z.sub.L, and sends the random bit value as well as the shares to S.sub.i; 2. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 3. S.sub.i perform the following calculation: custom-character e.sub.i.sup.2=b.sub.i.sup.2⊕c.sub.i.sup.2; 4. S.sub.i restore e; 5. If e=1, S.sub.1 lets c.sub.1=1−c.sub.1, and S.sub.2 lets c.sub.2=−c.sub.2; 6. S.sub.i perform the following calculation: res.sub.i=SecMul(y.sub.i−x.sub.i, c.sub.i)+x.sub.i. In this case, the double cloud platforms S.sub.i obtain share values of a secret selection result; if b is 0, res.sub.1+res.sub.2=x; otherwise, res.sub.1+res.sub.2=y. The secure selection protocol SS can effectively avoid disclosing location information of positive values in the ReLU layer.

[0080] The secure value comparison protocol SecCmp is as follows: the double cloud platforms S.sub.i own secret shares a.sub.i of a value a; in an offline stage: 1. the image owner generates a random value x as well as bits corresponding to the random value; 2. the image owner calculates share values x.sub.i of x as well as share values custom-character x[t].sub.i.sup.2 of the bits of the random value, and sends the calculated share values to the double cloud platforms S.sub.i; 3. the image owner calculates whether x.sub.1+x.sub.2 is greater than L (whether domain crossing occurs); if yes, α=0; otherwise, α=1; then, the image owner generates a share custom-character a.sub.i.sup.2 of α on Z.sub.2; in an online stage: 4. S.sub.i perform the following calculation: r.sub.i=a.sub.i+x.sub.i and determine whether a.sub.i+x.sub.i is greater than L; if yes β.sub.i=1; otherwise, β.sub.i=0; 5. S.sub.i restore r and determine whether r.sub.i+r.sub.2 is greater than L; if yes, δ=1; otherwise, δ=0; 6. S.sub.i collaboratively perform the following calculation: SecBitCmp( custom-character x[t].sub.i.sup.2, r+1)=η.sub.i.sup.2. In step 6, S.sub.1 performs the calculation of θ.sub.1=β.sub.1⊕δ⊕η.sub.1⊕α.sub.1 and S.sub.2 performs the calculation of θ.sub.2=β.sub.2⊕η.sub.2⊕α.sub.2; thus, the double cloud platforms S.sub.i obtain share values of whether a is greater than L, that is, this protocol implements SecCmp(a.sub.i|x.sub.i, custom-character x[t].sub.i.sup.2, α.sub.i.sup.1)=θ.sub.i.

[0081] The secure bit comparison protocol SecBitCmp is as follows: the double cloud platforms S.sub.i each own a share custom-character x[t].sub.i.sup.p of all l bits x[t] of a secret value x under Z.sub.p, l bits r[t] of a public number r, a share β.sub.i.sup.2 and β.sub.i.sup.p of a random bit β under Z.sub.2 and Z.sub.p, and a secret share m.sub.i.sup.p of a random number m, where m∈Z.sub.p* (that is, m is a positive integer less than p); in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: u[i]=SecMul( custom-character 1−2β.sub.i.sup.p, x[t].sub.i.sup.p−r[t]), where t∈[0, l−1], and it should be noted that only one party needs to complete the calculation of adding 1 and subtracting r[t], while the other party only needs to provide 2β.sub.i.sup.p and x[t].sub.i.sup.p; 3. S.sub.i perform the following calculation: custom-character w[t].sub.i.sup.p=x[t].sub.i.sup.p−2*r[t]*x[t].sub.i.sup.p(mod p), where S.sub.1 performs the calculation of w[t].sub.1.sup.p=w[t].sub.1.sup.p+r[t](mod p); 4. S.sub.i perform the following calculation: c[t].sub.i.sup.p=u[t].sub.i.sup.p+Σ.sub.k=i+1.sup.lw[k].sub.i.sup.p(mod p), and then S.sub.1 performs the calculation of custom-character c[t].sub.i.sup.p=1+c[t].sub.i.sup.p(mod p); 5. S.sub.i perform the following calculation d=m.sub.i*Π.sub.t=0.sup.l-1c[t](mod p), where multiplication in this step is secure multiplication, and the calculation is completed by using a three-number multiplication protocol SecThreeMul and a secure multiplication protocol SecMul; 6. if d=0, S.sub.1 obtains bits custom-character η.sub.1.sup.2=β.sub.1.sup.2; otherwise, S.sub.1 obtains bits η.sub.1.sup.2=β.sub.1.sup.2⊕1; S.sub.2 obtains bits η.sub.2.sup.2=β.sub.2.sup.2; the double cloud platforms S.sub.i each obtain a share value of a comparison result, that is, this protocol implements SecCmp(x[t].sub.i.sup.p, r| custom-character β.sub.i.sup.2, β.sub.i.sup.p, m.sub.i)=η.sub.i.sup.2.

[0082] Similarly, the secure multiplication protocol SecMul is as follows: the double cloud platforms S.sub.i own u.sub.i, v.sub.i; in an offline stage: 1. the image owner generates random numbers a, b, c that satisfy c=ab, then performs additive decomposition on a, b, c, and sends (a.sub.i, b.sub.i, c.sub.i) to the double cloud platforms S.sub.i; in an online stage: 2. S.sub.i perform the following calculation: α.sub.i=u.sub.i−a.sub.i, β.sub.i=v.sub.i−b.sub.i; 3. S.sub.i share α.sub.i and β.sub.i; 4. S.sub.i perform the following calculation: f.sub.i=c.sub.i+b.sub.iα+a.sub.iβ+(i−1)αβ. In this case, f.sub.1+f.sub.2=uv, that is, this protocol implements SecMul(x.sub.i, y.sub.i).fwdarw.(x*y).sub.i.

[0083] The three-number multiplication protocol SecThreeMul is as follows: the double cloud platforms S.sub.i own x.sub.i, y.sub.i, z.sub.i; in an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; 2. the image owner generates random integers a, b, c and performs the following calculation: d=abc; 3. the image owner calculates additive secret shares of a, b, c, d and sends the secret shares to S.sub.i; in an online stage: 4. S.sub.i collaboratively calculate SecMul(x.sub.i, y.sub.i), SecMul(x.sub.i, z.sub.i), and SecMul(y.sub.i, z.sub.i) to obtain xy.sub.i, xz.sub.i, and yz.sub.i; 5. S.sub.i perform the following calculation e.sub.i=x.sub.i−a.sub.i, f.sub.i=y.sub.i−b.sub.i, and g.sub.i=z.sub.i−c.sub.i, and collaboratively restore e, f, g; 6. S.sub.i perform the following calculation: xyz.sub.i=d.sub.i−x.sub.i*f*g−y.sub.i*e*g−z.sub.i*e*f+e*yz.sub.i+f*xz.sub.i+g*xy.sub.i; 7. S.sub.1 perform the following calculation: xyz.sub.1=xyz.sub.i+e*f*g; thus, the double cloud platforms S.sub.i obtain two additive secret shares of xyz; that is, this protocol implements SecThreeMul(x.sub.i, y.sub.i, z.sub.i).fwdarw.(x*y*z).sub.i.

[0084] Further, the pooling layer is a 2*2 max pooling layer, which is used to find a maximum value among four numbers. To reduce the rounds of communication, this scheme is implemented in a concurrent manner, that is, every two numbers among the four numbers are compared with each other. Preferably, the pooling layer protocol SecMaxpool in the present disclosure is as follows: the double cloud platforms S.sub.i own to-be-compared data x.sub.i, y.sub.i, z.sub.i, t.sub.i. In an offline stage: 1. the image owner generates random numbers required by sub-protocols involved in the protocol and sends the random numbers to S.sub.i; in an online stage: 2. S.sub.i call SecSgn and SS to calculate max(x.sub.i, y.sub.i) and max(z.sub.i, t.sub.i);

[0085] 3. S.sub.i call SecSgn and SS to calculate max(max(x.sub.i, y.sub.i), max(z.sub.i, t.sub.i)). In this case, SecMaxpool only requires 2 ┌log.sub.3 (l+1)┐+8 rounds of interaction, and the foregoing protocol can ensure that the location of the maximum value is not disclosed, thereby improving the information security of the image.

[0086] Specifically, a secure distance SecDis between two vectors is obtained in the following manner: the double cloud platforms own encrypted vectors {x.sub.i} and {y.sub.i}. In an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; in an online stage: 2. S.sub.i calculate differences between vector elements, and collaboratively calculate SecMul(x.sub.i−y.sub.i, x.sub.i−y.sub.i); 3. S.sub.i calculate a sum of all distances. In this case, secret shares of a squared value of a Euclidean distance between two vectors have been obtained. Because the square does not change the magnitude relationship, while the rooting operation is complex in the ciphertext, the present disclosure directly uses the squared value for subsequent measurement.

[0087] Specifically, the present disclosure uses a non-information-theoretic-secure distance measurement method to measure a large quantity of distances. It is noticed that the distance values from two images to the original image information are large, and it is expensive and unnecessary to continue using the information-theoretic-secure comparison scheme. It is noted that the Euclidean distance value between images usually falls in a small range. Therefore, the present disclosure masks the original values by using a random multiplication and addition, and exposes the masked values. By sorting the masked values, the magnitude relationship of the unmasked values can be obtained. This is implemented by the following calculation process SecSort:

[0088] The double cloud platforms S.sub.i each own a share {x.sub.i} of a large quantity of to-be-compared values; in an offline stage: 1. image owners generate random numbers required by sub-protocols involved in the protocol and send the random numbers to S.sub.i; 2. the image owner generates a random positive value k and a random value b, and sends share values thereof to the double cloud platforms S.sub.i, where value ranges of the value k and the value b are determined in advance, and it is ensured that a result of kx+b is definitely within a share range of x, where 0.1<k<10, and −100<b<100; in an online stage: 3. the double cloud platforms S.sub.i calculate SecMul(k.sub.i, {x.sub.i})+b.sub.i and disclose the value of {kx+b}. Obviously, a value ranking of {kx+b} is equal to a value ranking of x.

[0089] In the present disclosure, a new secure positive/negative judgment protocol is designed. Compared with the latest research, only two non-collaborating service providers are required, and the number of interaction rounds is reduced from 4+┌log.sub.2 l┐ to 3+┌log.sub.3 (l+1)┐. That is, efficient, secure and practical retrieval is realized. Compared with the latest research, the information theoretic security and location security of the neural network parameters are ensured. After experiments, it is found that compared with the existing encrypted image retrieval scheme based on pre-trained convolutional neural network weights, the present disclosure can improve the accuracy by 8.93%-17.26% in the case of 50 returned results on both Corel1 k and Corel10 k datasets, as shown in FIG. 2 and FIG. 3.

[0090] The specific embodiments described herein are merely intended to illustrate the spirit of the present disclosure by way of example. A person skilled in the art can make various modifications or supplements to the specific embodiments described or replace them in a similar manner, but it may not depart from the spirit of the present disclosure or the scope defined by the appended claims.

[0091] It should be noted that, the image owner and the authorized user mentioned in this embodiment do not refer to the users themselves, but refer to systems, software or application sides used by the image owner and the authorized user. The generation of the random numbers and the restoration of the original plaintext image based on image analysis are implemented by the corresponding systems, software or application sides.

[0092] Although terms such as the image owner, convolutional neural network, gradient analysis, tension analysis, image sharing, comparison feature, and encrypted feature are used extensively herein, the possibility of using other terms is not excluded. The terms are only intended to describe and explain the essence of the present disclosure more conveniently. It is contrary to the spirit of the present disclosure to interpret these terms as any additional limitation.

Multi-Source Encrypted Image Retrieval Method Based on Federated Learning and Secret Sharing

Inventors

Cpc classification

Classification Explorer

G06N3/0464

PHYSICS

Classification Explorer

H04L9/085

ELECTRICITY

Classification Explorer

G06N3/084

PHYSICS

Classification Explorer

G06N3/08

PHYSICS

Classification Explorer

G06F21/6218

PHYSICS

Classification Explorer

G06N3/045

PHYSICS

Classification Explorer

H04L9/008

ELECTRICITY

Classification Explorer

G06F21/602

PHYSICS

International classification

Classification Explorer

H04L9/08

ELECTRICITY

Classification Explorer

G06F21/60

PHYSICS

Classification Explorer

G06N3/0464

PHYSICS

Classification Explorer

G06N3/08

PHYSICS

Abstract

Claims

Description