Speaker: Hanshen Xiao
Date: August 30, 2023
Time: 11 AM – 12 PM PST
Location: Zoom / 465H Soda Hall
Title: Learnable Encryption and PAC Privacy
Abstract: We initiate a formal study on the concept of learnable encryption and aim to answer the following question: Is there a type of data encoding that maintains the “learnability” of encoded samples, thereby enabling direct model training on transformed data, while ensuring the privacy of both plaintext and the secret encoding function? This long-standing open problem has prompted many efforts to design such an encryption function, for example, NeuraCrypt and TransNet. Nonetheless, all existing constructions are heuristic without formal privacy guarantees, and many successful reconstruction attacks are known assuming an adversary with substantial prior knowledge.
We present both generic possibility and impossibility results pertaining to learnable encryption. On one hand, we demonstrate that any non-trivial, property-preserving transformation which enables effectively learning over encoded samples cannot offer cryptographic computational security in the worst case. On the other hand, from the lens of information-theoretical security, we devise a series of new tools to produce provable and useful privacy guarantees from a set of heuristic obfuscation methods, including matrix masking, data mixing and permutation. Under the framework of PAC Privacy, we show how to quantify the leakage from the learnable encryption built upon those obfuscation methods against adversarial inference. In particular, we show after careful preprocessing, learnable encryption can produce a much sharpened privacy-utility tradeoff compared to a standard private data release via Differential Privacy (DP).
Bio: Hanshen Xiao is a final-year PhD student in MIT, advised by Srini Devadas. His research interests lie at the intersection of information theory, statistical learning and applied cryptography. He received the B.S. degree in mathematics from Tsinghua University and is the recipient of several awards, including Mathwork Fellowship (2021-2023) and Tsinghua Spark Fellowship (2015-2017).