Efficiently and securely outsourcing compressed sensing reconstruction to a cloud
Introduction
In recent years, cloud computing has been attracting widespread attention in both academia and industry [1], [13], [14], [15], [16]. Owing to resource restrictions or to save costs, a client can transfer their computational tasks to the cloud for processing. In particular, along with the emergence and development of big data, the demand for such transfers is continuously increasing. However, in view of task sensitivity and cloud distrust, security concerns must be taken into account [7], [25], [26], [27], [29]. This encourages the client to consider how to let the cloud fulfill dependable task processing over an encrypted domain, which inevitably introduces some new challenges [34]. The first challenge is to protect the privacy of both the client’s input tasks and the cloud’s output results. The client suitably encrypts the input task and then outsources the encrypted task to the cloud for processing. After completing the task, the cloud should not be able to infer sensitive information from the result. Hence, it is desirable that the encryption operation ensures not only the input/output privacy, but also the successful completion of the task. The second challenge is to be able to verify the result returned by the cloud. For various reasons, there may exist hardware faults and software bugs, resulting in incorrect computing. In addition, for intentional reasons the cloud may become lazy and want to muddle through, thus simply returning an arbitrary result. The cloud may even leverage this incorrect result to access useful knowledge on the task for financial incentive. Consequently, this requires the client to be able to determine whether the cloud behaves faithfully and returns a correct result. The third challenge concerns the efficiency of handling the computational task. This demands that the time required for the client to perform encryption operations should be substantially less than that required to complete the unencrypted task on their own. Meanwhile, the time required for the cloud to process the encrypted task should be kept as close as possible to that required for the client to complete the unencrypted task themselves.
Compressed sensing (CS) is an efficient signal sampling technique [4], [12]. Given two necessary conditions, it can recover a signal from a set of far fewer samples than required by the Shannon–Nyquist sampling theorem. These two conditions include sparsity, which requires the signal to be sparse in some domain, and the restricted isometry property (RIP), which should be satisfied by the sensing matrix. (CS) has a low linear encoding complexity, but a very high cubic reconstruction complexity. Because reconstructing and storing signals will consume a large amount of computational resources and occupy considerable storage space, it is unpractical, or even impossible, for this to be performed by resource-constrained devices, such as sensors and mobile terminals. Motivated by these challenges, in this study we propose outsourcing the compressed sensing reconstruction (CSR) task to the cloud.
A basic system service model involves a client sampling an original signal based on the CS technique to generate measurements, which are then sent to the cloud for storage and CSR task solving. When the client or other users make a request, the cloud can solve the CSR task and return the reconstructed signal. In general, a measurement matrix is handled by the client, while a sensing matrix, which is a product of the measurement matrix and an orthogonal sparsifying basis, is utilized on the cloud side. To protect the privacy of the signal, the measurement matrix and the generated measurements must be encrypted ahead of transmission to the cloud. However, in real-time applications it is not inadvisable for each signal to encrypt and transmit the measurement matrix, because the measurement matrix is significantly large, and will occupy too many resources if encrypted and transmitted. To address this issue, we adopt the primary assumption that the measurement matrix is public knowledge, which is known by both the client and cloud.
Keeping the measurement matrix public presents a new issue of how to encrypt the signal in the sampling process. To handle this problem, we can migrate the function of the orthogonal sparsifying basis from the sensing matrix to the measurement matrix. Then, we set the secret orthogonal sparsifying basis to provide privacy protection. As a result, the secret orthogonal sparsifying basis is now part of the measurement matrix rather than the sensing matrix. Specifically, the newly generated measurement matrix is a product of the original measurement matrix and the inverse matrix of the secret basis, and the new sensing matrix is the original measurement matrix. It is worth noting that in our model the sensing matrix used on the cloud side stays public, and the measurement matrix utilized by the client remains secret. Furthermore, the encryption mechanism taken by this function migration should not affect the sparsity and the RIP, otherwise the solving of the CSR task would be compromised. In Section 4.2, we show that neither the sparsity nor the RIP are affected.
Furthermore, other users face the issue of how to verify the reconstructed signal. The client can easily verify the reconstructed signal by leveraging the auxiliary information, including the measurement matrix and measurements, whereas other users do not have this auxiliary information. It is natural to ask whether the client can send the auxiliary information to other users. Unfortunately, this is not practical, as the amount of information is often very large, indeed significantly larger than the size of the signal to be sampled, and would consume considerable communication resources. Verification without using the auxiliary information is called asymmetric verification. In our work, we adopt keys, which are the unique information shared between the client and other users, to achieve a feasible asymmetric verification scheme. This also represents a deterministic verification approach, i.e., the reconstructed signal can be accurately distinguished as correct or incorrect. More interestingly, it is a partial verification scheme, meaning that a part of the reconstructed signal passing the verification can be used to reconstruct the signal to a satisfactory quality.
The main contributions of this paper can be summarized as follows.
- •
We propose two efficient CSR task-outsourcing protocols, simultaneously achieving the goals of correctness, privacy, client/user verification, and efficiency.
- •
We propose the novel idea of a publicly known sensing matrix, avoiding the transmission of the sensing matrix between the client and cloud, and thus saving communication resources.
- •
We devise an encryption approach by migrating the function of the orthogonal sparsifying basis into the original measurement matrix, while maintaining the sparsity and RIP.
- •
We design an asymmetric and partial verification approach for users, which is simple to use.
The remainder of this paper is organized as follows. The next section discusses related work. Section 3 introduces the basics of CSR, the system and threat model, and the design goals. Section 4 describes the protocol construction in detail, including the basic idea, key design and generation, client/user verification, and formal protocols. Section 5 provides further investigations in terms of privacy guarantees and a theoretical analysis, followed by a performance evaluation in Section 6. Finally, the last section concludes the paper.
Section snippets
Related work
CSR outsourcing is closely connected with matrix computation and equation solving outsourcing. Lei et al. outsourced large matrix inversion [24], large matrix multiplication [22], and large matrix determinant computations [23] to the cloud by employing some transformations including random permutations and value altering. A randomized Monte Carlo verification algorithm with a one-sided error is employed in these outsourcing mechanisms. Wang et al. proposed large-scale systems of linear equation
Compressed sensing reconstruction
The fundamental Shannon–Nyquist sampling theory describes sampling from the perspective of a limited signal band, and has been widely considered as key for acquiring and reconstructing data. Nevertheless, the resulting number of required measurements can be so large that the storage becomes infeasible, and the acquisition time becomes too long. CS is a new sampling theory, providing theoretical conditions to ensure the exact recovery of signals from a small number of linear projections below
Basic idea
Assume that a client wants to harness the CS technique to capture a signal x from the natural world. Let us first consider a general case. After sampling, the client transmits the measurement matrix A and measurement vector y to the cloud, which calculates this CSR task . In this scenario, the client has the measurement matrix A in hand, while the cloud owns the sensing matrix and both sides have a common measurement vector y. In order to guarantee the privacy of x, the client must
Privacy guarantee
Concerning the input privacy of the CSR task, we assume that the cloud that receives y attempts to directly reveal x based on the formula . However, because ΘK is unknown the input privacy of x can easily be ensured. Regarding the output privacy of the CSR task, we assume that the cloud that acquires attempts to disclose x according to . To do so, the cloud must crack DK. We previously mentioned two common methods for constructing DK. First, when parameterized optical transforms
Performance evaluation
We select an image and divide it into a certain number of blocks, each of which is regarded as a one-dimensional signal, to simulate the original signal for a visual view. The Lena image of size 512 × 512 is utilized. This is partitioned into 32 × 32 blocks, and so each signal has a length of 1024 and each image consists of 256 signals. With respect to the key generation, we apply secret row exchange operations to the DCT matrix, specifically a permutation operation to each row, to generate DK.
Concluding remarks
In this paper, we have proposed two CSR outsourcing protocols, which aim towards client and user verification, respectively. The client can generate a secret measurement matrix based on the secrecy of the orthogonal basis, which is then utilized for signal sampling. The generated measurement vector is sent to the cloud, where the CSR task using the public sensing matrix is solved. After receiving the result returned by the cloud, the client performs verification and finally decryption. If the
Acknowledgment
This work was supported by Guangxi Key Laboratory of Trusted Software (kx201904), Macau Science and Technology Development Fund (FDCT/022/2017/A1 and FDCT/077/2018/A2), National Natural Science Foundation of China (61702221), and Chongqing Basic Research and Front Exploration Project (cstc2018jcyjA3093).
References (50)
- et al.
Using a novel message-exchanging optimization (meo) model to reduce energy consumption in distributed systems
Simul. Modell. Pract. Theory
(2013) - et al.
New algorithms for secure outsourcing of large-scale systems of linear equations
IEEE Trans. Inf. Foren. Secur.
(2015) - et al.
Real discrete fractional Fourier, Hartley, generalized Fourier and generalized Hartley transforms with many parameters
IEEE Trans. Circ. Syst. I-Regular Papers
(2015) - et al.
A compressive sensing based privacy preserving outsourcing of image storage and identity authentication service in cloud
Inf. Sci.
(2017) - et al.
Achieving security, robust cheating resistance, and high-efficiency for outsourcing large matrix multiplication computation to a malicious cloud
Inf. Sci.
(2014) - et al.
On the soundness and security of privacy-preserving svm for outsourcing data classification
IEEE Trans. Depend. Secure Comput.,
(2018) - et al.
Attribute-based encryption with efficient verifiable outsourced decryption
IEEE Trans. Inf. Foren. Secur.
(2015) - et al.
Secure and practical outsourcing of linear programming in cloud computing
Proc. IEEE Computer Commun. (INFOCOM)
(2011) - et al.
Harnessing the cloud for securely solving large-scale systems of linear equations
31st International Conference on Distributed Computing Systems (ICDCS)
(2011) - et al.
Privacy-assured outsourcing of image reconstruction service in cloud
IEEE Trans. Emerg. Top. Comput.
(2013)
A view of cloud computing
Commun. ACM
The discrete fractional Fourier transform
IEEE Trans. Signal Process.
Robust uncertainty principles: exact signal reconstruction from highly incomplete frequency information
IEEE Trans. Inf. Theory
Decoding by linear programming
IEEE Trans. Inf. Theory
Near-optimal signal recovery from random projections: universal encoding strategies?
IEEE Trans. Inf. Theory
User differentiated verifiable file search on the cloud
IEEE Trans. Serv. Comput.
Highly efficient linear regression outsourcing to a cloud
IEEE Trans. Cloud Comput.
Privacy-preserving and verifiable protocols for scientific computation outsourcing to the cloud
J. Parallel Distrib. Comput.
Efficient and secure outsourcing of large-scale linear system of equations
IEEE Trans. Cloud Comput.
Compressed sensing
IEEE Trans. Inf. Theory
Blend arithmetic operations on tensor-based fully homomorphic encryption over real numbers
IEEE Trans. Ind. Inf.
Cost-aware multimedia data allocation for heterogeneous memory using genetic algorithm in cloud computing
IEEE Trans. Cloud Comput.
Energy-aware task assignment for mobile cyber-enabled applications in heterogeneous cloud computing
J. Parallel Distrib. Comput.
Dynamic energy-aware cloudlet-based mobile cloud computing model for green computing
J. Netw. Comput. Appl.
Cited by (28)
An efficient approach for encrypting double color images into a visually meaningful cipher image using 2D compressive sensing
2021, Information SciencesCitation Excerpt :In a word, our image encryption algorithm is highly sensitive to the plain images and carrier image, and it may resist known-plaintext and chosen-plaintext attacks well. Time complexity is an important evaluation indicator for an effective image encryption [42,43]. Our image encryption algorithm includes two phases: one is the compression and encryption process of plain images and the other is the embedding process.
Visual privacy-preserving level evaluation for multilayer compressed sensing model using contrast and salient structural features
2020, Signal Processing: Image CommunicationCitation Excerpt :Hu et al. [26] proposed an image service outsourcing scheme for CS reconstruction computation and identity authentication in the cloud that integrates the technique of CS domain processing into secure computation outsourcing. Zhang et al. introduced two compressed sensing reconstruction (CSR) outsourcing protocols geared towards client and user verification in [27] and proposed a novel framework based on CS and cascade chaotic system (CCS) to ensure low overhead, confidentiality, and authentication in [28,29]. In these methods, CS carry the secrecy since the random measurement matrix is regarded as a key.
Secure compressive sensing of images based on combined chaotic DWT sparse basis and chaotic DCT measurement matrix
2020, Optics and Lasers in EngineeringCitation Excerpt :For the CS framework, the unitary matrices such as DWT and DCT usually serve as sparse basis matrices. In [36], the authors proposed a securely outsourced and compressed sensing reconstruction to a cloud. In that proposed scheme, a public measurement matrix and a secret sparse basis matrix were employed to protect the privacy of transmitted data.
Secure and efficient outsourcing computation on large-scale linear regressions
2020, Information SciencesCitation Excerpt :Luo et al. [28] developed a secure outsourcing protocol for solving large-scale nonlinearly constrained nonlinear programming problems using gradient projection method. Zhang et al. [39] proposed a protocol for securely outsourcing compressed sensing reconstruction. Duan et al. [40] addressed the problem of securely outsourcing nonnegative matrix factorization.
Prior-based privacy-assured compressed sensing scheme in cloud
2024, Visual ComputerEnhancing Privacy Preservation in Verifiable Computation through Random Permutation Masking to Prevent Leakage
2023, Information (Switzerland)