Journal of Trends and Challenges in

Artificial Intelligence

Vol. 02, No. 03 (2025) 219-224, DOI: 10.61552/JAI.2025.03.001 - http://jai.aspur.rs

PRIVACY-PRESERVING MACHINE LEARNING ON

ENCRYPTED DATA USING HOMOMORPHIC ENCRYPTION

Sandesh Kokad 1 Received 14.07.2024.

Pravin Shinde Revised 27.08.2024.
Karan Rai Accepted 22.09.2024.
Prathamesh Adawale
Harsha Patil

ABSTRACT
Keywords:
Privacy-preserving machine The rising adoption of machine learning (ML) across various industries has
learning, Homomorphic sparked concerns due to the sensitive nature of the data involved and the
encryption, Encrypted data, Data opacity surrounding its collection, aggregation, and sharing practices. To
privacy, Machine learning [ML] address these concerns, researchers are actively developing methods to
algorithms. mitigate privacy risks associated with ML applications. One such approach
involves integrating privacy-preserving mechanisms into active learning
techniques. By leveraging homomorphic encryption-based federated learning,
which enables distributed computation across multiple clients while
maintaining strong data privacy, researchers have proposed a scheme that
safeguards user data privacy in active learning scenarios. Experimental results
indicate that this approach effectively preserves privacy while maintaining
model accuracy. Additionally, a comparison with other schemes highlights its
superiority in mitigating gradient leakage, with the proposed scheme exhibiting
no gradient leakage compared to alternatives that suffer from significant
leakage rates exceeding 74%.
The growing adoption of machine learning (ML) is prompting concerns due to
the sensitive nature of the data involved and the lack of transparency in data
collection, aggregation, and sharing. As a result, various approaches are being
devised to mitigate privacy risks and enhance acceptability, particularly in
sectors like healthcare where ML's potential remains largely untapped. This
study delves into cryptographic and security techniques to develop novel
confidentiality assurances for both data and ML models.
© 2025 Journal of Trends and Challenges in Artificial Intelligence R

1. INTRODUCTION valuable insights. In today's data-centric landscape,

privacy-preserving computation has emerged as a critical
In an era where data holds immense value, safeguarding priority for businesses and organizations striving to
it during computations becomes paramount. Privacy- shield sensitive data and adhere to rigorous data
preserving computation encompasses a range of protection regulations (Georgiadis & Poels 2021).
techniques and algorithms designed to process data while Conducting a thorough market analysis within the
upholding its confidentiality and integrity (Tang et al. privacy-preserving computation sector is essential for
2016). These methods ensure that sensitive information grasping market dynamics, identifying key players, and
remains safeguarded while still enabling the extraction of

1
Corresponding author: Sandesh Kokad
Email: sandeshkokad@gmail.com 219
 Privacy-Preserving Machine Learning on Encrypted Data Using Homomorphic Encryption

tracking emerging trends (Gupta et al. 2020, Chanal, et of bootstrapping for continuous evaluations. It proposes
al. 2021, Inibhunu et al. 2021). solutions for addressing these challenges.
Privacy-preserving computation encompasses various Homomorphic Encryption for Secure Multi-Party
techniques and algorithms that allow for data processing Computation (Das 2018, Kumar et al. 2020, Zhou et al.
while maintaining its confidentiality and integrity (Zhang 2021, Wang & Zhou 2022): Explore research on using
et al. 2021, Kale et al. 2024). These methods ensure the HE to enable secure multi-party computation, where
security of sensitive information, enabling valuable multiple parties can collaborate on tasks without
insights to be extracted from the data (Thapa & Camtepe revealing their individual data.
2021). In the current data-driven environment, privacy- Explainable AI with Homomorphic Encryption
preserving computation has gained increasing (Jagatheesaperumal et al. 2022, Saraswat et al. 2022,
importance as businesses and organizations aim to Dwivedi et al. 2023): Investigate the potential of HE in
safeguard sensitive data and comply with stringent data facilitating explainable AI for models trained on
protection regulations. A comprehensive market analysis encrypted data. This is relevant to your future scope point
of the privacy-preserving computation sector is essential on "Explainable AI."
for understanding market dynamics, key players, and
emerging trends.
Objective: This report seeks to provide an overview of 3. OVERVIEW
the technical intricacies surrounding privacy-preserving
computation, alongside a comprehensive analysis of the 3.1 Fully Homomorphic Encryption (FHE):
privacy-preserving computation sector. The analysis will Gentry's breakthrough: Gentry's work in 2009 introduced
delve into aspects such as market size and growth the concept of FHE, enabling arbitrary computations on
trajectory, prominent industry players, technological encrypted data (Gentry 2009, Gentry et al. 2012).
innovations, and potential opportunities for start-ups Recent advancements: Subsequent research has focused
within the field. A comprehensive evaluation of the on improving the efficiency and practicality of FHE
privacy-preserving computation sector, encompassing an schemes. Gentry (2009) presented fully homomorphic
in-depth market analysis, is conducted. This analysis encryption using ideal lattices.
primarily concentrates on the industry's market size and
growth, key participants, technological advancements, 3.2 Linear regression: Several studies have explored the
and potential start-up prospects. application of HE to linear regression models.

3.3 Neural networks: Deep learning models have also

2. LITERATURE REVIEW been adapted for privacy preserving training using HE.

The increasing adoption of machine learning (ML) has 3.4 Other algorithms: Other ML algorithms, such as
raised significant concerns about data privacy. Sensitive logistic regression and support vector machines, have
information, such as medical records, financial data, and been investigated in the context of HE.
personal identifiers, is often used to train ML models. To
address these privacy concerns, researchers have 3.5 Privacy-Preserving in Machine Learning:
explored various techniques, including homomorphic Privacy-preserving machine learning (PPML) is a
encryption (HE). HE allows for computations on subfield of machine learning that focuses on protecting
encrypted data without decrypting it, making it a the privacy of sensitive data while still enabling effective
promising tool for privacy-preserving ML. model training and inference. This is particularly
Practical Privacy-Preserving Machine Learning using important in domains where data contains personal or
Fully Homomorphic Encryption (Brand & Pradel 2023): confidential information, such as healthcare, finance, and
delves into a practical approach for training machine government.
learning models using FHE, achieving faster training
speeds compared to previous works. 3.6 Homomorphic Encryption:
Privacy Preserving Machine Learning with Homomorphic Encryption (HE) is a cryptographic
Homomorphic Encryption and Federated Learning (Fang strategy that permits computations to be performed on
& Qian 2021) explores a framework for PPML that scrambled information without decoding it.
combines partially homomorphic encryption (PHE) with Encryption: Data is encrypted using a public key,
federated learning, focusing on mitigating gradient resulting in a cipher text. Computation: Operations (e.g.,
leakage during training. addition, multiplication) are performed directly on the
Challenges and Advancements: cipher text.
Privacy-Preserving Machine Learning with Fully Decryption: The result of the computation is
Homomorphic Encryption for Deep Neural Network unscrambled utilizing a private key, uncovering the plain
(Lee et al. 2022) highlights the limitations of existing text result.
PPML models on FHE encrypted data, particularly
regarding non-standard activation functions and the lack

220
 Journal of Trends and Challenges in Artificial Intelligence, eISSN 3042-0008
Vol. 02, No. 03 (2025) 219-224, doi: 10.61552/JAI.2025.03.001

3.7 Working with Homomorphic Encryption: Presents how homomorphic encryption enables privacy-
Homomorphic Encryption (HE) is a cryptographic preserving operations by allowing computations on
procedure that permits computations to be performed encrypted data without compromising its confidentiality
straightforwardly on scrambled information without (Figure 2). This is particularly useful in scenarios where
unscrambling it (Figure 1). This is particularly useful for data privacy is a critical concern, such as in cloud
scenarios where data privacy is paramount and computing, machine learning, and data analytics.
computations need to be outsourced to untrusted parties. Data: The user's data is represented by the document
icon.
Encryption: The data is encrypted using a public key,
ensuring its confidentiality. This is represented by the
lock icon and the label "Encrypted Data." Search: The
encrypted data is sent to the model owner for search.
Search Information in Encrypted State: The model owner
performs the search operation directly on the encrypted
data without decrypting it. This is possible due to
homomorphic encryption, which allows computations on
encrypted data. Return Result: The search result is
returned to the user in an encrypted state.
No Need for Encrypted Key for Operation: A key point
is that the model owner does not need the encrypted key
to perform the search operation. This further enhances
privacy as the model owner does not have access to the
plain text data.
Figure 1-Working of Homomorphic Encryption
Key Generation:
A combination of public and private keys is generated.
The open key is used for encryption, whereas the private 4. METHODOLOGY
key is used for unscrambling.
Encryption: Data Encryption: Data is encrypted using homomorphic
Plain text data is encrypted using the public key to encryption methods, like partially homomorphic
produce cipher text. encryption (PHE) or Fully Homomorphic Encryption
The cipher text is indistinguishable from random noise, (FHE). This ensures that the data remains secure even
ensuring data confidentiality. during computations.
Operations (e.g., addition, multiplication) are performed Model Training: The machine learning model is trained
directly on the ciphertext. Homomorphic encryption using the encrypted data, ensuring that sensitive
schemes allow these operations to be carried out without information is never exposed during the training process.
revealing the underlying plain text. Evaluation: The performance of the trained model is
Decryption: evaluated on encrypted test data to ensure it can perform
The computation result (still in cipher text form) is well without compromising data privacy.
decrypted using the private key. This reveals the plain Decryption: After the computations, the final model or
text result of the operation. prediction outputs can optionally be decrypted to obtain
plaintext results if necessary.
3.8 Homomorphic Encryption Protects Data Privacy Privacy Assurance: The privacy guarantees of the
in Search Operations: homomorphic encryption scheme are validated by
analyzing its security properties, ensuring that sensitive
information remains protected throughout the entire
process.
Performance Optimization: Techniques like batching
operations and model simplification are implemented to
improve computation efficiency and speed on encrypted
data.
Deployment: The system is deployed in real-world
applications, adhering to relevant privacy regulations and
standards.

5. CHALLENGES

Figure 2 - Homomorphic Encryption for privacy Computational Overhead:

Preserving Homomorphic encryption is computationally expensive,

221
 Privacy-Preserving Machine Learning on Encrypted Data Using Homomorphic Encryption

leading to increased processing time and resource Federated Learning: The use of homomorphic
consumption compared to traditional ML methods. encryption in federated learning environments allows
Scalability: Scaling homomorphic encryption for large multiple clients to collaboratively train a model without
datasets or complex ML models can be difficult, as the sharing their raw data, thus preventing gradient leakage
computational load grows exponentially challs. Model and enhancing privacy.
Accuracy: Balancing privacy and accuracy is Advanced Encryption Techniques: Implementing fully
challenging. Some encryption schemes may introduce homomorphic encryption (FHE) and optimizing
noise or reduce precision, potentially impacting the computations to make them more efficient can further
model's performance. enhance privacy while maintaining model accuracy and
Data Management: Managing encrypted data across performance.
distributed systems adds complexity, particularly in
ensuring data consistency and integrity.
Regulatory Compliance: Ensuring compliance with 9. RESULTS
various data protection regulations while using
encryption methods can be a complex legal challenge. Improved privacy: Data remains encrypted throughout
processing, reducing the risk of data breaches. Secure
multi-party computation: Enables collaborative
6. BENIFITS machine learning while maintaining data confidentiality.
Private data analysis: Train models on encrypted data,
Enhanced Privacy: Homomorphic encryption ensures ensuring sensitive information remains protected. Secure
that sensitive data remains encrypted throughout the ML outsourcing: Send encrypted data to third-party services
process, significantly reducing the risk of data breaches. for computation, without exposing the data.
Collaboration and Data Sharing: Enables secure Collaborative learning: Multiple parties can jointly
collaboration across different organizations or train models on their combined encrypted data, without
departments by allowing them to share encrypted data revealing individual data.
without exposing sensitive information.
Regulatory Compliance: Helps organizations comply
with stringent data protection laws by providing strong 10. DISCUSSION
privacy guarantees.
Data Utility: Despite the encryption, useful insights and Homomorphic encryption is computationally intensive,
predictions can still be derived from the data, ensuring slowing down machine learning processes. Balancing
that the data remains valuable. privacy, computational efficiency, and model accuracy.
Cross-Domain Applications: The approach is Developing more efficient homomorphic encryption
particularly beneficial in domains like healthcare and schemes and optimizing machine learning algorithms for
finance, where data privacy is crucial but data sharing is encrypted data.
also essential for innovation.

11. FUTURE SCOPE

7. DIFFICULTY
The future scope of privacy-preserving machine learning
Data Privacy in Machine Learning: With the
on encrypted data using homomorphic encryption in
increasing adoption of ML across industries, the privacy
bullet points Enable multiple parties to jointly train
of sensitive data has become a significant concern.
Traditional ML methods often require access to raw data, machine learning models on their combined encrypted
leading to potential privacy breaches. data, without revealing individual data. Advancements in
Gradient Leakage: In some ML methods, gradients can HE algorithms and hardware acceleration will reduce
leak sensitive information, which poses a risk, especially computational overhead, making PPML more practical.
in federated learning environments where multiple Multi-Party Computation: He will enable secure multi-
clients are involved. party computation, allowing multiple parties to
collaborate on machine learning tasks without revealing
their data. Homomorphic encryption will enable secure
8. SOLUTION multi-party computation, allowing multiple parties to
jointly perform computations on their combined
Homomorphic Encryption-Based ML: This approach encrypted data. Homomorphic encryption will facilitate
integrates homomorphic encryption with ML, allowing explainable AI, enabling secure interpretation of machine
computations to be performed on encrypted data without learning models trained on encrypted data. Optimized
ever needing to decrypt it. This method addresses privacy homomorphic encryption for deep learning. Facilitate
concerns by ensuring that sensitive data remains secure data sharing between organizations, enabling
encrypted throughout the entire process. collaboration while maintaining data confidentiality.

222
 Journal of Trends and Challenges in Artificial Intelligence, eISSN 3042-0008
Vol. 02, No. 03 (2025) 219-224, doi: 10.61552/JAI.2025.03.001

12. CONCLUSION Acknowledgement:

We would like to express our sincere gratitude to Prof.
In conclusion, leveraging homomorphic encryption for Harsha Patil for her invaluable guidance and support
privacy-preserving machine learning on encrypted data throughout the course of our research. Her expertise and
offers a ground breaking solution to protect sensitive insightful feedback greatly contributed to the
information while still enabling valuable insights to be development of this work. We also extend our heartfelt
extracted. This approach not only addresses privacy thanks to our peers and the faculty at MIT ACSC Alandi,
concerns but also opens up new opportunities for Pune, for their encouragement and assistance. This
collaboration and data sharing across domains. Moving research was conducted as part of our final year MSC CA
forward, continued advancements in this field will be program, and we are deeply appreciative of the resources
crucial to realizing the full potential of secure and and opportunities provided by the institution.
collaborative machine learning in various industries.

References:

Brand, M., & Pradel, G. (2023). Practical Privacy-Preserving Machine Learning using Fully Homomorphic
Encryption. Cryptology ePrint Archive. Accessed 10.08.2024: https://eprint.iacr.org/2023/1320.pdf
Chanal, P. M., Kakkasageri, M. S., & Manvi, S. K. S. (2021). Security and privacy in the internet of things: computational
intelligent techniques-based approaches. In Recent trends in computational intelligence enabled research (pp. 111-
127). Academic Press.
Das, D. (2018, January). Secure cloud computing algorithm using homomorphic encryption and multi-party computation.
In 2018 International Conference on Information Networking (ICOIN) (pp. 391-396). IEEE.
Dwivedi, R., Dave, D., Naik, H., Singhal, S., Omer, R., Patel, P., ... & Ranjan, R. (2023). Explainable AI (XAI): Core
ideas, techniques, and solutions. ACM Computing Surveys, 55(9), 1-33.
Fang, H., & Qian, Q. (2021). Privacy preserving machine learning with homomorphic encryption and federated
learning. Future Internet, 13(4), 94.
Gentry, C. (2009, May). Fully homomorphic encryption using ideal lattices. In Proceedings of the forty-first annual ACM
symposium on Theory of computing (pp. 169-178).
Gentry, C., Halevi, S., & Smart, N. P. (2012, August). Homomorphic evaluation of the AES circuit. In Annual Cryptology
Conference (pp. 850-867). Berlin, Heidelberg: Springer Berlin Heidelberg.
Georgiadis, G., & Poels, G. (2021). Enterprise architecture management as a solution for addressing general data
protection regulation requirements in a big data context: a systematic mapping study. Information Systems and e-
Business Management, 19, 313-362.
Gupta, R., Tanwar, S., Al-Turjman, F., Italiya, P., Nauman, A., & Kim, S. W. (2020). Smart contract privacy protection
using AI in cyber-physical systems: tools, techniques and challenges. IEEE access, 8, 24746-24772.
Inibhunu, C., & McGregor, C. (2021, March). Privacy Preserving Framework for Big Data Management in Smart
Buildings. In 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and
other Affiliated Events (PerCom Workshops) (pp. 667-673). IEEE.
Jagatheesaperumal, S. K., Pham, Q. V., Ruby, R., Yang, Z., Xu, C., & Zhang, Z. (2022). Explainable AI over
the Internet of Things (IoT): Overview, state-of-the-art and future directions. IEEE Open Journal of the
Communications Society, 3, 2106-2136.
Kale, R. S., Hase, J., Deshmukh, S., Ajani, S. N., Agrawal, P. K., & Khandelwal, C. S. (2024). Ensuring data
confidentiality and integrity in edge computing environments: A security and privacy perspective. Journal of
Discrete Mathematical Sciences and Cryptography, 27, 421-430.
Kumar, A. V., Sujith, M. S., Sai, K. T., Rajesh, G., & Yashwanth, D. J. S. (2020, December). Secure Multiparty
computation enabled E-Healthcare system with Homomorphic encryption. In IOP Conference Series: Materials
Science and Engineering (Vol. 981, No. 2, p. 022079). IOP Publishing.
Lee, J. W., Kang, H., Lee, Y., Choi, W., Eom, J., Deryabin, M., ... & No, J. S. (2022). Privacy-preserving machine
learning with fully homomorphic encryption for deep neural network. iEEE Access, 10, 30039-30054.
Saraswat, D., Bhattacharya, P., Verma, A., Prasad, V. K., Tanwar, S., Sharma, G., ... & Sharma, R. (2022). Explainable
AI for healthcare 5.0: opportunities and challenges. IEEE Access, 10, 84486-84517.
Tang, J., Cui, Y., Li, Q., Ren, K., Liu, J., & Buyya, R. (2016). Ensuring security and privacy preservation for cloud data
services. ACM Computing Surveys (CSUR), 49(1), 1-39.
Thapa, C., & Camtepe, S. (2021). Precision health data: Requirements, challenges and existing techniques for data
security and privacy. Computers in biology and medicine, 129, 104130.
Wang, C., & Zhou, R. G. (2022). Secure multi-party convex hull protocol based on quantum homomorphic
encryption. Quantum Information Processing, 22(1), 24.
Zhang, Q., Xin, C., & Wu, H. (2021). Privacy-preserving deep learning based on multiparty secure computation: A
survey. IEEE Internet of Things Journal, 8(13), 10412-10429.

223
 Privacy-Preserving Machine Learning on Encrypted Data Using Homomorphic Encryption

Zhou, J., Feng, Y., Wang, Z., & Guo, D. (2021). Using secure multi-party computation to protect privacy on a
permissioned blockchain. Sensors, 21(4), 1540.

Sandesh Kokad Pravin Shinde Karan Rai

MIT ACSC, Alandi Pune - 412105 MIT ACSC, Alandi Pune - 412105 MIT ACSC, Alandi Pune - 412105
India. India. India.
sandeshkokad@gmail.com pravin1920shinde@gmail.com karankaushalendrarai@gmail.com
Prathamesh Adawale Harsha Patil
MIT ACSC, Alandi Pune - 412105 MIT ACSC, Alandi Pune - 412105
India. India.
prathameshadawale@gmail.com hrpatel888@gmail.com
ORCID: 0000-0001-6519-9987

224