李 暉

西安電子科技大學 網(wǎng)絡(luò)與信息安全學院, 西安710126

人工智能是指由計算機展現(xiàn)出的類人智能, 機器學習是人工智能的重要應(yīng)用. 機器學習廣義上可以理解為基于已有的經(jīng)驗進行精準預(yù)測的計算方法. 當前學習算法已有了多種應(yīng)用, 例如文本分類、自然語言處理、語音識別與合成、光學字符識別、圖像識別和人臉檢測、游戲、醫(yī)療診斷、推薦系統(tǒng)、機器人等. 這些學習算法可以大致歸類為分類、回歸、排序、聚類、降維等等. 以神經(jīng)網(wǎng)絡(luò)為代表的深度學習在圖像分類、人臉識別、圖像和視頻生成、自然語言理解、語音識別等應(yīng)用中取得了巨大的成功, 人工智能已經(jīng)成為當前計算機科學最熱門的研究領(lǐng)域.

機器學習從學習情景角度可以分為監(jiān)督學習、無監(jiān)督學習、半監(jiān)督學習、在線學習、強化學習、主動學習等. 影響機器學習性能和準確性的關(guān)鍵因素是數(shù)據(jù)樣本的可靠性和規(guī)模, 只有擁有大規(guī)模的正確數(shù)據(jù),才能保證高質(zhì)量的機器學習. 因此人工智能的數(shù)據(jù)安全保護是密碼學在人工智能安全領(lǐng)域的重要應(yīng)用方向. 當前的一個研究熱點是在機器學習的模型訓(xùn)練和推理階段利用同態(tài)加密、安全多方計算等新型密碼學機制, 保證在得到精確模型或者準確預(yù)測結(jié)果的同時, 不泄露用戶的數(shù)據(jù).

由于人工智能可以幫助人們提高從大量數(shù)據(jù)中預(yù)測和發(fā)現(xiàn)模式的效率, 利用人工智能尋找具有良好密碼性質(zhì)的密碼部件, 或者在密碼分析過程中幫助發(fā)現(xiàn)密碼算法的設(shè)計規(guī)律, 乃至密碼硬件信息泄露的規(guī)律也是當前人工智能在密碼學研究領(lǐng)域的重要方向.

本期專欄收錄了1 篇綜述和2 篇論文, 希望對人工智能與密碼相結(jié)合的研究起到促進作用.

第一篇綜述性論文《面向加密數(shù)據(jù)的安全圖像分類模型研究綜述》對基于加密技術(shù)的圖像分類模型隱私保護做了全面調(diào)研, 從模型推理和模型訓(xùn)練兩個方面介紹了基于安全多方計算和同態(tài)加密等密碼應(yīng)用方案, 對相關(guān)方案進行了比較, 并對未來的研究方向進行了展望.

第二篇論文《基于機器學習的公平數(shù)據(jù)交易》針對數(shù)據(jù)聚類、分類等大數(shù)據(jù)分析對數(shù)據(jù)可靠性和數(shù)據(jù)交易公平性的需求, 提出了基于機器學習的公平數(shù)據(jù)交易協(xié)議, 運用BP 神經(jīng)網(wǎng)絡(luò)和向量承諾協(xié)議實現(xiàn)數(shù)據(jù)持有者與數(shù)據(jù)消費者交易數(shù)據(jù)的可靠性驗證, 并結(jié)合智能合約達到了數(shù)據(jù)的公平性.

第三篇論文《基于改進殘差網(wǎng)絡(luò)和數(shù)據(jù)增強技術(shù)的能量分析攻擊研究》則將人工智能用于密碼芯片的側(cè)信道攻擊. 提出了一種使用改進殘差網(wǎng)絡(luò)和數(shù)據(jù)增強技術(shù), 解決了小樣本訓(xùn)練問題, 減少了訓(xùn)練過程中過擬合現(xiàn)象的發(fā)生, 與卷積神經(jīng)網(wǎng)絡(luò)和多層感知器神經(jīng)網(wǎng)絡(luò)相比, 同等條件下測試精度提高了16.63% 和54.27%.

由于篇幅所限, 本專欄在當前面向人工智能的密碼研究中只覆蓋了較窄的方面, 歡迎從事本方向研究的學者更多的向本刊投稿, 促進這一領(lǐng)域研究成果的交流, 推動人工智能領(lǐng)域密碼創(chuàng)新成果的實際應(yīng)用.

Artificial intelligence refers to human-like intelligence exhibited by computers, and machine learning is an important application of artificial intelligence. In a broad sense, machine learning can be understood as a calculation method for accurate prediction based on existing experience. Current machine learning algorithms have been used in many applications, such as text classification, natural language processing, speech recognition and synthesis, optical character recognition, image recognition and face detection, games, medical diagnosis, recommendation systems, robots, etc. These learning algorithms can be roughly classified into classification, regression, ranking, clustering, dimensionality reduction, and so on. Neural networks based deep learning has achieved great success in image classification, face recognition, image and video generation, natural language understanding, speech recognition and other applications. Artificial intelligence has become the most popular research field in computer science.

From the perspective of learning situations,machine learning can be divided into supervised learning, unsupervised learning, semi-supervised learning, online learning, reinforcement learning, active learning, etc. The key factor affecting the performance and accuracy of machine learning is the reliability and scale of data samples. Only with large-scale correct data can high-quality machine learning be guaranteed. Therefore, the data security protection of artificial intelligence is an important research direction of cryptography in the field of AI security. A current research hotspot is the use of new cryptographic mechanisms such as homomorphic encryption and secure multi-party computation(SMC) in the model training and inference stages of machine learning to ensure that accurate models or accurate prediction results are obtained without revealing user data.

Because artificial intelligence can help people improve the efficiency of predicting and discovering patterns from large amounts of data,using artificial intelligence to find cryptographic components with good cryptographic properties, or to help discover the design rules of cryptographic algorithms in the process of cryptographic analysis,and even the information leakage of cryptographic hardware are also an important direction in the field of cryptography.

This column contains 1 survey and 2 papers, hoping to promote research on the combination of artificial intelligence and cryptography.

The first review paper “A Survey on Encrypted Image Recognition Models” conducted a comprehensive survey on the privacy protection of image classification models based on encryption technology.SMC and homomorphic encryption based cryptographic schemes are introduced from the perspective of model training and model inference. The cryptographic application schemes have been compared,and the future research directions have been prospected.

The second paper “Fair Data Trading Based on Machine Learning” aims at data clustering, classification and other big data analysis requirements for data reliability and data transaction fairness,and proposes a fair data transaction protocol based on machine learning, using BP neural network.The Vector Commitment Protocol realizes the reliability verification of the transaction data between the data holder and the data consumer, and combines with the smart contract to achieve the fairness of the data.

The third paper “Research on Power Analysis Attack Based on Improved Residual Network and Data Augmentation Technology” uses artificial intelligence for side channel attacks on cryptographic chips. It proposes an improved residual network and data augmentation technology, which solves the problem of small sample training and reduces the occurrence of overfitting during the training process.Compared with convolutional neural networks and multilayer perceptron neural networks,the accuracy of test is improved by 16.63% and 54.27% under the equivalent conditions.

Due to space limitations, this column covers only a narrow aspect in the current artificial intelligence-oriented cryptographic research. Scholars engaged in this field of research are welcome to contribute more to this journal to promote the exchange of research results in this field, and promote practical application of cryptographic innovations in the field of AI.