李 暉

西安電子科技大學(xué) 網(wǎng)絡(luò)與信息安全學(xué)院, 西安710126

人工智能是指由計(jì)算機(jī)展現(xiàn)出的類人智能, 機(jī)器學(xué)習(xí)是人工智能的重要應(yīng)用. 機(jī)器學(xué)習(xí)廣義上可以理解為基于已有的經(jīng)驗(yàn)進(jìn)行精準(zhǔn)預(yù)測(cè)的計(jì)算方法. 當(dāng)前學(xué)習(xí)算法已有了多種應(yīng)用, 例如文本分類、自然語(yǔ)言處理、語(yǔ)音識(shí)別與合成、光學(xué)字符識(shí)別、圖像識(shí)別和人臉檢測(cè)、游戲、醫(yī)療診斷、推薦系統(tǒng)、機(jī)器人等. 這些學(xué)習(xí)算法可以大致歸類為分類、回歸、排序、聚類、降維等等. 以神經(jīng)網(wǎng)絡(luò)為代表的深度學(xué)習(xí)在圖像分類、人臉識(shí)別、圖像和視頻生成、自然語(yǔ)言理解、語(yǔ)音識(shí)別等應(yīng)用中取得了巨大的成功, 人工智能已經(jīng)成為當(dāng)前計(jì)算機(jī)科學(xué)最熱門的研究領(lǐng)域.

機(jī)器學(xué)習(xí)從學(xué)習(xí)情景角度可以分為監(jiān)督學(xué)習(xí)、無(wú)監(jiān)督學(xué)習(xí)、半監(jiān)督學(xué)習(xí)、在線學(xué)習(xí)、強(qiáng)化學(xué)習(xí)、主動(dòng)學(xué)習(xí)等. 影響機(jī)器學(xué)習(xí)性能和準(zhǔn)確性的關(guān)鍵因素是數(shù)據(jù)樣本的可靠性和規(guī)模, 只有擁有大規(guī)模的正確數(shù)據(jù),才能保證高質(zhì)量的機(jī)器學(xué)習(xí). 因此人工智能的數(shù)據(jù)安全保護(hù)是密碼學(xué)在人工智能安全領(lǐng)域的重要應(yīng)用方向. 當(dāng)前的一個(gè)研究熱點(diǎn)是在機(jī)器學(xué)習(xí)的模型訓(xùn)練和推理階段利用同態(tài)加密、安全多方計(jì)算等新型密碼學(xué)機(jī)制, 保證在得到精確模型或者準(zhǔn)確預(yù)測(cè)結(jié)果的同時(shí), 不泄露用戶的數(shù)據(jù).

由于人工智能可以幫助人們提高從大量數(shù)據(jù)中預(yù)測(cè)和發(fā)現(xiàn)模式的效率, 利用人工智能尋找具有良好密碼性質(zhì)的密碼部件, 或者在密碼分析過(guò)程中幫助發(fā)現(xiàn)密碼算法的設(shè)計(jì)規(guī)律, 乃至密碼硬件信息泄露的規(guī)律也是當(dāng)前人工智能在密碼學(xué)研究領(lǐng)域的重要方向.

本期專欄收錄了1 篇綜述和2 篇論文, 希望對(duì)人工智能與密碼相結(jié)合的研究起到促進(jìn)作用.

第一篇綜述性論文《面向加密數(shù)據(jù)的安全圖像分類模型研究綜述》對(duì)基于加密技術(shù)的圖像分類模型隱私保護(hù)做了全面調(diào)研, 從模型推理和模型訓(xùn)練兩個(gè)方面介紹了基于安全多方計(jì)算和同態(tài)加密等密碼應(yīng)用方案, 對(duì)相關(guān)方案進(jìn)行了比較, 并對(duì)未來(lái)的研究方向進(jìn)行了展望.

第二篇論文《基于機(jī)器學(xué)習(xí)的公平數(shù)據(jù)交易》針對(duì)數(shù)據(jù)聚類、分類等大數(shù)據(jù)分析對(duì)數(shù)據(jù)可靠性和數(shù)據(jù)交易公平性的需求, 提出了基于機(jī)器學(xué)習(xí)的公平數(shù)據(jù)交易協(xié)議, 運(yùn)用BP 神經(jīng)網(wǎng)絡(luò)和向量承諾協(xié)議實(shí)現(xiàn)數(shù)據(jù)持有者與數(shù)據(jù)消費(fèi)者交易數(shù)據(jù)的可靠性驗(yàn)證, 并結(jié)合智能合約達(dá)到了數(shù)據(jù)的公平性.

第三篇論文《基于改進(jìn)殘差網(wǎng)絡(luò)和數(shù)據(jù)增強(qiáng)技術(shù)的能量分析攻擊研究》則將人工智能用于密碼芯片的側(cè)信道攻擊. 提出了一種使用改進(jìn)殘差網(wǎng)絡(luò)和數(shù)據(jù)增強(qiáng)技術(shù), 解決了小樣本訓(xùn)練問(wèn)題, 減少了訓(xùn)練過(guò)程中過(guò)擬合現(xiàn)象的發(fā)生, 與卷積神經(jīng)網(wǎng)絡(luò)和多層感知器神經(jīng)網(wǎng)絡(luò)相比, 同等條件下測(cè)試精度提高了16.63% 和54.27%.

由于篇幅所限, 本專欄在當(dāng)前面向人工智能的密碼研究中只覆蓋了較窄的方面, 歡迎從事本方向研究的學(xué)者更多的向本刊投稿, 促進(jìn)這一領(lǐng)域研究成果的交流, 推動(dòng)人工智能領(lǐng)域密碼創(chuàng)新成果的實(shí)際應(yīng)用.

Artificial intelligence refers to human-like intelligence exhibited by computers, and machine learning is an important application of artificial intelligence. In a broad sense, machine learning can be understood as a calculation method for accurate prediction based on existing experience. Current machine learning algorithms have been used in many applications, such as text classification, natural language processing, speech recognition and synthesis, optical character recognition, image recognition and face detection, games, medical diagnosis, recommendation systems, robots, etc. These learning algorithms can be roughly classified into classification, regression, ranking, clustering, dimensionality reduction, and so on. Neural networks based deep learning has achieved great success in image classification, face recognition, image and video generation, natural language understanding, speech recognition and other applications. Artificial intelligence has become the most popular research field in computer science.

From the perspective of learning situations,machine learning can be divided into supervised learning, unsupervised learning, semi-supervised learning, online learning, reinforcement learning, active learning, etc. The key factor affecting the performance and accuracy of machine learning is the reliability and scale of data samples. Only with large-scale correct data can high-quality machine learning be guaranteed. Therefore, the data security protection of artificial intelligence is an important research direction of cryptography in the field of AI security. A current research hotspot is the use of new cryptographic mechanisms such as homomorphic encryption and secure multi-party computation(SMC) in the model training and inference stages of machine learning to ensure that accurate models or accurate prediction results are obtained without revealing user data.

Because artificial intelligence can help people improve the efficiency of predicting and discovering patterns from large amounts of data,using artificial intelligence to find cryptographic components with good cryptographic properties, or to help discover the design rules of cryptographic algorithms in the process of cryptographic analysis,and even the information leakage of cryptographic hardware are also an important direction in the field of cryptography.

This column contains 1 survey and 2 papers, hoping to promote research on the combination of artificial intelligence and cryptography.

The first review paper “A Survey on Encrypted Image Recognition Models” conducted a comprehensive survey on the privacy protection of image classification models based on encryption technology.SMC and homomorphic encryption based cryptographic schemes are introduced from the perspective of model training and model inference. The cryptographic application schemes have been compared,and the future research directions have been prospected.

The second paper “Fair Data Trading Based on Machine Learning” aims at data clustering, classification and other big data analysis requirements for data reliability and data transaction fairness,and proposes a fair data transaction protocol based on machine learning, using BP neural network.The Vector Commitment Protocol realizes the reliability verification of the transaction data between the data holder and the data consumer, and combines with the smart contract to achieve the fairness of the data.

The third paper “Research on Power Analysis Attack Based on Improved Residual Network and Data Augmentation Technology” uses artificial intelligence for side channel attacks on cryptographic chips. It proposes an improved residual network and data augmentation technology, which solves the problem of small sample training and reduces the occurrence of overfitting during the training process.Compared with convolutional neural networks and multilayer perceptron neural networks,the accuracy of test is improved by 16.63% and 54.27% under the equivalent conditions.

Due to space limitations, this column covers only a narrow aspect in the current artificial intelligence-oriented cryptographic research. Scholars engaged in this field of research are welcome to contribute more to this journal to promote the exchange of research results in this field, and promote practical application of cryptographic innovations in the field of AI.