A Privacy Preserving Method with a Random Orthogonal Matrix for ConvMixer Models

In this paper, a privacy preserving image classification method is proposed under the use of ConvMixer models. To protect the visual information of test images, a test image is divided into blocks, and then every block is encrypted by using a random orthogonal matrix. Moreover, a ConvMixer model trained with plain images is transformed by the random orthogonal matrix used for encrypting test images, on the basis of the embedding structure of ConvMixer. The proposed method allows us not only to use the same classification accuracy as that of ConvMixer models without considering privacy protection but to also enhance robustness against various attacks compared to conventional privacy-preserving learning.

Block Scrambling Image Encryption Used in Combination with Data Augmentation for Privacy-Preserving DNNs

In this paper, we propose a novel learnable image encryption method for privacy-preserving deep neural networks (DNNs). The proposed method is carried out on the basis of block scrambling used in combination with data augmentation techniques such as random cropping, horizontal flip and grid mask. The use of block scrambling enhances robustness against various attacks, and in contrast, the combination with data augmentation enables us to maintain a high classification accuracy even when using encrypted images. In an image classification experiment, the proposed method is demonstrated to be effective in privacy-preserving DNNs.