Priv-IoT: Privacy-Preserving Machine Learning in IoT Utilizing TEE and Lightweight Ciphers

EasyChair Preprint 15580

Abstract

The need for lightweight cryptographic primitives is greater than ever due to the rapid advancements in the Internet of Things (IoT) and the increasing presence of resource-constrained devices. In response to this, the NIST has standardized the ASCON lightweight authenticated encryption with associated data (AEAD) and hash algorithm as a stan- dard for lightweight cryptography (LWC). Besides protected IoT data communications, IoT data analytics is crucial for operational efficiency, data-driven innovation, improved decision-making, and predictive main- tenance. We consider a real-world scenario of Cloud-IoT where an IoT application is connected to a (potentially untrusted) cloud. In this paper, we propose Priv-IoT, a privacy-preserving machine learning (PPML) sys- tem, using it an IoT application owner can securely transport IoT data to the cloud and enable secure machine learning (ML) on the IoT data. Our secure IoT data transport protocol is based on a lightweight AEAD scheme and a standard security protocol (e.g., TLS) to resist against var- ious external and internal attacks. We enable secure ML analytics using a trusted execution environment (e.g., Intel-SGX) in the bring-your-own- encryption paradigm. We prototype and evaluate our proposed system using a list of LWC algorithms and fundamental regression algorithms in SGX, and present extensive experimental results on real-world datasets.

Keyphrases: IoT, Lightweight Cryptography, Trusted Execution Environment, machine learning

@booklet{EasyChair:15580,
  author    = {Arash Kariznovi and Kalikinkar Mandal},
  title     = {Priv-IoT: Privacy-Preserving Machine Learning in IoT Utilizing TEE and Lightweight Ciphers},
  howpublished = {EasyChair Preprint 15580},
  year      = {EasyChair, 2024}}