Silent Guardians: Independent and Secure Decision Tree Evaluation Without Chatter
About
As machine learning as a service (MLaaS) gains increasing popularity, it raises two critical challenges: privacy and verifiability. For privacy, clients are reluctant to disclose sensitive private information to access MLaaS, while model providers must safeguard their proprietary models. For verifiability, clients lack reliable mechanisms to ensure that cloud servers execute model inference correctly. Decision trees are widely adopted in MLaaS due to their popularity, interpretability, and broad applicability in domains like medicine and finance. In this context, outsourcing decision tree evaluation (ODTE) enables both clients and model providers to offload their sensitive data and decision tree models to the cloud securely. However, existing ODTE schemes often fail to address both privacy and verifiability simultaneously. To bridge this gap, we propose $\sf PVODTE$, a novel two-server private and verifiable ODTE protocol that leverages homomorphic secret sharing and a MAC-based verification mechanism. $\sf PVODTE$ eliminates the need for server-to-server communication, enabling independent computation by each cloud server. This ``non-interactive'' setting addresses the latency and synchronization bottlenecks of prior arts, making it uniquely suitable for wide-area network (WAN) deployments. To our knowledge, $\sf PVODTE$ is the first two-server ODTE protocol that eliminates server-to-server communication. Furthermore, $\sf PVODTE$ achieves security against \emph{malicious} servers, where servers cannot learn anything about the client's input or the providers' decision tree models, and servers cannot alter the inference result without being detected.
Related benchmarks
| Task | Dataset | Result | Rank | |
|---|---|---|---|---|
| Private Decision Tree Evaluation | HEART DISEASE | Online Running Time0.00e+0 | 12 | |
| Oblivious Decision Tree Evaluation | Oblivious Decision Tree Evaluation Theoretical | S2S Rounds0.00e+0 | 11 | |
| Private Decision Tree Evaluation | Breast cancer | Online Running Time36.3 | 8 | |
| Private Decision Tree Evaluation | Housing | Online Running Time1.16e+3 | 8 | |
| Private Decision Tree Evaluation | Spambase | Online Running Time1.86e+4 | 8 | |
| Private Decision Tree Evaluation | MINIST | Online Running Time1.48e+5 | 8 | |
| Secure Integer Comparison | t-bit integers | Secure Rounds0.00e+0 | 7 | |
| Decision Tree Evaluation | HEART DISEASE | Overall Latency (s)2.31 | 4 | |
| Decision Tree Evaluation | Breast cancer | Overall Latency (s)38.4 | 4 | |
| Decision Tree Evaluation | Housing | Overall Latency (s)1.23e+3 | 4 |