On the hardware and software protection of trusted artificial intelligence applications in RNS bases
with interval positional characteristics of decision rules 

Vladimir S. Knyazkov, Doctor of engineering sciences, professor, principal researcher of the Research Institute of Fundamental and Applied Research, Penza State University (40 Krasnaya street, Penza, Russia), E-mail: kniazkov@list.ru
Aleksandr I. Ivanov, Doctor of engineering sciences, professor, scientific adviser, Penza Scientific Research Electrotechnical Institute (9 Sovetskaya street, Penza, Russia), E-mail: ivan@pniei.penza.ru
Konstantin S. Isupov, Candidate of engineering sciences, associate professor, associate professor of the sub-department of electronic computers, Vyatka State University (36 Moskovskaya street, Kirov, Russia), E-mail: isupov.k.s.work@gmail.com
Mikhail M. Butayev, Doctor of engineering sciences, professor, scientific secretary, Research and Production Enterprise “Rubin” (2 Baydukova street, Penza, Russia), E-mail: isupov.k.s.work@gmail.com

Background. The purpose of the study is to describe the potential advantages of hardware and software protection of neural network applications of artificial intelligence. Materials and methods. Due to the universality of neural network applications, attention is focused on the advantages of representing any decision rules of artificial intelligence through their decomposition in the form of one or another neural network architecture. As an example, the problem of secure biometric authentication of a person's identity is considered using a fast learning algorithm recommended by the State Standard R 52633.5–2011. The simplicity of software implementation of artificial neurons in an untrusted computing environment is noted, since when implementing many of them it is sufficient to use only two operations: the addition operation «+» and the multiplication operations «×». The prospect of supporting homomorphism with respect to four additional operations is discussed: comparison of numbers, determination of sign, summation overflow, multiplication overflow. Results and conclusions. Classical cryptographic algorithms for homomorphic encryption of the content of decision rules cannot be implemented on the basis of low-power USB cards with programmable logic matrices. This problem is removed if compact noncryptographic transformations based on programming in a set of residual class systems are used to support the homomorphism of neural network decision rules.

homomorphic encryption, neural network applications, programming in residual class systems, expanding the number of homomorphic mathematical operations

Knyazkov V.S., Ivanov A.I., Isupov K.S., Butayev M.M. On the hardware and software protection of trusted artificial intelligence applications in RNS bases with interval positional characteristics of decision rules. Izvestiya vysshikh uchebnykh zavedeniy. Povolzhskiy region. Tekhnicheskie nauki = University proceedings. Volga region. Engineering sciences. 2024;(4):50–69. (In Russ.). doi: 10.21685/2072-3059-2024-4-5