Kjamilji, Artrim2024-05-202024-05-202024https://hdl.handle.net/11467/7272https://doi.org/10.1109/TII.2024.3384523A server has a trained machine learning model in the form of a decision tree (DT), while one or more client(s) have unlabeled queries that they wish to classify using the server's model under strict security, privacy, and efficiency requirements on both sides. To do so, initially, based on lightweight cryptographic primitives, which are shown to be resistant to quantum computer attacks, a few secure buildings are adopted, improved, and adjusted to fit this scenario. On top of them, a novel secure and private DT evaluation and its extension over malicious clients protocols are proposed, which are both proven to be secure. In the process, we use the sum of paths of inner nodes from the root to the leaves of the DT, which in turn utilizes the comparison of threshold values of the tree nodes and the corresponding query feature values (entries). Theoretical analysis and extensive experimental evaluations over benchmark datasets show that the proposed protocols outperform the majority (if not all) of the related state-of-the-art schemes in terms of computation and communication costs as well as on security and privacy characteristics. Furthermore, the proposed protocols are shown to be resistant to side-channel attacks. This makes the proposed protocol suitable for the postquantum world of the industrial Internet of Things, which demands strict security and privacy requirements on devices with restricted hardware/networking resources.eninfo:eu-repo/semantics/embargoedAccessClassification, Decision trees (DTs), Homomorphic encryption, Machine learning (ML), Malicious clients, Postquantum cryptography, Secure industrial Internet of Things (IIoT)ArticleN/AWOS:001214370100001N/A2-s2.0-8519219162910.1109/TII.2024.3384523