zkMLaaS: a Verifiable Scheme for Machine Learning as a Service

Abstract

Machine Learning as a Service is a promising service for individuals and companies who would like to delegate model training to third parties. The customers desire proof of the integrity of the model training to prevent potential backdoor attacks launched by the server, while the server desires to prove the integrity without revealing their intellectual assets, hyper-parameters of the training scheme. Zero-knowledge proof, a cryptographic tool can theoretically satisfy the above demand, but is still practically infeasible due to the inefficiency of proving. Thus, we propose zkMLaaS, a privacy-preserving and verifiable scheme for efficient training proof generation in the MLaaS scenario. zkMLaaS features a two-round challenge-response pro-tocol equipped with the random sampling. This greatly reduces the time cost of proof generation and ensures the integrity of training procedure simultaneously. We analyze the security of zkMLaaS and conduct comprehensive evaluation which shows it saves around 273× times compared with naive scheme.

Type
Publication
IEEE Global Communications Conference
Click the Cite button above to demo the feature to enable visitors to import publication metadata into their reference management software.
Shijing Si
Shijing Si
Researcher