Zero Knowledge Proofs for Decision Tree Predictions and Accuracy
Jiaheng Zhang,Zhiyong Fang,Yupeng Zhang,Dawn Song +3 more
- pp 2039-2053
Reads0
Chats0
TLDR
The study of zero knowledge machine learning is initiated and protocols for zero knowledge decision tree predictions and accuracy tests are proposed, which allow the owner of a decision tree model to convince others that the model computes a prediction on a data sample, or achieves a certain accuracy on a public dataset without leaking any information about the model itself.Abstract:
Machine learning has become increasingly prominent and is widely used in various applications in practice. Despite its great success, the integrity of machine learning predictions and accuracy is a rising concern. The reproducibility of machine learning models that are claimed to achieve high accuracy remains challenging, and the correctness and consistency of machine learning predictions in real products lack any security guarantees. In this paper, we initiate the study of zero knowledge machine learning and propose protocols for zero knowledge decision tree predictions and accuracy tests. The protocols allow the owner of a decision tree model to convince others that the model computes a prediction on a data sample, or achieves a certain accuracy on a public dataset, without leaking any information about the model itself. We develop approaches to efficiently turn decision tree predictions and accuracy into statements of zero knowledge proofs. We implement our protocols and demonstrate their efficiency in practice. For a decision tree model with 23 levels and 1,029 nodes, it only takes 250 seconds to generate a zero knowledge proof proving that the model achieves high accuracy on a dataset of 5,000 samples and 54 attributes, and the proof size is around 287 kilobytes.read more
Citations
More filters
Journal ArticleDOI
Machine Learning for Intrusion Detection in Industrial Control Systems: Applications, Challenges, and Recommendations
TL;DR: In this paper , a survey focusing on four types of methods from machine learning for intrusion and anomaly detection, namely, supervised, semi-supervised, unsupervised and reinforcement learning, is presented.
Posted Content
Doubly Efficient Interactive Proofs for General Arithmetic Circuits with Linear Prover Time.
TL;DR: A new doubly efficient interactive proof protocol for general arithmetic circuits that generalizes the interactive proof for layered circuits proposed by Goldwasser, Kalai and Rothblum to arbitrary circuits, while preserving the optimal prover complexity that is strictly linear to the size of the circuits.
Proceedings ArticleDOI
PipeZK: accelerating zero-knowledge proof with a pipelined architecture
Ye Zhang,Shuo Wang,Xian Zhang,Jiangbin Dong,Xingzhong Mao,Fan Long,Cong Wang,Dong Zhou,Mingyu Gao,Guangyu Sun +9 more
TL;DR: PipeZK as mentioned in this paper is a pipelined accelerator with two subsystems to handle the aforementioned two intensive compute tasks, respectively, which can achieve 10x speedup on standard cryptographic benchmarks, and 5x on a widely-used cryptocurrency application, Zcash.
Book ChapterDOI
Orion: Zero Knowledge Proof with Linear Prover Time
TL;DR: For example, Orion as discussed by the authors achieves O(N) prover time of field operations and hash functions and O(log 2 N) proof size, which is the fastest known proof system.
Proceedings ArticleDOI
Doubly Efficient Interactive Proofs for General Arithmetic Circuits with Linear Prover Time
TL;DR: In this article, the authors proposed a doubly efficient interactive proof protocol for general arithmetic circuits, which can be used to construct a zero-knowledge argument scheme for arithmetic circuits with polynomial commitments.
References
More filters
Book ChapterDOI
How to prove yourself: practical solutions to identification and signature problems
Amos Fiat,Adi Shamir +1 more
TL;DR: Simple identification and signature schemes which enable any user to prove his identity and the authenticity of his messages to any other user without shared or public keys are described.
Journal ArticleDOI
The knowledge complexity of interactive proof systems
TL;DR: A computational complexity theory of the “knowledge” contained in a proof is developed and examples of zero-knowledge proof systems are given for the languages of quadratic residuosity and 'quadratic nonresiduosity.
Proceedings ArticleDOI
Model Inversion Attacks that Exploit Confidence Information and Basic Countermeasures
TL;DR: A new class of model inversion attack is developed that exploits confidence values revealed along with predictions and is able to estimate whether a respondent in a lifestyle survey admitted to cheating on their significant other and recover recognizable images of people's faces given only their name.
Book ChapterDOI
A Certified Digital Signature
TL;DR: A practical digital signature system based on a conventionalryption function which is as secure as the conventional encryption function is described, without the several years delay required for certification of an untested system.