TY - GEN
T1 - Confidential and Verifiable Machine Learning Delegations on the Cloud
AU - Wu, Wenxuan
AU - Homsi, Soamar
AU - Zhang, Yupeng
N1 - This work is funded by the AFRL/RI, Rome, NY, USA under Contract Number FA8750-22-2-0267. The views and conclusions contained herein are those of the authors and should not be interpreted asnecessarily representing the official policies or endorsements, either expressed or implied, of the Air. Approved for Public Release on 16 Mar 2024. Distribution is Unlimited. Case Number: AFRL-2024-1294.
PY - 2024
Y1 - 2024
N2 - With the growing adoption of cloud computing, the ability to store data and delegate computations to powerful and affordable cloud servers have become advantageous for both companies and individual users. However, the security of cloud computing has emerged as a significant concern. Particularly, Cloud Service Providers (CSPs) cannot assure data confidentiality and computations integrity in mission-critical applications. In this paper, we propose a confidential and verifiable delegation scheme that advances and overcomes major performance limitations of existing Secure Multiparty Computation (MPC) and Zero Knowledge Proof (ZKP). Secret-shared Data and delegated computations to multiple cloud servers remain completely confidential as long as there is at least one honest MPC server. Moreover, results are guaranteed to be valid even if all the participating servers are malicious. Specifically, we design an efficient protocol based on interactive proofs, such that most of the computations generating the proof can be done locally on each server. In addition, we propose a special protocol for matrix multiplication where the overhead of generating the proof is asymptotically smaller than the time to evaluate the result in MPC. Experimental evaluation demonstrates that our scheme significantly outperforms prior work, with the online prover time being 1–2 orders of magnitude faster. Notably, in the matrix multiplication protocol, only a minimal 2% of the total time is spent on the proof generation. Furthermore, we conducted tests on machine learning inference tasks. We executed the protocol for a fully-connected neural network with 3 layers on the MNIST dataset and it takes 2.6 s to compute the inference in MPC and generate the proof, 88× faster than prior work. We also tested the convolutional neural network of Lenet with 2 convolution layers and 3 dense layers and the running time is less than 300 s across three servers.
AB - With the growing adoption of cloud computing, the ability to store data and delegate computations to powerful and affordable cloud servers have become advantageous for both companies and individual users. However, the security of cloud computing has emerged as a significant concern. Particularly, Cloud Service Providers (CSPs) cannot assure data confidentiality and computations integrity in mission-critical applications. In this paper, we propose a confidential and verifiable delegation scheme that advances and overcomes major performance limitations of existing Secure Multiparty Computation (MPC) and Zero Knowledge Proof (ZKP). Secret-shared Data and delegated computations to multiple cloud servers remain completely confidential as long as there is at least one honest MPC server. Moreover, results are guaranteed to be valid even if all the participating servers are malicious. Specifically, we design an efficient protocol based on interactive proofs, such that most of the computations generating the proof can be done locally on each server. In addition, we propose a special protocol for matrix multiplication where the overhead of generating the proof is asymptotically smaller than the time to evaluate the result in MPC. Experimental evaluation demonstrates that our scheme significantly outperforms prior work, with the online prover time being 1–2 orders of magnitude faster. Notably, in the matrix multiplication protocol, only a minimal 2% of the total time is spent on the proof generation. Furthermore, we conducted tests on machine learning inference tasks. We executed the protocol for a fully-connected neural network with 3 layers on the MNIST dataset and it takes 2.6 s to compute the inference in MPC and generate the proof, 88× faster than prior work. We also tested the convolutional neural network of Lenet with 2 convolution layers and 3 dense layers and the running time is less than 300 s across three servers.
KW - Privacy-preserving Machine Learning
KW - Secure Multiparty Computations
KW - Zero-Knowledge Proof
UR - http://www.scopus.com/inward/record.url?scp=85204545650&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85204545650&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-70890-9_10
DO - 10.1007/978-3-031-70890-9_10
M3 - Conference contribution
AN - SCOPUS:85204545650
SN - 9783031708893
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 182
EP - 201
BT - Computer Security – ESORICS 2024 - 29th European Symposium on Research in Computer Security, Proceedings
A2 - Garcia-Alfaro, Joaquin
A2 - Kozik, Rafał
A2 - Choraś, Michał
A2 - Katsikas, Sokratis
PB - Springer
T2 - 29th European Symposium on Research in Computer Security, ESORICS 2024
Y2 - 16 September 2024 through 20 September 2024
ER -