Researchers create innovative verification techniques to increase security in artificial intelligence and image processing
29 April 2024
The results not only improve the efficiency and scalability of cryptographic proof systems, but also open up new possibilities for ensuring the integrity, fairness and privacy of data processing tasks in various applications of AI and image processing.
PICOCRYPT

A team of researchers from the IMDEA Software Institute, Carlos III University of Madrid and NEC Laboratories Europe has introduced a novel framework that promises to improve the efficiency and practicality of verifiable computation. The research, detailed in the paper 'Modular Sumcheck Proofs with Applications to Machine Learning and Image Processing,' addresses the scalability and modularity challenges faced by both general proof systems and solutions tailored to specific applications in artificial intelligence and image processing.
 

Context


Verifiable computation comprises a family of cryptographic techniques that provide an unforgeable guarantee that some third party, such as a company or a cloud server, has performed correct processing of a user's data. Proving that an image or a video has been edited, that a prediction made by artificial intelligence comes from an audited model, or that only customer-provided data has been used in a creditworthiness decision are some examples of what these techniques enable. In addition, verifiable computation is compatible with data privacy, so that, for example, the algorithms used by the server in the calculation are kept confidential.

Verifiable computation provides integrity, fairness and privacy, essential properties in applications that outsource data processing tasks. Within the possible solutions, there are general proof systems, such as those used in some blockchain, which have scalability problems when dealing with computations with large amounts of data. On the other hand, solutions designed specifically for these applications are more efficient, but often incompatible with each other, making it difficult to scale them up or integrate them into larger data processing chains.
 

The study


Researchers have introduced a new framework aimed at bridging this gap by combining the performance advantages of custom solutions with the versatility of general-purpose test systems. At its core is a modular approach to verifiable computation of sequential operations, which is based on a new cryptographic primitive known as VE (Verifiable Evaluation Scheme).

The researchers demonstrate the practical application of their framework in artificial intelligence by proposing a novel VE adapted to convolution operations, capable of handling multiple interconnected input and output channels. 'Our protocol can be easily integrated into a data processing chain to enable full verification of, for example, predictions made by convolutional neural networks (CNNs), which are the basis of most artificial intelligence models,' says David Balbás, PhD student at IMDEA Software and researcher of this study. In addition, the paper also presents new VEs for image processing, which allow efficient verification of editing or retouching, including operations such as cropping, blurring, rescaling and other more complex operations.

The team has produced a prototype application of its testing systems that is a significant improvement on existing techniques. 'Our benchmarking shows that our proofs are five times faster to generate and ten times faster to verify than the best existing solutions so far, in addition to introducing theoretical innovations in the algorithms,' explains Damien Robissout, research programmer at Institute IMDEA Software and also co-author of the study.

These results not only improve the efficiency and scalability of cryptographic proof systems but also open up new possibilities for ensuring the integrity, fairness and privacy of data processing tasks in various applications of artificial intelligence and image processing. The application generated in the study is open source and its modular nature paves the way for its extension and integration into various tools within a data processing chain. In this way, the researchers clear the way for versatile and robust deployment of verifiable computation in applications as diverse as financial ethics, personal data protection or artificial intelligence regulation, among others.


Disclaimer


This press release is a result of collaboration between the host institution of an ERC grant and the European Research Council Executive Agency (ERCEA). Online project information and links published in this press release are correct when on the day of the publication goes to press. The ERC cannot be held responsible for information which is out of date or websites that are no longer live. Neither the ERCEA nor any person acting on its behalf is responsible for the use that may be made of the information contained in this press release or for any errors that may remain in the texts, despite the care taken in preparing them.

Title
Project information

Body

PICOCRYPT
Cryptography for Privacy and Integrity of Computation on Untrusted Machines

Researcher: Dario Fiore

Host institution: IMDEA Software Institute (ES)

Call details: ERC-2020-CoG, Computer Science & Informatics (PE6)

ERC funding: €1 999 873

This work is part of PICOCRYPT project that has received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation programme (Grant agreement No. 101001283).