Cryptology ePrint Archive: Report 2021/730

Mystique: Efficient Conversions for Zero-Knowledge Proofs with Applications to Machine Learning

Chenkai Weng and Kang Yang and Xiang Xie and Jonathan Katz and Xiao Wang

Abstract: Recent progress in interactive zero-knowledge (ZK) proofs has improved the efficiency of proving large-scale computations significantly. Nevertheless, real-life applications (e.g., in the context of private inference using deep neural networks) often involve highly complex computations, and existing ZK protocols lack the expressiveness and scalability to prove results about such computations efficiently.

In this paper, we design, develop, and evaluate a ZK system (Mystique) that allows for efficient conversions between arithmetic and Boolean values, between publicly committed and privately authenticated values, and between fixed-point and floating-point numbers. Targeting large-scale neural-network inference, we also present an improved ZK protocol for matrix multiplication that yields a 7 improvement compared to the state-of-the-art. Finally, we incorporate Mystique in Rosetta, a TensorFlow-based privacy-preserving framework.

Mystique is able to prove correctness of an inference on a private image using a committed (private) ResNet-101 model in 28 minutes, and can do the same task when the model is public in 5 minutes, with only a 0.02% decrease in accuracy compared to a non-ZK execution when testing on the CIFAR-10 dataset. Our system is the first to support ZK proofs about neural-network models with over 100 layers with virtually no loss of accuracy.

Category / Keywords: cryptographic protocols / zero-knowledge proofs

Original Publication (with minor differences): USENIX Security 2021

Date: received 31 May 2021

Contact author: ckweng at u northwestern edu,yangk@sklc org,xiexiang@matrixelements com,jkatz2@gmail com,wangxiao@cs northwestern edu

Available format(s): PDF | BibTeX Citation

Version: 20210602:115212 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]