Secure Model Verification and Privacy Preservation with ZK-SNARKs and Neural Networks

Seriner Gerenli, Dursun Oylum
Neural networks are widely used learning models to achieve successful results in many application areas today. However, proving and sharing the accuracy and reliability of these networks is often limited due to privacy and security challenges. In this study, a method of cryptographic proving the accuracy of neural networks without revealing their intrinsic components is presented. The method is presented by using the Circom programming language to create a circuit containing these elements by making use of the final weights, bias values, and inputs of the neural networks. The use of the Circom programming language makes it possible to convert neural network elements into electronic circuits. The resulting circuit contains the representation of the neural network model and mimics the transformation from inputs to outputs. It is also used with Groth16 which is a Zero Knowledge Proof system to prove the accuracy of the neural network without leaking private information. As in this study, the newly produced circuit can be used with the help of zkREPL or terminal. As a result, an experimental method is presented to prove the real-world performance of the neural network model and increase the reliability of the model, and using the knowledge found in the literature, an approach has been explored to be implemented to solve current security problems. In this way, the correctness of the model can be proven without directly telling the hidden inputs to the other party.
Citation Formats
D. O. Seriner Gerenli, “Secure Model Verification and Privacy Preservation with ZK-SNARKs and Neural Networks,” M.S. - Master of Science, Middle East Technical University, 2023.