Verifiable Computation

In the Wikipedia entry for “Verifiable computing,” verifiable computing (or verified computation / verified computing) enables a computer to offload the computation of some function to other, perhaps untrusted, clients while maintaining verifiable results. The other clients evaluate the function and return the result with a proof that the computation was carried out correctly.

The introduction of this notion came as a result of the increasingly common phenomenon of outsourcing computation to untrusted users in projects such as SETI@home, and of the growing desire of weak clients to outsource computational tasks to a more powerful computation service such as cloud computing.

What is NIZK?

Interactive Proofs (IPs) and Arguments. A Prover P and a Verifier V interact as follows: P solves a problem on a given input, tells V the answer, and then proves to V that the answer is correct.

The proof system must satisfy two properties:

  • Completeness: If the answer is true, the honest V will be convinced of this fact by an untrusted P (honest P in ZKP).
  • Soundness: If the answer is false, no P (no cheating P in ZKP) can convince the honest V that it is true, except with some small probability.

The difference between IPs and arguments is that the prover is restricted to be a polynomial-time algorithm for an interactive argument, whereas no such restriction applies for an interactive proof.

Zero-Knowledge Proof (ZKP) and Non-Interactive Proofs. ZKP is a method by which P can prove to V that they know a secret, without conveying any information apart from the fact that they know the secret. The additional requirement is:

  • Zero-knowledge: If the answer is true, no V learns anything other than the fact that the answer is true.

Non-interactive proofs require no interaction between P and V. Therefore, non-interactive zero-knowledge proofs (also known as NIZK, zk-SNARK) are zero-knowledge proofs that require no interaction between the prover and the verifier.

What is PCD?

Proof-Carrying Data (PCD) is a cryptographic primitive applied to distributed computing in a DAG (directed acyclic graph) setting, where multiple subjects without mutual trust generally participate.

In distributed computing, when a large operation is performed in multiple steps, the subject at each node sends a message including the result of its step to the subject who performs the next step. A proof is attached to the message, attesting to the correctness of the result at both the present node and the previous one.

PCD can usually be built by recursive proof composition of cryptographic proof systems such as SNARK. In recursive proof composition, in order to generate the proof as mentioned above, the verifier algorithm of the component proof system must be embedded in the arithmetic circuit proved by the system. However, depending on the time complexity of the verifier algorithm, the size of the proof grows larger as the operation proceeds, so verifying the proof can require more computation than performing the operation directly, making verification meaningless. Research on the types of proof systems that can be used as components of recursive proof composition, and on the method of recursive proof composition itself, is ongoing.

Secure Machine Learning (Cryptographic Approach)

With the successful development of deep learning, biometric authentication technology based on convolutional neural networks has remarkably advanced. ArcFace, based on a Residual neural network, is the recent state-of-the-art face recognition system and outputs highly discriminative feature templates for face authentication using additive angular margin loss.

However, when a face recognition system becomes able to compress face images into feature templates more and more compactly, the leakage of face templates becomes a more serious threat to user privacy. For example, face images can be reconstructed from face feature templates using neighborly de-convolutional neural networks, posing a serious threat to user privacy.

To address this, we developed a modular architecture, IronMask, for protecting face feature templates that can be combined with any face recognition system using an angular distance metric, such as SphereFace, CosFace, and ArcFace.

IronMask architecture overview from CVPR 2021

Blockchain

A number of third-party services require personal data, and users need to delegate personal data to service providers who may modify and share the data with other service providers. For example, patients must share their medical records with hospitals, which can be updated and shared among different departments, hospitals, and even insurance companies. Internet users have to consent to personal data collection to use various services (e.g., location-based services, social media services), and personal data may be updated and shared for use across inter-connected services.

Additionally, IoT devices in smart home systems exchange data with smart home hubs (e.g., Google Home, Amazon Alexa, Apple HomeKit). Even though such modification and sharing occur with the users’ consent, more transparency for the user is desired throughout the entire procedure.

Blockchain-based data provenance diagram

Personal data are shared by their owners with service providers for different needs, and these data can be modified and further shared among other service providers. For transparency and accountability of such delegated data, a personal data provenance monitoring system that records how owners’ data are propagated and modified is necessary. However, achieving this involves significant challenges, due to the decentralized relationships between different service providers.

Therefore, we propose using blockchain to track the provenance of owners’ data. For privacy reasons, what service providers can upload to the blockchain is limited to sharing records that do not reveal the data contents, and blockchain peers must validate these records without seeing the actual data. We propose a new extended vector commitment (EVC) scheme for monitoring personal data provenance in third-party services.

Functional Encryption

Functional Encryption (FE) is a new public key encryption system that extends the existing public-key encryption concept more flexibly. It is a public-key encryption that allows the decryption condition of a ciphertext to be specified as an arbitrary function. Functional Encryption guarantees complete privacy by not exposing unnecessary information related to the ciphertext to system outsiders or even system insiders.

The purpose of our ongoing research — Research on Functional Encryption Technique Design, Analysis and Implementation Technology, supported by IITP — is to obtain the important source technologies of FE, considered to be next-generation public-key encryption, and to study extended techniques of FE for cloud computing. We also study other cryptographic primitives such as lattices.