vCNN: Verifiable Convolutional Neural Network Based on zk-SNARKs
- Authors
- Lee, Seunghwa; Ko, Hankyung; Kim, Jihye; Oh, Hyunok
- Issue Date
- Jul-2024
- Publisher
- IEEE COMPUTER SOC
- Keywords
- Convolutional neural networks; verifiable computation; zk-SNARKs; Convolutional neural networks; verifiable computation; zk-SNARKs
- Citation
- IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, v.21, no.4, pp 4254 - 4270
- Pages
- 17
- Indexed
- SCIE
SCOPUS
- Journal Title
- IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING
- Volume
- 21
- Number
- 4
- Start Page
- 4254
- End Page
- 4270
- URI
- https://scholarworks.bwise.kr/hanyang/handle/2021.sw.hanyang/213081
- DOI
- 10.1109/TDSC.2023.3348760
- ISSN
- 1545-5971
1941-0018
- Abstract
- It is becoming important for the client to be able to check whether the AI inference services have been correctly calculated. Since the weight values in a CNN model are assets of service providers, the client should be able to check the correctness of the result without them. The Zero-knowledge Succinct Non-interactive Argument of Knowledge (zk-SNARK) allows verifying the result without input and weight values. However, the proving time in zk-SNARK is too slow to be applied to real AI applications. This article proposes a new efficient verifiable convolutional neural network (vCNN) framework that greatly accelerates the proving performance. We introduce a new efficient relation representation for convolution equations, reducing the proving complexity of convolution from O(ln) to O(l+n) compared to existing zero-knowledge succinct non-interactive argument of knowledge (zk-SNARK) approaches, where l and n denote the size of the kernel and the data in CNNs. Experimental results show that the proposed vCNN improves proving performance by 20-fold for a simple MNIST and 18,000-fold for VGG16. The security of the proposed scheme is formally proven.
- Files in This Item
-
Go to Link
- Appears in
Collections - 서울 공과대학 > 서울 정보시스템학과 > 1. Journal Articles

Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.