zkMLaaS: a Verifiable Scheme for Machine Learning as a Service.

Machine Learning as a Service is a promising service for individuals and companies who would like to delegate model training to third parties. The customers desire proof of the integrity of the model training to prevent potential backdoor attacks launched by the server, while the server desires to prove the integrity without revealing their intellectual assets, hyperparameters of the training scheme. Zero-knowledge proof, a cryptographic tool can theoretically satisfy the above demand, but is still practically infeasible due to the inefficiency of proving. Thus, we propose zkMLaaS, a privacy-preserving and verifiable scheme for efficient training proof generation in the MLaaS scenario. zkMLaaS features a two-round challenge-response protocol equipped with the random sampling. This greatly reduces the time cost of proof generation and ensures the integrity of training procedure simultaneously. We analyze the security of zkMLaaS and conduct comprehensive evaluation which shows it saves around 273x times compared with naive scheme.