Course Information
- Instructor: Prof. Yupeng Zhang (zhangyp@tamu.edu)
- Lectures: MW 5:35 pm - 6:50 pm
- Office Hour: By appointment
Course Description and Prerequisites
This course covers techniques in applied cryptography and their applications in machine learning and blockchain to enhance data privacy. Related cryptographic techniques include secure multiparty computations, verifiable computations and zero knowledge proofs. We will discuss their basic concepts and state-of-the-art constructions. Additionally, we will talk about how to use these techniques to construct privacy-preserving machine learning, crypto-currencies and blockchain. We will focus on efficiency and functionality constraints in practice, and discuss challenges and solutions to efficiently realize these cryptographic protocols.
The course has no specific prerequisites. Basic knowledge of algorithms, data structures and programming is recommended.
Textbook and Resource Materials
No textbook is required for the course. Reading materials will be posted online during the semester
Schedule (tentative)
| Date | Sections | Topic | Readings | Deadline |
|---|---|---|---|---|
| 1/20 | Introduction | Introduction and logitics | ||
| 1/25 | Background on Cryptography | |||
| 1/27 | Secure Multiparty Computation and Privacy-Preserving Machine learning | Introduction to secure multiparty computation and Oblivious Transfer | Wikipedia | |
| 2/1 | Yao's Garbled circuit | |||
| 2/3 | GMW protocol | Youtube tutorial | Team Formation | |
| 2/8 | Malicious security and fairness | Cut and choose | ||
| 2/10 | Privacy-preserving machine learning and linear regression | SecureML | ||
| 2/15 | ABY3: A Mixed Protocol Framework for Machine Learning | |||
| 2/17 | Helen: Maliciously Secure Coopetitive Learning for Linear Models | |||
| 2/22 | Privacy-preserving logistic regression and neural networks | |||
| 2/24 | Verifiable Computation, Zero Knowledge Proof and Blockchain | Introduction to verifiable computation and zero knowledge proof | Merkle Hash Tree | Proposal due 2/25 |
| 3/1 | Introduction to blockchain and cryptocurrency | Bitcoin | ||
| 3/3 | Pricacy-preserving crypto-currencies | |||
| 3/8 | Customized solutions: RSA accumulators | RSA Accumulator | ||
| 3/10 | Customized solutions: Bilinear accumulators | Bilinear Accumulator | ||
| 3/15 | Midterm project presentation | |||
| 3/17 | Midterm project presentation | |||
| 3/22 | Generic solutions:SNARK | SNARK | ||
| 3/24 | ||||
| 3/29 | Smart contract | |||
| 3/31 | Privacy-preserving smart contract | Hawk | ||
| 4/5 | Security of Bitcoin Cash -- by Yu Shen | |||
| 4/7 | Generic solutions: interactive proofs | |||
| 4/12 | ||||
| 4/14 | ||||
| 4/19 | Final Project Presentations | |||
| 4/21 | ||||
| 4/26 | Final report due 5/2 |
Grading
Reading assignments: 35%. Students will submit reviews for one of the reading materials every week.
Course project: 65%. Students will form groups and complete research projects related to the topics of the course.
Links
Assignments and Gradebook: http://ecampus.tamu.edu/
Suggested topics for projects:
Secure Multiparty Computations
- Privacy-preserving decision trees and random forest training and/or predictions: apply MPC techniques to train decision tree and random forest models on encrypted data. 1. Understand decision tree and random forest. 2. Collect datasets and implement training and predictions on plaintext data. 3. Use only those computations efficiently supported by MPC, compare the accuracy to the baseline. 4. Implement the MPC protocol using existing libraries.
- Privacy-preserving SVM training and/or predictions: apply MPC techniques to train SVM models on encrypted data. 1. Understand SVM. 2. Collect datasets and implement training and predictions on plaintext data. 3. Use only those computations efficiently supported by MPC, compare the accuracy to the baseline. 4. Implement the MPC protocol using existing libraries.
- Privacy-preserving alternating direction method of multipliers (ADMM): apply MPC techniques to train models on encrypted data using ditributed training algorithms (such as ADMM). 1. Understand ADMM. 2. Collect datasets and implement training and predictions on plaintext data. 3. Use only those computations efficiently supported by MPC, compare the accuracy to the baseline. 4. Implement the MPC protocol.
Zero Knowledge Proof
- Zero knowledge proof for machine learning model predictions: generate a proof that the predictions of a secret model on a public testing dataset reaches certain accuracy. Design efficient ZKP protocols for convolution, neural networks and common activation functions.
- Contingent payment on blockchain with zero knowledge proof: design fair exchange protocols on blockchains using zero knowledge proofs.
- Privacy-preserving smart contracts: 1. Understand the mechanism of smart contract. 2. Find commonly used smart contracts on existing blockchains and cryptocurrencies. 3. Given general purpose ZKP, design protocols for privacy-preserving smart contracts. 4. Implement the ZKP protocol using existing libraries and optimize for those commonly used smart contracts.
Blockchains
- Information inference from public data on Bitcoin blockchain: 1. Understand the public data posted on the blockchain of Bitcoin and figure out ways to download the data. 2. Repeat data analysis from existing papers. 3. Design new attacks to infer sensitive information from the public data, such as dead coins and large volume transactions and its correlations with the price of bitcoin.
- Information inference from public data on Ethereum: Same as bitcoin. In addition, analyze the smart contracts.
- Scaling up blockchains: sharding, rollup (optimistim rollup and zk rollup) etc. Understand zk-rollup and its relationship to zero knowledge proofs. Survey existing protocols and challenges.
Ethics & Academic Integrity Statement and Policy
“An Aggie does not lie, cheat, or steal or tolerate those who do.” For additional information, please visit: http://aggiehonor.tamu.edu.
Upon accepting admission to Texas A&M University, a student immediately assumes a commitment to uphold the Honor Code, to accept responsibility for learning, and to follow the philosophy and rules of the Honor System. Students will be required to state their commitment on examinations, research papers, and other academic work. Ignorance of the rules does not exclude any member of the TAMU community from the requirements or the processes of the Honor System.