Menu
Semantics, Cybersecurity & Services (SCS)
Semantics, Cybersecurity & Services (SCS)
UTFacultiesEEMCSDisciplines & departmentsSCSEducationAssignmentsOpen AssignmentsOpen Master AssignmentsVerifiable fairness in ML using zero-knowledge proofs

Verifiable fairness in ML using zero-knowledge proofs

MAster assignment

Verifiable fairness in ML using zero-knowledge proofs

Type: Master CS

Period: Start date: as soon as possible

Student: Unassigned

If you are interested please contact:

Picture of ing. M.F.D. Damie (Marc)
ing. M.F.D. Damie (Marc) Researcher
+31534897162
 m.f.d.damie@utwente.nl
Building: Zilverling 2042
Personal page
Picture of dr.ing. F.W. Hahn (Florian)
dr.ing. F.W. Hahn (Florian) Assistant Professor
+31534898833
 f.w.hahn@utwente.nl
Building: Zilverling 2025
Personal page

Context: 
With the increasing usage of machine learning (ML) applications in our societies, there are raising concerns about algorithmically induced bias. This bias can have significant social impact when it is towards ethnicity, gender, or other sensitive attributes. To mitigate this issue, various ML works described approaches to achieve a “fair” ML [1]. Among these approaches, fairness metrics [2] drew a lot of attention as they enable measuring the fairness of ML models. While fairness metrics are promising tools for transparency in ML deployments, they still require trusting the ML practitioners. Indeed, there exists no method to verify that a company provides its real fairness metrics. As unfairness could be a significant block either for law compliance or reputation, companies would have incentives to lie about the metrics. The best existing solution is to delegate a fairness audit to a trusted third party. However, external audit raises other issues about trust (e.g., how to verify the company is using the audited model?). Hence, we need methods to verify the model fairness while keeping it secret (to protect privacy and/or intellectual property). Over the last decades, cryptographers designed protocols, known as zero-knowledge proofs (ZKP), to prove various statements about secret data. Recent progress in this field enabled using ZKP for ML applications [9, 10]. ZKP could be a key building block for verifying fairness in ML. A few works [3, 4, 5] already started investigating the potential of ZKP in fair ML. However, they all studied limited setups (e.g., relaxed fairness notions). The output of this project could also be valuable to support recent EU digital regulations. For example, the European Commission is preparing a ”Digital Fairness Act” for 2025. ZKP-based fairness verifications would be an essential tool to bring transparency and trust in digital services.

Objectives:

The goal of this master thesis would be to design ZKP protocols to verify fairness under rather generic assumptions. Concretely, these protocols should support as many trust assumptions, ML models, and fairness metrics as possible. To achieve this goal, we would rely on recent advances from the ML [6] and ZKP research [8]. Another side objective would be to precisely describe the potential applications and their contraints. For example, these ZKP protocols can also have an interest in decentralized learning setups [7]. Despite the recent ad-vances, there may remain some setups, models or metrics for which the fairness verification is impossible. Hence, this work would be the occasion to perform a systemization of knowledge and identify gaps in the ML and ZKP literatures.

References:

  1. S. Caton and C. Haas, ‘Fairness in Machine Learning: A Survey’, ACM Comput. Surv., Aug. 2023, doi: 10.1145/3616865.
  2. G. Alves, F. Bernier, M. Couceiro, K. Makhlouf, C. Palamidessi, and S. Zhioua, ‘Survey on fairness notions and related tensions’, EURO Journal on Decision Processes, vol. 11, p. 100033, Jan. 2023, doi: 10.1016/j.ejdp.2023.100033.
  3. N. Kilbertus, A. Gascon, M. Kusner, M. Veale, K. Gummadi, and A. Weller, ‘Blind Justice: Fairness with Encrypted Sensitive Attributes’, in Proceedings of the 35th International Conference on Machine Learning, PMLR, Jul. 2018, pp. 2630–2639.
  4. A. S. Shamsabadi et al., ‘Confidential-PROFITT: Confidential PROof of FaIr Training of Trees’, presented at the International Conference on Learning Representations, Feb. 2023.
  5. E. Toreini, M. Mehrnezhad, and A. van Moorsel, ‘Verifiable Fairness: Privacy-preserving Computation of Fairness for Machine Learning Systems’. arXiv, Sep. 12, 2023.
  6. P. Mangold, M. Perrot, A. Bellet, and M. Tommasi, ‘Differential Privacy has Bounded Impact on Fairness in Classification’, in Proceedings of the 40th International Conference on Machine Learning, PMLR, Jul. 2023, pp. 23681–23705.
  7. Y. H. Ezzeldin, S. Yan, C. He, E. Ferrara, and A. S. Avestimehr, ‘FairFed: Enabling Group Fairness in Federated Learning’, Proceedings of the AAAI Conference on Artificial Intelligence, vol. 37, no. 6, Art. no. 6, Jun. 2023, doi: 10.1609/aaai.v37i6.25911.
  8. C. Sabater, F. Hahn, A. Peter, and J. Ramon, ‘Private Sampling with Identifiable Cheaters’, PoPETs, vol. 2023, no. 2, pp. 361–383, Apr. 2023, doi: 10.56553/popets-2023-0058.
  9. D. Kang, T. Hashimoto, I. Stoica, and Y. Sun, ‘Scaling up Trustless DNN Inference with Zero-Knowledge Proofs’. arXiv, Oct. 16, 2022.
  10. C. Weng, K. Yang, X. Xie, J. Katz, and X. Wang, ‘Mystique: Efficient Conversions for Zero-Knowledge Proofs with Applications to Machine Learning’, presented at the 30th USENIX Security Symposium (USENIX Security 21), 2021, pp. 501–518.
Close
Suggestions