Cryptographic protection of ML models
2021-09-03, 10:00–10:40, Main track

Imagine a system that operates with ML models. These models are unique and work with user-generated content better than anyone else. For various business reasons, instead of running one large sophisticated model on the server, developers have to to run models on mobile devices (viva TensorFlow!). Our challenge is to protect these models from leakage and massive accumulation, which leads to reverse engineering of their unique approach.

This talk explains building DRM-like protection with end-to-end encryption using envelope encryption on ephemeral keys. We will discuss risks, threats, dataflow, cryptographic layer, key management and integration with traditional appsec controls for defense-in-depth approach.

Tags: blue team, security engineering, design of security controls, e2ee, cryptography, mobile and backend

Head of customer solutions, security software engineer at Cossack Labs

I am a software engineer with ~10 years of experience in many languages and technologies, specialising in security engineering, data security and applied cryptography.