MC2 Researchers Present Seven Papers at ACM Security Conference

Published October 23, 2024

Researchers affiliated with the Maryland Cybersecurity Center (MC2) had seven papers accepted to the 2024 Association for Computing Machinery Conference on Computer and Communications Security (ACM CCS), held from October 14–18 in Salt Lake City.

The MC2 papers explored a range of subjects, including secure verification of deep learning models, efficient zero-knowledge proofs for RAM programs, steganography in diffusion models, and practical de-identification methods.

These diverse topics reflect a strong commitment to advancing secure and privacy-focused technologies, says Michelle Mazurek, an associate professor of computer science and the director of MC2.

“This latest round of accepted papers underscores the center’s dedication to the field of cryptography and privacy,” Mazurek says. “Each contribution showcases innovative solutions that enhance security and build trust in emerging technologies.”

Papers presented at ACM CCS were:

“Zero-Knowledge Proofs of Training for Deep Neural Networks,” offers a secure and efficient solution for proving correct model training without revealing details about the model or dataset. It uses an optimized proof system for gradient descent, ensuring fast prover runtime and small, constant proof size. This allows for efficient verification and practical use, independent of the number of training iterations or dataset size. The MC2-affiliated co-authors are Kasra Abbaszadeh(lead author) and Jonathan Katz.

“Dora: A Simple Approach to Zero-Knowledge for RAM Programs,” presents an innovative solution to the tradeoff between processor expressiveness and performance. By making it nearly free to add instructions, Dora improves zero-knowledge proofs for RAM programs without sacrificing efficiency. Using a ZKBag, a cryptographic primitive, Dora maintains constant computational and communication complexity regardless of instruction count, proving correct execution in milliseconds per step on commodity hardware. Gabriel Kaptchuk is the MC2-affiliated author of this work.

“Pulsar: Secure Steganography for Diffusion Models,” explores a cutting-edge framework for embedding sensitive messages in images generated by diffusion models. It optimizes the use of variance noise during image generation, allowing for the secure embedding of 320–613 bytes without compromising image quality. This work highlights the potential of diffusion models for steganography and contributes to ongoing research in censorship resistance. Gabriel Kaptchuk is the MC2-affiliated author of this work.

“A Qualitative Analysis of Practical De-identification Guides,” examines the methods and challenges of de-identifying sensitive personal data. By analyzing 38 online de- identification guides, it highlights trends, inconsistencies and gaps in definitions, threat coverage and usability. The study calls for improved, accessible guidance to help practitioners balance risk and utility effectively. The MC2-affiliated co-authors are Wentao Guo (lead author), Aditya Kishore and Michelle Mazurek.

“HEKATON: Horizontally-Scalable zkSNARKs via Proof Aggregation,” introduces a framework for efficiently managing large computations in zero-knowledge proofs using a “distribute-and-aggregate” method. It breaks computations into smaller chunks, proves them in parallel, and aggregates the results into a succinct proof. This approach significantly enhances the scalability of zero-knowledge succinct non-interactive arguments of knowledge (zkSNARKs), achieving linear proving time reductions and effectively handling computations of substantial size, with potential applications in verifiable key directories and RAM computations. The MC2-affiliated co-authors are Michael Rosenberg (lead author) and Ian Miers.

Large-Scale Private Set Intersection in the Client-Server Setting presents a secure protocol for private set intersection (PSI) with simulation-based security against malicious adversaries. The server publishes a one-time encoding of its large set, allowing multiple clients to independently execute PSI with linear complexity based on their set sizes. The implementation demonstrates high efficiency, processing large sets quickly and at minimal cost. Jonathan Katz is the MC2-affiliated co-author of this work.

Blind Multi-Signatures for Anonymous Tokens with Decentralized Issuance and Public Verifiability proposes a system for issuing anonymous tokens through multiple signers, ensuring public verifiability and unlinkability. It presents blind multi-signatures as a key component, allowing users to independently collect and aggregate signatures. Two constructions are provided: one based on Boneh-Lynn-Shacham signatures, and a more efficient pairing-free scheme, enhancing verification without requiring coordination among issuers. Jonathan Katz and MC2 alumni Nikolaos Kamarinakis are co-authors of this work.

—Story by Melissa Brachfeld, UMIACS communications group