Verifiable Split Learning via zk-SNARKs

TL;DR

This paper introduces a verifiable split learning framework that uses zk-SNARKs to ensure correctness and honesty in collaborative deep learning, addressing verification issues inherent in traditional split learning methods.

Contribution

The paper presents a novel integration of zk-SNARK proofs into split learning, enabling verifiability of computations on both client and server sides.

Findings

zk-SNARKs ensure correctness and honesty in split learning

Verifiable split learning outperforms blockchain-only approaches in verification

The framework guarantees verifiability during both forward and backward propagation

Abstract

Split learning is an approach to collaborative learning in which a deep neural network is divided into two parts: client-side and server-side at a cut layer. The client side executes its model using its raw input data and sends the intermediate activation to the server side. This configuration architecture is very useful for enabling collaborative training when data or resources are separated between devices. However, split learning lacks the ability to verify the correctness and honesty of the computations that are performed and exchanged between the parties. To this purpose, this paper proposes a verifiable split learning framework that integrates a zk-SNARK proof to ensure correctness and verifiability. The zk-SNARK proof and verification are generated for both sides in forward propagation and backward propagation on the server side, guaranteeing verifiability on both sides. The verifiable split learning architecture is compared to a blockchain-enabled system for the same deep learning network, one that records updates but without generating the zero-knowledge proof. From the comparison, it can be deduced that applying the zk-SNARK test achieves verifiability and correctness, while blockchains are lightweight but unverifiable.