Polynomial Time Cryptanalytic Extraction of Neural Network Models

Explore a groundbreaking lecture on the cryptanalytic extraction of neural network models presented by renowned cryptographer Adi Shamir at ICBS2024. Delve into the critical issue of protecting deep neural networks (DNNs) from theft and parameter extraction. Learn about the historical context of this problem, including Charles Fefferman's 1994 findings and the Crypto'20 algorithm by Carlini, Jagielski, and Mironov. Discover Shamir's innovative techniques that enable the extraction of ReLU-based DNN parameters with high precision using both polynomial queries and time. Witness the practical application of this method on a full-sized neural network for CIFAR10 dataset classification, comparing the efficiency of the new approach to previous methods. Gain insights into the implications of this advancement for DNN security and the broader field of cryptography in this hour-long talk from the Beijing Institute of Mathematical Sciences and Applications (BIMSA).