How can a model owner prove they trained their model according to the correct
specification? More importantly, how can they do so while preserving the privacy of the …

A decade of active research has led to practical constructions of zero-knowledge succinct
non-interactive arguments of knowledge (zk-SNARKs) that are now being used in a wide …

We propose SublonK---a new succinct non-interactive argument of knowledge (SNARK).
SublonK is the first SNARK that achieves both a constant proof size and prover runtime that …

Individuals and organizations are using databases to store personal information at an
unprecedented rate. This creates a quandary for data providers. They are responsible for …

Verification of program safety is often reducible to proving the unsatisfiability (ie, validity) of a
formula in Satisfiability Modulo Theories (SMT): Boolean logic combined with theories that …

Cryptographic applications often require proving statements about hidden secrets satisfying
certain circuit relations. Moreover, these proofs must often be generated obliviously, ie …

Currently, when a security analyst discovers a vulnerability in critical software system, they
must navigate a fraught dilemma: immediately disclosing the vulnerability to the public could …

We introduce superclass accountability, a new notion of accountability for security protocols.
Classical notions of accountability typically aim to identify specific adversarial players whose …

Existing protocols for proving the correct execution of a RAM program in zero-knowledge are
plagued by a processor expressiveness tradeo: supporting fewer instructions results in …

Existing protocols for proving the correct execution of a RAM program in zero-knowledge are
plagued by a processor expressiveness tradeoff: supporting fewer instructions results in …