Instructor: Mihir Bellare
Class time: Tu 9:30--10:50 AM
Class location: Room 4258
Instructor Office Hour: Th 2:00--3:00 PM
Course Information
This course considers connections between cryptography and AI. These arise in many ways. Some are below, but we may find others:
Methods: What are the cryptographic techniques or protocols
Applications: What AI problem is being solved, and how is the method applied to that end? Are the applications merely suggested in papers, or are they standardized and deployed in the real world? What other ways are there to solve the same problems? How effective are these applications at solving the problem?
Security: Are there cryptographic definitions supporting these applications, and if so, what? Can the cryptography used be shown to meet these definitions? What alternative definitions might one give?
Society: Who does the application, and its use of cryptography, benefit? Is it Power (corporations, government), or People?
- Privacy: Privacy-Preserving Machine Learning (PPML) has been of much interest. It uses cryptographic primitives like Multi-Party Computation (MPC), Homomorphic Encryption (HE) and Differential Privacy (DP). Privacy preserving aggregation (VDAFs) could be viewed as part of this, and there are many other subtopics.
- Attacks: Cryptography is used to to plant backdoors in, or subvert, ML models.
- Cryptanalysis: In the opposite direction, AI is used for cryptanalysis.
In exploring these or other issues, we will consider many dimensions, including the following:
The Private tab in the menu takes you to a set of Google Drive files accessible only to enrolled students. Here we will develop the presentation schedule, where your team can sign up. You can also add documents related to your presentation.
This is a seminar. Students will read and present papers. Students can work in teams of up to two people if they so desire. The Presentations pointer in the menu gives guidelnes on what makes a good presentation and what will be required. It also makes a start at a list of possible papers and resources, but this list however is neither exhaustive nor binding. Course requirements are a presentation, and participation in discussion including critiques of presentations made by others. You can take the class P/NP (S/U) or for a letter grade, and requirements may be higher in the latter case. The number of units for which you enrol may also be a choice, and again may affect the requirements. Auditing (not doing a presentation) is not encouraged; if you want to benefit from the presentations made by others, you should do one too. Pre-requisites are some knowledge of cryptography as given by CSE 207 or 207B; or CSE 107 with permission of Instructor; or permission of Instructor.
Canvas, Piazza
We have a Canvas and a Piazza for this
class. The latter can be a medium for discussion.