Knowledge is Overrated: A zero-knowledge machine learning and cryptographic hashing-based framework for verifiable, low latency inference at the LHC

📝 Abstract

Low latency event-selection (trigger) algorithms are essential components of Large Hadron Collider (LHC) operation. Modern machine learning (ML) models have shown great offline performance as classifiers and could improve trigger performance, thereby improving downstream physics analyses. However, inference on such large models does not satisfy the $40\text{MHz}$ online latency constraint at the LHC. In this work, we propose \texttt{PHAZE}, a novel framework built on cryptographic techniques like hashing and zero-knowledge machine learning (zkML) to achieve low latency inference, via a certifiable, early-exit mechanism from an arbitrarily large baseline model. We lay the foundations for such a framework to achieve nanosecond-order latency and discuss its inherent advantages, such as built-in anomaly detection, within the scope of LHC triggers, as well as its potential to enable a dynamic low-level trigger in the future.

💡 Analysis

Low latency event-selection (trigger) algorithms are essential components of Large Hadron Collider (LHC) operation. Modern machine learning (ML) models have shown great offline performance as classifiers and could improve trigger performance, thereby improving downstream physics analyses. However, inference on such large models does not satisfy the $40\text{MHz}$ online latency constraint at the LHC. In this work, we propose \texttt{PHAZE}, a novel framework built on cryptographic techniques like hashing and zero-knowledge machine learning (zkML) to achieve low latency inference, via a certifiable, early-exit mechanism from an arbitrarily large baseline model. We lay the foundations for such a framework to achieve nanosecond-order latency and discuss its inherent advantages, such as built-in anomaly detection, within the scope of LHC triggers, as well as its potential to enable a dynamic low-level trigger in the future.

📄 Content

Accelerating ML inference to satisfy the LHC’s operational constraints is currently approached as an ad-hoc optimization problem driven by an accuracy-acceleration tradeoff. Algorithms like AXOL1TL and CICADA, recently tested [2] by the CMS experiment, combine this type of an approach with hardware-specific optimization techniques, using frameworks like hls4ml [3]. These algorithms successfully achieve O(ns) latencies for anomaly detection triggers [2]. However, we hypothesize that, to achieve O(ns) latencies for a larger set of ML-based trigger decisions, we need a novel approach to trigger design compatible with dynamic performance-improvement strategies.

We start with a short primer on polynomial fingerprinting, zkML, and early-exiting (EE) that form the building blocks of our framework.

Hash function: Any function that maps a mathematical object, like a vector of arbitrary size, to a fixed-size value [4,5]. We restrict the definition to non-cryptographic hash functions [6] since we do not require security-related properties in the hashing algorithm for our framework. Say we have a family of hash functions H{h : M → Y}. We can then define a probabilistic hashing algorithm as a scheme, that for a given arbitrary-size object M i ∈ M, chooses a random hash function h i ∈ H to evaluate the hash.

For a probabilistic hash to serve as a near-unique fingerprint for all objects in M we require that the collision probability [5] over a random h i , for any 2 arbitrary values x 1 , x x ∈ M, be bounded by a small, well-defined value ϵ, written as,

Rabin fingerprinting [7]: A hash defined over a finite, Galois field, GF (2), that maps an nbit vector represented as a polynomial (using techniques like polynomial interpolation [8]), P (x) of degree (d -1), to the remainder, r(x), obtained on dividing P (x) by g(x); where g(x) is an irreducible polynomial of degree k over GF(2) [7]. Thereby the Rabin Fingerprinting algorithm reduces a large d-bit vector to a unique k-bit fingerprint.

So the Rabin fingerprint over a large finite field of prime order, F p , is given by,

where the coefficients of h(x) (degree k -1) are the reduced k-bit hash.

The collision probability is then described by the Schwartz-Zippel Lemma [9]. The lemma states that for any two distinct polynomials P 1 (x), P 2 (x), each of degree at most (d -1), the collision probability for a randomly chosen point q ∈ F p is bounded by,

Thereby, choosing a finite field ordered by a large enough prime, and constraining the highest polynomial degree to be low, leads to statistically negligible collision probabilities.

Zero-Knowledge Proof: A ZKP is a cryptographic protocol that allows one party, the prover, to convince another party, the verifier, that a given statement is true, without revealing any information beyond the fact of the statement’s truth [10]. A powerful application of modern ZKP systems lies in their ability to guarantee computational integrity, making them tools for fast verifiability. The core properties of ZKPs are completeness, soundness and privacy-preservation.

zkML: An application of ZKPs for generating a succinct proof, π, of the correct execution of an ML model’s inference computation, C(x, w) = y, where x ∈ L is a public input in a corpus L (e.g., training dataset), w is the private witness (e.g., model parameters, intermediate activations) and y is the public model output. For our usage, privacy is not a major factor and we focus on verifiability, which for a given prover P and verifier V is defined, as in [11], by the completeness,

and the soundness, for x ′ / ∈ L and a random prover P * ,

where ⟨⟩ represents prover-verifier interactions.

The foundational step of most zkML systems is arithmetization; the process of transforming computation C into a family of algebraic equations. These equations serve as polynomial constraints that are tractable when defined over a finite field F p , and the validity of the computation is reduced to proving that these constraints hold. The complexity of a zkML system is largely concentrated in the arithmetization stage. The subsequent steps involve using cryptographic primitives such as hashing and Polynomial Commitment Schemes (PCS) [10] to compress the constraints down to unique, tractable commitments (e.g., fingerprints), used for faster verification. The Schwartz-Zippel lemma (Eq.3) again serves as a bound for the integrity of the proof.

We focus on a specific type of zkML system based on zk-STARK (Zero-Knowledge Scalable Transparent ARguments of Knowledge) [12]. zk-STARKs are typically constructed under minimal cryptographic assumptions which gives rise to scalability and transparency. The complexity, for a given computation of size T (n), scales quasi-linearly, O(T (n)poly log T (n)) for proof generation and poly-logarithmically, O(poly log T (n)) for proof verification [12]. The transparency makes the system auditable and reproducible.

EE [13] strategies are a popular approach for sig

This content is AI-processed based on ArXiv data.