Imagine a system that operates with ML models. These models are unique and work with user-generated content better than anyone else. For various business reasons, instead of running one large sophisticated model on the server, developers have to to run models on mobile devices (viva TensorFlow!).

The security challenge is to protect these models from leakage and massive accumulation, which leads to reverse engineering of unique IP.

This talk explains building DRM-like protection with application-level encryption using HPKE-like approach on ephemeral keys. We will discuss risks, threats, dataflow, cryptographic layer, key management and integration with traditional appsec controls for defense-in-depth approach.

Points we cover

• ML models lifecycle,
• application-level encryption,
• HPKE-like encryption scheme,
• Themis cryptographic library,
• integrating crypto with other security controls: API protection, appsec, mobile anti-reverse engineering, anti-fraud system.

In the end, ML models are just special files :)

Read a case-study “Сryptographic IP protection for AI-powered synthesized media app” to gather more details.

Watch ENG 📺

As soon as video is available on NoNameCon channel.

Presented at ✨

• NoNameCon online, Ukraine, 3 September, 2021.