Conan: Secure and reliable machine learning inference against malicious service providers

Author

Hanxiao CHEN
Hongwei LI
Meng HAO, Singapore Management UniversityFollow
Pengzhi XING
Jia HU
Wenbo JIANG

Publication Type

Journal Article

Publication Date

1-2026

Abstract

In the Machine Learning as a Service paradigm, a service provider (e.g., a server) hosting a model offers inference APIs to clients, who can send their queries and receive the inference results. While most recent secure inference works focus on addressing privacy issues, they overlook the importance of checking the service quality and reliability. A malicious server may deviate from the protocol specification to deliberately provide incorrect services such as using low-quality models. Thus, it is necessary to design new solutions to empower clients to verify the server’s model accuracy and inference integrity while protecting both parties’ privacy. We present Conan , a new secure and reliable inference framework against malicious servers to achieve accuracy verification, inference integrity, and privacy simultaneously. In Conan , the server first commits to the model and proves in zero-knowledge that the committed model achieves the claimed accuracy. Then both parties perform secure inference on the committed model against the malicious server. To instantiate the above framework, we design generic maliciously secure two-party computation (2PC) protocols with a fixed corrupted party, which may be of independent interest. Our protocols achieve high efficiency by utilizing the advantage that the semi-honest party can check the behavior of the corrupted party. Furthermore, they support both arithmetic and Boolean circuit evaluation, a crucial attribute for secure inference on complicated machine learning models. We implement the fixed-corruption 2PC protocols for our secure and reliable inference. The experimental results show 1∼2 orders of magnitude improvements over conventional maliciously secure protocols in terms of communication and computation costs.

Keywords

integrity, privacy, Secure inference, secure two-party computation, zero-knowledge proof

Discipline

Information Security

Publication

IEEE Transactions on Information Forensics and Security

Volume

21

First Page

1127

Last Page

1141

ISSN

1556-6013

Identifier

10.1109/TIFS.2025.3648121

Publisher

Institute of Electrical and Electronics Engineers

Citation

CHEN, Hanxiao; LI, Hongwei; HAO, Meng; XING, Pengzhi; HU, Jia; and JIANG, Wenbo. Conan: Secure and reliable machine learning inference against malicious service providers. (2026). IEEE Transactions on Information Forensics and Security. 21, 1127-1141.
Available at: https://ink.library.smu.edu.sg/sis_research/11070

Additional URL

https://doi.org/10.1109/TIFS.2025.3648121