The success of machine learning (ML) has been accompanied by increased concerns about its trustworthiness. Several jurisdictions are preparing ML regulatory frameworks. One such concern is ensuring that model training data has desirable distributional properties for certain sensitive attributes. For example, draft regulations indicate that model trainers are required to show that training datasets have specific distributional properties, such as reflecting diversity of the population. We propose the notion of property attestation allowing a prover (e.g., model trainer) to demonstrate relevant distributional properties of training data to a verifier (e.g., a customer) without revealing the data. We present an effective hybrid property attestation combining property inference with cryptographic mechanisms.

翻译：机器学习（ML）的成功伴随着对其可信度的日益担忧。多个司法管辖区正在制定ML监管框架。其中一项关注点是确保模型训练数据在特定敏感属性方面具有理想的分布特性。例如，法规草案指出，模型训练方需证明训练数据集具备特定分布特性（如反映人群多样性）。我们提出了一种"特性证明"概念，允许证明方（如模型训练方）在不泄露数据的前提下，向验证方（如客户）展示训练数据的相关分布特性。我们提出一种混合特性证明方案，将特性推断与密码学机制相结合，实现了高效验证。