The success of machine learning (ML) has been accompanied by increased concerns about its trustworthiness. Several jurisdictions are preparing ML regulatory frameworks. One such concern is ensuring that model training data has desirable distributional properties for certain sensitive attributes. For example, draft regulations indicate that model trainers are required to show that training datasets have specific distributional properties, such as reflecting diversity of the population. We propose the notion of property attestation allowing a prover (e.g., model trainer) to demonstrate relevant distributional properties of training data to a verifier (e.g., a customer) without revealing the data. We present an effective hybrid property attestation combining property inference with cryptographic mechanisms.

翻译：机器学习的成功引发了对其可信度的日益关注。多个司法管辖区正在制定机器学习监管框架。其中一个关键问题是确保模型训练数据在特定敏感属性上具有理想的分布特征。例如，法规草案指出模型训练者需证明训练数据集具备特定的分布属性（如反映人群多样性）。我们提出"属性证明"概念，允许证明者（如模型训练者）在不披露数据的前提下，向验证者（如客户）证明训练数据的相关分布属性。我们提出一种结合属性推断与密码学机制的高效混合属性证明方案。