Imagine a system that operates with ML models. These models are unique and work with user-generated content better than anyone else. For various business reasons, instead of running one large sophisticated model on the server, developers have to to run models on mobile devices (_viva TensorFlow!_). Our challenge is to protect these models from leakage and massive accumulation, which leads to reverse engineering of their unique approach.
This talk explains building DRM-like protection with application-level encryption using HPKE-like approach on ephemeral keys. We will discuss risks, threats, dataflow, cryptographic layer, key management and integration with traditional appsec controls for defense-in-depth approach.