VCSA: Verifiable and collusion-resistant secure aggregation for federated learning using symmetric homomorphic encryption

IF 3.7 2区 计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Journal of Systems Architecture Pub Date : 2024-09-18 DOI:10.1016/j.sysarc.2024.103279
Yang Ming , Shan Wang , Chenhao Wang , Hang Liu , Yutong Deng , Yi Zhao , Jie Feng
{"title":"VCSA: Verifiable and collusion-resistant secure aggregation for federated learning using symmetric homomorphic encryption","authors":"Yang Ming ,&nbsp;Shan Wang ,&nbsp;Chenhao Wang ,&nbsp;Hang Liu ,&nbsp;Yutong Deng ,&nbsp;Yi Zhao ,&nbsp;Jie Feng","doi":"10.1016/j.sysarc.2024.103279","DOIUrl":null,"url":null,"abstract":"<div><div>As a novel distributed learning framework for protecting personal data privacy, federated learning, (FL) has attained widespread attention through sharing gradients among users without collecting their data. However, an untrusted cloud server may infer users’ individual information from gradients and global model. In addition, it may even forge incorrect aggregated results to save resources. To deal with these issues, despite that the existing works can protect local model privacy and achieve verifiability of aggregated results, they are defective in protecting global model privacy, guaranteeing verifiability if collusion attacks occur, and suffer from high computation cost. To further tackle the above challenges, a verifiable and collusion-resistant secure aggregation scheme for FL is proposed, named VCSA. Concretely, we combine symmetric homomorphic encryption with single masking to protect model privacy. Meanwhile, we adopt verifiable multi-secret sharing and generalized Pedersen commitment to achieve verifiability and prevent users from uploading incorrect shares. Furthermore, high model accuracy can be ensured even if some users go offline. Security analysis illustrates that our VCSA enhances the security of FL, realizes verifiability despite collusion attacks and robustness to dropout. Performance evaluation displays that our VCSA can reduce at least 28.27% and 79.15% regarding computation cost compared to existing schemes.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"156 ","pages":"Article 103279"},"PeriodicalIF":3.7000,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762124002169","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}
引用次数: 0

Abstract

As a novel distributed learning framework for protecting personal data privacy, federated learning, (FL) has attained widespread attention through sharing gradients among users without collecting their data. However, an untrusted cloud server may infer users’ individual information from gradients and global model. In addition, it may even forge incorrect aggregated results to save resources. To deal with these issues, despite that the existing works can protect local model privacy and achieve verifiability of aggregated results, they are defective in protecting global model privacy, guaranteeing verifiability if collusion attacks occur, and suffer from high computation cost. To further tackle the above challenges, a verifiable and collusion-resistant secure aggregation scheme for FL is proposed, named VCSA. Concretely, we combine symmetric homomorphic encryption with single masking to protect model privacy. Meanwhile, we adopt verifiable multi-secret sharing and generalized Pedersen commitment to achieve verifiability and prevent users from uploading incorrect shares. Furthermore, high model accuracy can be ensured even if some users go offline. Security analysis illustrates that our VCSA enhances the security of FL, realizes verifiability despite collusion attacks and robustness to dropout. Performance evaluation displays that our VCSA can reduce at least 28.27% and 79.15% regarding computation cost compared to existing schemes.
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
VCSA:使用对称同态加密为联合学习提供可验证、抗串通的安全聚合
作为一种保护个人数据隐私的新型分布式学习框架,联合学习(FL)通过在不收集用户数据的情况下在用户之间共享梯度信息而获得了广泛关注。然而,不受信任的云服务器可能会从梯度和全局模型中推断出用户的个人信息。此外,它甚至可能为了节省资源而伪造不正确的汇总结果。针对这些问题,尽管现有的研究成果可以保护局部模型隐私并实现聚合结果的可验证性,但它们在保护全局模型隐私、保证发生串通攻击时的可验证性方面存在缺陷,并且存在计算成本高的问题。为了进一步解决上述难题,我们提出了一种可验证且防串通的 FL 安全聚合方案,命名为 VCSA。具体来说,我们将对称同态加密与单一掩码相结合,以保护模型隐私。同时,我们采用可验证的多机密共享和广义 Pedersen 承诺来实现可验证性,防止用户上传错误的共享。此外,即使部分用户离线,也能确保较高的模型准确性。安全性分析表明,我们的 VCSA 增强了 FL 的安全性,即使受到串通攻击也能实现可验证性,并且对掉线具有鲁棒性。性能评估显示,与现有方案相比,我们的 VCSA 至少能减少 28.27% 和 79.15% 的计算成本。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 去求助
来源期刊
Journal of Systems Architecture
Journal of Systems Architecture 工程技术-计算机:硬件
CiteScore
8.70
自引率
15.60%
发文量
226
审稿时长
46 days
期刊介绍: The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.
期刊最新文献
Non-interactive set intersection for privacy-preserving contact tracing NLTSP: A cost model for tensor program tuning using nested loop trees SAMFL: Secure Aggregation Mechanism for Federated Learning with Byzantine-robustness by functional encryption ZNS-Cleaner: Enhancing lifespan by reducing empty erase in ZNS SSDs Using MAST for modeling and response-time analysis of real-time applications with GPUs
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1