Litcius/Paper detail

TAPFed: Threshold Secure Aggregation for Privacy-Preserving Federated Learning

Runhua Xu, Bo Li, Chao Li, James Joshi, Shuai Ma, Jianxin Li

2024IEEE Transactions on Dependable and Secure Computing43 citationsDOIOpen Access PDF

Abstract

Federated learning is a computing paradigm that enhances privacy by enabling multiple parties to collaboratively train a machine learning model without revealing personal data. However, current research indicates that traditional federated learning platforms are unable to ensure privacy due to privacy leaks caused by the interchange of gradients. To achieve privacy-preserving federated learning, integrating secure aggregation mechanisms is essential. Unfortunately, existing solutions are vulnerable to recently demonstrated inference attacks such as the disaggregation attack. This paper proposes <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TAPFed</i> , an approach for achieving privacy-preserving federated learning in the context of multiple decentralized aggregators with malicious actors. <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TAPFed</i> uses a proposed threshold functional encryption scheme and allows for a certain number of malicious aggregators while maintaining security and privacy. We provide formal security and privacy analyses of <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TAPFed</i> and compare it to various baselines through experimental evaluation. Our results show that <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TAPFed</i> offers equivalent performance in terms of model quality compared to state-of-the-art approaches while reducing transmission overhead by 29%-45% across different model training scenarios. Most importantly, <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">TAPFed</i> can defend against recently demonstrated inference attacks caused by curious aggregators, which the majority of existing approaches are susceptible to.

Topics & Concepts

Computer scienceOverhead (engineering)InferenceContext (archaeology)Artificial intelligenceScheme (mathematics)EncryptionMachine learningInformation privacyComputer securityTheoretical computer scienceMathematicsProgramming languageMathematical analysisBiologyPaleontologyPrivacy-Preserving Technologies in DataCryptography and Data SecurityInternet Traffic Analysis and Secure E-voting