SAMFL: Secure Aggregation Mechanism for Federated Learning with Byzantine-robustness by functional encryption

IF 3.7 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Journal of Systems Architecture Pub Date : 2024-11-13 DOI:10.1016/j.sysarc.2024.103304

Menghong Guan , Haiyong Bao , Zhiqiang Li , Hao Pan , Cheng Huang , Hong-Ning Dai

{"title":"SAMFL: Secure Aggregation Mechanism for Federated Learning with Byzantine-robustness by functional encryption","authors":"Menghong Guan , Haiyong Bao , Zhiqiang Li , Hao Pan , Cheng Huang , Hong-Ning Dai","doi":"10.1016/j.sysarc.2024.103304","DOIUrl":null,"url":null,"abstract":"<div><div>Federated learning (FL) enables collaborative model training without sharing private data, thereby potentially meeting the growing demand for data privacy protection. Despite its potentials, FL also poses challenges in achieving privacy-preservation and Byzantine-robustness when handling sensitive data. To address these challenges, we present a novel <strong>S</strong>ecure <strong>A</strong>ggregation <strong>M</strong>echanism for <strong>F</strong>ederated <strong>L</strong>earning with Byzantine-Robustness by Functional Encryption (SAMFL). Our approach designs a novel dual-decryption multi-input functional encryption (DD-MIFE) scheme, which enables efficient computation of cosine similarities and aggregation of encrypted gradients through a single ciphertext. This innovative scheme allows for dual decryption, producing distinct results based on different keys, while maintaining high efficiency. We further propose TF-Init, integrating DD-MIFE with Truth Discovery (TD) to eliminate the reliance on a root dataset. Additionally, we devise a secure cosine similarity calculation aggregation protocol (SC2AP) using DD-MIFE, ensuring privacy-preserving and Byzantine-robust FL secure aggregation. To enhance FL efficiency, we employ single instruction multiple data (SIMD) to parallelize encryption and decryption processes. Concurrently, to preserve accuracy, we incorporate differential privacy (DP) with selective clipping of model layers within the FL framework. Finally, we integrate TF-Init, SC2AP, SIMD, and DP to construct SAMFL. Extensive experiments demonstrate that SAMFL successfully defends against both inference attacks and poisoning attacks, while improving efficiency and accuracy compared to existing methods. SAMFL provides a comprehensive integrated solution for FL with efficiency, accuracy, privacy-preservation, and robustness.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"157 ","pages":"Article 103304"},"PeriodicalIF":3.7000,"publicationDate":"2024-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762124002418","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Federated learning (FL) enables collaborative model training without sharing private data, thereby potentially meeting the growing demand for data privacy protection. Despite its potentials, FL also poses challenges in achieving privacy-preservation and Byzantine-robustness when handling sensitive data. To address these challenges, we present a novel Secure Aggregation Mechanism for Federated Learning with Byzantine-Robustness by Functional Encryption (SAMFL). Our approach designs a novel dual-decryption multi-input functional encryption (DD-MIFE) scheme, which enables efficient computation of cosine similarities and aggregation of encrypted gradients through a single ciphertext. This innovative scheme allows for dual decryption, producing distinct results based on different keys, while maintaining high efficiency. We further propose TF-Init, integrating DD-MIFE with Truth Discovery (TD) to eliminate the reliance on a root dataset. Additionally, we devise a secure cosine similarity calculation aggregation protocol (SC2AP) using DD-MIFE, ensuring privacy-preserving and Byzantine-robust FL secure aggregation. To enhance FL efficiency, we employ single instruction multiple data (SIMD) to parallelize encryption and decryption processes. Concurrently, to preserve accuracy, we incorporate differential privacy (DP) with selective clipping of model layers within the FL framework. Finally, we integrate TF-Init, SC2AP, SIMD, and DP to construct SAMFL. Extensive experiments demonstrate that SAMFL successfully defends against both inference attacks and poisoning attacks, while improving efficiency and accuracy compared to existing methods. SAMFL provides a comprehensive integrated solution for FL with efficiency, accuracy, privacy-preservation, and robustness.

查看原文本刊更多论文

SAMFL：通过功能加密实现拜占庭稳健性的联盟学习安全聚合机制

联盟学习（FL）可以在不共享私人数据的情况下进行协作模型训练，从而有可能满足日益增长的数据隐私保护需求。尽管联合学习潜力巨大，但在处理敏感数据时，如何实现隐私保护和拜占庭稳健性也是一个挑战。为了应对这些挑战，我们提出了一种通过功能加密实现拜占庭稳健性的联邦学习安全聚合机制（SAMFL）。我们的方法设计了一种新颖的双解密多输入函数加密（DD-MIFE）方案，可通过单个密文高效计算余弦相似度和聚合加密梯度。这种创新方案允许双重解密，根据不同的密钥产生不同的结果，同时保持高效率。我们进一步提出了 TF-Init，将 DD-MIFE 与真相发现 (TD) 相结合，消除了对根数据集的依赖。此外，我们还设计了一种使用 DD-MIFE 的安全余弦相似性计算聚合协议（SC2AP），以确保隐私保护和拜占庭式的 FL 安全聚合。为了提高 FL 效率，我们采用了单指令多数据（SIMD）来并行处理加密和解密过程。同时，为了保持准确性，我们在 FL 框架内采用了选择性剪切模型层的差分隐私（DP）技术。最后，我们整合了 TF-Init、SC2AP、SIMD 和 DP，构建了 SAMFL。广泛的实验证明，与现有方法相比，SAMFL 成功抵御了推理攻击和中毒攻击，同时提高了效率和准确性。SAMFL 为 FL 提供了一个全面的综合解决方案，它兼具效率、准确性、隐私保护和鲁棒性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.