基于同态代理重认证的可验证联邦聚合方法

Verifiable federated aggregation method based on homomorphic proxy re-authentication

联邦学习可以通过共享梯度参数训练模型,但在模型聚合过程中面临恶意服务器进行不诚实数据聚合的风险,同时不受信任的用户参与联邦学习还可能会毒害全局模型,模型训练过程中的可靠性和安全性受到威胁。针对联邦学习中用户不可信、聚合结果不可信等问题,首次引入同态代理重认证,提出了适用于多方聚合计算的双向认证方法,并结合双掩码技术构造了具有隐私保护、高效可信联邦学习聚合方法,不仅可以实现用户对全局模型聚合结果的正确性验证,还能够使聚合服务器完成对用户上传模型来源的可信性验证和模型完整性验证,防止攻击者恶意操控用户破坏安全聚合,同时在验证过程中不会泄露用户隐私数据。通过形式化的安全性分析证明了可验证联邦聚合方法的安全性,有效抵抗了伪造攻击和Sybil攻击,且具有良好的鲁棒性。通过仿真实验进一步表明了所提方法能够在不影响联邦训练的情况下实现聚合结果的可信性验证,且验证不会受到用户中途退出的影响。

Federated learning,capable of training models by sharing gradient parameters,faces the risk of dishonest data aggregation by malicious servers during the model aggregation process.Untrusted users participating in federated learning may also pose a threat by poisoning the global model,thereby compromising the reliability and security of the model training process.To address these issues,homomorphic proxy re-authentication was introduced for the first time to propose a bi-directional authentication method suitable for multi-party aggregation computation.Additionally,a privacy-preserving,efficient,and trustworthy federated learning aggregation method was constructed,combining the double mask technique.This method not only enables users to verify the correctness of global model aggregation results but also allows the aggregation server to assess the trustworthiness and model integrity of the model sources uploaded by the users.It prevents attackers from maliciously manipulating users to disrupt secure aggregation,without leaking users’private data during the verification process.The security of the verifiable federated aggregation method was demonstrated through formal security analysis,which effectively resists forgery attacks and Sybil attacks,exhibiting good robustness.Simulation experiments further illustrated that the proposed method can achieve credible verification of the aggregation results without impacting federated training.Moreover,the verification process remains unaffected even if users quit in the middle.