CATFL: Certificateless Authentication-based Trustworthy Federated Learning for 6G Semantic Communications

TL;DR

This paper introduces CATFL, a certificateless trustworthy federated learning framework for 6G semantic communications that enhances security and privacy through mutual authentication, pseudonym strategies, and efficient certificate management.

Contribution

The paper proposes a novel certificateless authentication framework for federated learning that prevents model poisoning and reduces certificate management overheads in 6G semantic communication systems.

Findings

CATFL effectively prevents model poisoning attacks.

The framework reduces certificate management overheads compared to PKI-based methods.

The pseudonym strategy balances user privacy and traceability.

Abstract

Federated learning (FL) provides an emerging approach for collaboratively training semantic encoder/decoder models of semantic communication systems, without private user data leaving the devices. Most existing studies on trustworthy FL aim to eliminate data poisoning threats that are produced by malicious clients, but in many cases, eliminating model poisoning attacks brought by fake servers is also an important objective. In this paper, a certificateless authentication-based trustworthy federated learning (CATFL) framework is proposed, which mutually authenticates the identity of clients and server. In CATFL, each client verifies the server's signature information before accepting the delivered global model to ensure that the global model is not delivered by false servers. On the contrary, the server also verifies the server's signature information before accepting the delivered model updates to ensure that they are submitted by authorized clients. Compared to PKI-based methods, the CATFL can avoid too high certificate management overheads. Meanwhile, the anonymity of clients shields data poisoning attacks, while real-name registration may suffer from user-specific privacy leakage risks. Therefore, a pseudonym generation strategy is also presented in CATFL to achieve a trade-off between identity traceability and user anonymity, which is essential to conditionally prevent from user-specific privacy leakage. Theoretical security analysis and evaluation results validate the superiority of CATFL.