FedZKP: Federated Model Ownership Verification with Zero-knowledge Proof
Wenyuan Yang, Yuguo Yin, Gongxi Zhu, Hanlin Gu, Lixin Fan, Xiaochun, Cao, Qiang Yang
TL;DR
FedZKP introduces a zero-knowledge proof-based scheme for securely verifying federated model ownership, preventing plagiarism and misuse without revealing credentials, supported by theoretical and empirical security analyses.
Contribution
The paper proposes FedZKP, a novel zero-knowledge proof scheme for federated model ownership verification that enhances security without exposing sensitive information.
Findings
FedZKP effectively prevents model theft and misuse.
The scheme is secure against various attacks with negligible breach probability.
Experimental results confirm its robustness and fidelity.
Abstract
Federated learning (FL) allows multiple parties to cooperatively learn a federated model without sharing private data with each other. The need of protecting such federated models from being plagiarized or misused, therefore, motivates us to propose a provable secure model ownership verification scheme using zero-knowledge proof, named FedZKP. It is shown that the FedZKP scheme without disclosing credentials is guaranteed to defeat a variety of existing and potential attacks. Both theoretical analysis and empirical studies demonstrate the security of FedZKP in the sense that the probability for attackers to breach the proposed FedZKP is negligible. Moreover, extensive experimental results confirm the fidelity and robustness of our scheme.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy-Preserving Technologies in Data · Adversarial Robustness in Machine Learning · Cryptography and Data Security