Byzantine-Resilient Secure Aggregation for Federated Learning Without Privacy Compromises
Yue Xia, Christoph Hofmeister, Maximilian Egger, Rawad Bitar
TL;DR
ByITFL introduces a Byzantine-resilient federated learning scheme that ensures full information-theoretic privacy for users while tolerating malicious participants through trust scores and advanced cryptographic techniques.
Contribution
It is the first scheme combining Byzantine resilience with full privacy in federated learning using polynomial trust scores and cryptographic methods.
Findings
Achieves Byzantine resilience without privacy loss.
Utilizes polynomial approximation of trust scores.
Employs Lagrange coded computing and secret sharing.
Abstract
Federated learning (FL) shows great promise in large scale machine learning, but brings new risks in terms of privacy and security. We propose ByITFL, a novel scheme for FL that provides resilience against Byzantine users while keeping the users' data private from the federator and private from other users. The scheme builds on the preexisting non-private FLTrust scheme, which tolerates malicious users through trust scores (TS) that attenuate or amplify the users' gradients. The trust scores are based on the ReLU function, which we approximate by a polynomial. The distributed and privacy-preserving computation in ByITFL is designed using a combination of Lagrange coded computing, verifiable secret sharing and re-randomization steps. ByITFL is the first Byzantine resilient scheme for FL with full information-theoretic privacy.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy-Preserving Technologies in Data · Stochastic Gradient Optimization Techniques · Cryptography and Data Security