A Critical Look into Threshold Homomorphic Encryption for Private Average Aggregation

TL;DR

This paper critically examines the security and performance of threshold homomorphic encryption schemes, especially BFV and CKKS, in federated average aggregation, highlighting vulnerabilities and evaluating countermeasures.

Contribution

It provides a comprehensive survey of threshold RLWE-based HE schemes for federated learning and compares their performance and security features.

Findings

CKKS-based aggregations perform similarly to BFV-based solutions.

Using high-variance noise as a countermeasure impacts performance.

Mainstream threshold HE schemes may have security vulnerabilities with restricted decryption oracle.

Abstract

Threshold Homomorphic Encryption (Threshold HE) is a good fit for implementing private federated average aggregation, a key operation in Federated Learning (FL). Despite its potential, recent studies have shown that threshold schemes available in mainstream HE libraries can introduce unexpected security vulnerabilities if an adversary has access to a restricted decryption oracle. This oracle reflects the FL clients' capacity to collaboratively decrypt the aggregated result without knowing the secret key. This work surveys the use of threshold RLWE-based HE for federated average aggregation and examines the performance impact of using smudging noise with a large variance as a countermeasure. We provide a detailed comparison of threshold variants of BFV and CKKS, finding that CKKS-based aggregations perform comparably to BFV-based solutions.