Towards Privacy-Preserving Federated Learning using Hybrid Homomorphic Encryption

TL;DR

This paper enhances privacy in federated learning by integrating two key protection mechanisms into hybrid homomorphic encryption, preventing key misuse and enabling secure, efficient collaborative model training.

Contribution

It introduces masking and RSA encapsulation techniques into HHE-FL, extending security to malicious participant scenarios without significant performance loss.

Findings

Both mechanisms preserve model accuracy.

Masking incurs negligible overhead.

RSA encapsulation adds modest runtime and communication costs.

Abstract

Federated Learning (FL) enables collaborative training while keeping sensitive data on clients' devices, but local model updates can still leak private information. Hybrid Homomorphic Encryption (HHE) has recently been applied to FL to mitigate client overhead while preserving privacy. However, existing HHE-FL systems rely on a single homomorphic key pair shared across all clients, which forces them to assume an unrealistically weak threat model: if a client misbehaves or intercepts another's traffic, private updates can be exposed. We eliminate this weakness by integrating two alternative key protection mechanisms into the HHE-FL workflow. The first is masking, where client keys are blinded before homomorphic encryption and later unblinded homomorphically by the server. The second is RSA encapsulation, where homomorphically encrypted keys are additionally wrapped under the server's RSA public key. These countermeasures prevent key misuse by other clients and extend HHE-FL security to adversarial settings with malicious participants. We implement both approaches on top of the Flower framework using the PASTA/BFV HHE scheme and evaluate them on the MNIST dataset with 12 clients. Results show that both mechanisms preserve model accuracy while adding minimal overhead: masking incurs negligible cost, and RSA encapsulation introduces only modest runtime and communication overhead.