论文标题
FastSecagg:可扩展的安全汇总,用于保护隐私的联合学习
FastSecAgg: Scalable Secure Aggregation for Privacy-Preserving Federated Learning
论文作者
论文摘要
对联合学习的最新攻击表明,在客户设备上保留培训数据并不能提供足够的隐私,因为客户共享的模型参数可以泄漏有关其培训数据的信息。 “安全汇总”协议使服务器能够以隐私保护方式汇总客户端的模型。但是,现有的安全聚合协议会产生高计算/通信成本,尤其是当模型参数的数量大于参与迭代的客户数量时,这是联合学习的典型情况。 在本文中,我们提出了一个安全的聚合协议FastSecagg,在计算和通信方面非常有效,并且对客户的辍学工作有效。 FastSecagg的主要构件是一种新型的多秘密共享方案,即FastShare,基于Fast Fourier Transform(FFT),这可能具有独立的兴趣。 FastShare在理论上是信息的,并在秘密,隐私门槛和辍学公差之间取消了权衡。在FastShare的功能上,我们证明了FastSecagg(i)在诚实但令人好奇的环境中的某些恒定分数(例如$ \ sim10 \%$)的“任何恒定分数(例如$ \ sim10 \%$)的“任何”子集中都可以使用; (ii)可以容忍客户端的某些恒定分数(例如$ \ sim10 \%$)的“随机”子集的辍学。 FastSecagg的计算成本明显小于现有方案,同时达到相同的(订购)通信成本。此外,它保证了针对自适应对手的安全性,该对手可以在执行协议期间动态腐败。
Recent attacks on federated learning demonstrate that keeping the training data on clients' devices does not provide sufficient privacy, as the model parameters shared by clients can leak information about their training data. A 'secure aggregation' protocol enables the server to aggregate clients' models in a privacy-preserving manner. However, existing secure aggregation protocols incur high computation/communication costs, especially when the number of model parameters is larger than the number of clients participating in an iteration -- a typical scenario in federated learning. In this paper, we propose a secure aggregation protocol, FastSecAgg, that is efficient in terms of computation and communication, and robust to client dropouts. The main building block of FastSecAgg is a novel multi-secret sharing scheme, FastShare, based on the Fast Fourier Transform (FFT), which may be of independent interest. FastShare is information-theoretically secure, and achieves a trade-off between the number of secrets, privacy threshold, and dropout tolerance. Riding on the capabilities of FastShare, we prove that FastSecAgg is (i) secure against the server colluding with 'any' subset of some constant fraction (e.g. $\sim10\%$) of the clients in the honest-but-curious setting; and (ii) tolerates dropouts of a 'random' subset of some constant fraction (e.g. $\sim10\%$) of the clients. FastSecAgg achieves significantly smaller computation cost than existing schemes while achieving the same (orderwise) communication cost. In addition, it guarantees security against adaptive adversaries, which can perform client corruptions dynamically during the execution of the protocol.
