ESE: Efficient Security Enhancement Method for the Secure Aggregation Protocol in Federated Learning

TIAN Haibo; LI Maonan; REN Shuangyin

doi:10.23919/cje.2021.00.370

Volume 32 Issue 3

May 2023

Turn off MathJax

Article Contents

Article Navigation > Chinese Journal of Electronics > 2023 > 32(3): 542-555

TIAN Haibo, LI Maonan, REN Shuangyin, “ESE: Efficient Security Enhancement Method for the Secure Aggregation Protocol in Federated Learning,” Chinese Journal of Electronics, vol. 32, no. 3, pp. 542-555, 2023, doi: 10.23919/cje.2021.00.370

Citation:

TIAN Haibo, LI Maonan, REN Shuangyin, “ESE: Efficient Security Enhancement Method for the Secure Aggregation Protocol in Federated Learning,” Chinese Journal of Electronics, vol. 32, no. 3, pp. 542-555, 2023, doi: 10.23919/cje.2021.00.370

Citation:

PDF( 3343 KB)

ESE: Efficient Security Enhancement Method for the Secure Aggregation Protocol in Federated Learning

doi: 10.23919/cje.2021.00.370

1.
School of Computer Science and Engineering, Sun Yat-Sen University, Guangzhou 510275, China

Funds: This work was supported by the Key-Area Research and Development Program of Guangdong Province (2020B010166005) and the Huawei Technologies Co., Ltd. (TC20210407007,YBN2019105017)

More Information

Author Bio:
Haibo TIAN was born in Shenzhou, China. He received the Ph.D. degree of cryptography from Xidian University, China, in 2006. He is an Associate Professor in School of Computer Science and Engineering, Sun Yat-Sen University, China. His research interests include cryptographic protocols and applications, and recently focus on blockchain and AI privacy protection techniques. (Email: tianhb@mail.sysu.edu.cn)

Maonan LI was born in Guangdong Province, China. He received the M.S. degree in School of Software Engineering from Sun Yat-Sen University in 2022. His research interests include federated learning and privacy protection.(Email: limn29@mail3.sysu.edu.cn)

Shuangyin REN was born in Wuhu, China. He received the B.S. degree from Sun Yat-sen University, China. He is an M.S. candidate in School of Computer Science and Engineering, Sun Yat-Sen University. His research interests include privacy-preserving federated learning and trusted execution environment techniques. (Email: renshy5@mail2.sysu.edu.cn)
Received Date: 2021-10-19
Accepted Date: 2022-08-03

Available Online: 2022-08-18

Publish Date: 2023-05-05

Abstract

Abstract

In federated learning, a parameter server may actively infer sensitive data of users and a user may arbitrarily drop out of a learning process. Bonawitz et al. propose a secure aggregation protocol for federated learning against a semi-honest adversary and a security enhancement method against an active adversary at ACM CCS 2017. The purpose of this paper is to analyze their security enhancement method and to design an alternative. We point out that their security enhancement method has the risk of Eclipse attack and that the consistency check round in their method could be removed. We give a new efficient security enhancement method by redesigning an authentication message and by adjusting the authentication timing. The new method produces an secure aggregation protocol against an active adversary with less communication and computation costs.
- Secure aggregation,
- Security enhancement,
- Eclipse attack,
- Authentication

FullText(HTML)

References(45)

References

[1]	H. B. McMahan, E. Moore, D. Ramage, et al., “Federated learning of deep networks using model averaging,” arXiv preprint, arXiv: 1602.05629v1, 2016.
[2]	B. McMahan, E. Moore, D. Ramage, et al., “Communication-efficient learning of deep networks from decentralized data,” in Proceedings of the 20th International Conference on Artificial Intelligence and Statistics, Fort Lauderdale, Florida, pp.1273−1282, 2017.
[3]	A. Hard, K. Rao, R. Mathews, et al., “Federated learning for mobile keyboard prediction,” arXiv preprint, arXiv: 1811.03604, 2019.
[4]	T. Yang, G. Andrew, H. Eichner, et al., “Applied federated learning: Improving Google keyboard query suggestions,” arXiv preprint, arXiv: 1812.02903, 2018.
[5]	Z. W. Xiao, X. Xu, H. L. Xing, et al., “A federated learning system with enhanced feature extraction for human activity recognition,” Knowledge-Based Systems, vol. 229, article no. 107338, 2021.
[6]	I. Feki, S. Ammar, Y. Kessentini, et al., “Federated learning for COVID-19 screening from chest X-ray images,” Applied Soft Computing, vol.106, article no.107330, 2021. doi: 10.1016/j.asoc.2021.107330
[7]	L. G. Zhu and S. Han, “Deep leakage from gradients,” in Federated Learning, Q. Yang, L. X. Fan, H. Yu, Eds. Springer, Cham, pp.17–31, 2019,.
[8]	B. Zhao, K. R. Mopuri, and H. Bilen, “iDLG: Improved deep leakage from gradients,” arXiv preprint, arXiv: 2001.02610, 2020.
[9]	J. Geiping, H. Bauermeister, H. Dröge, et al., “Inverting gradients - How easy is it to break privacy in federated learning?,” in Proceedings of the 34th International Conference on Neural Information Processing Systems, Vancouver, BC, Canada, article no.1421, 2020.
[10]	H. X. Yin, A. Mallya, A. Vahdat, et al., “See through gradients: Image batch recovery via gradinversion,” in Proceedings of the 2021 IEEE/CVF Conference on Computer Vision and Pattern Recognition (CVPR), Nashville, TN, USA, pp.16332–16341, 2021.
[11]	M. Abadi, A. Chu, I. Goodfellow, et al., “Deep learning with differential privacy,” in Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, pp.308–318, 2016.
[12]	K. Bonawitz, V. Ivanov, B. Kreuter, et al., “Practical secure aggregation for privacy-preserving machine learning,” in Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, Dallas, TEX, USA, pp.1175–1191, 2017.
[13]	H. B. Tian, F. G. Zhang, Y. F. Shao, et al., “Secure linear aggregation using decentralized threshold additive homomorphic encryption for federated learning,” arXiv preprint, arXiv: 2111.10753, 2021.
[14]	F. Mo, H. Haddadi, K. Katevas, et al., “PPFL: Privacy-preserving federated learning with trusted execution environments,” in Proceedings of the 19th Annual International Conference on Mobile Systems, Applications, and Services, Virtual Event Wisconsin, pp.94–108, 2021.
[15]	S. Merugu and J. Ghosh, “Privacy-preserving distributed clustering using generative models,” in Proceedings of the 3rd IEEE International Conference on Data Mining, Melbourne, FL, USA, pp.211–218, 2003.
[16]	J. Dean, G. S. Corrado, R. Monga, et al., “Large scale distributed deep networks,” in Proceedings of the 25th International Conference on Neural Information Processing Systems, Lake Tahoe, NV, USA, pp.1223–1231, 2012.
[17]	A. Damiani, M. Vallati, R. Gatta, et al., “Distributed learning to protect privacy in multi-centric clinical studies,” in Proceedings of the 15th Conference on Artificial Intelligence in Medicine, Pavia, Italy, pp.65–75, 2015.
[18]	V. Rastogi and S. Nath, “Differentially private aggregation of distributed time-series with transformation and encryption,” in Proceedings of the 2010 ACM SIGMOD International Conference on Management of Data, Indianapolis, IN, USA, pp.735–746, 2010.
[19]	S. Halevi, Y. Lindell, and B. Pinkas, “Secure computation on the web: Computing without simultaneous interaction,” in Proceedings of the 31st Annual Cryptology Conference on Advances in Cryptology, Santa Barbara, CA, USA, pp.132–150, 2011.
[20]	S. Kadhe, N. Rajaraman, O. O. Koyluoglu, et al., “FastSecAgg: Scalable secure aggregation for privacy-preserving federated learning,” arXiv preprint, arXiv: 2009.11248v1, 2020.
[21]	X. Ma, F. G. Zhang, X. F. Chen, et al., “Privacy preserving multi-party computation delegation for deep learning in cloud computing,” Information Sciences, vol.459, pp.103–116, 2018. doi: 10.1016/j.ins.2018.05.005
[22]	L. T. Phong, Y. Aono, T. Hayashi, et al., “Privacy-preserving deep learning: Revisited and enhanced,” in Proceedings of the 8th International Conference on Applications and Techniques in Information Security, Auckland, New Zealand, pp.100–110, 2017.
[23]	D. Chai, L. Y. Wang, K. Chen, et al., “Secure federated matrix factorization,” IEEE Intelligent Systems, vol.36, no.5, pp.11–20, 2021. doi: 10.1109/MIS.2020.3014880
[24]	X. Y. Zhang, X. F. Chen, J. K. Liu, et al., “DeepPAR and DeepDPA: Privacy preserving and asynchronous deep learning for industrial IoT,” IEEE Transactions on Industrial Informatics, vol.16, no.3, pp.2081–2090, 2020. doi: 10.1109/TII.2019.2941244
[25]	E. Shi, T. H. Chan, E. G. Rieffel, et al., “Privacy-preserving aggregation of time-series data,” in Proceedings of the Network and Distributed System Security Symposium, San Diego, CA, USA, 2011.
[26]	T. H. H. Chan, E. Shi, and D. Song, “Privacy-preserving stream aggregation with fault tolerance,” in Proceedings of the 16th International Conference on Financial Cryptography and Data Security, Kralendijk, Bonaire, pp.200–214, 2012.
[27]	I. Leontiadis, K. Elkhiyaoui, M. Önen, et al., “PUDA – Privacy and unforgeability for data aggregation,” in Proceedings of 14th International Conference on Cryptology and Network Security, Marrakesh, Morocco, pp.3–18, 2015.
[28]	I. Leontiadis, K. Elkhiyaoui, and R. Molva, “Private and dynamic time-series data aggregation with trust relaxation,” in Proceedings of the 13th International Conference on Cryptology and Network Security, Heraklion, Greece, pp.305–320, 2014.
[29]	B. J. Hu, Y. C. Li, F. Fang, et al., “Lightweight-blockchain based privacy-preserving data aggregation for epidemic disease surveillance,” SCIENTIA SINICA Informationis, vol.51, no.11, pp.1885–1899, 2021. (in Chinese) doi: 10.1360/SSI-2021-0002
[30]	D. B. He, N. Kumar, S. Zeadally, et al., “Efficient and privacy-preserving data aggregation scheme for smart grid against internal adversaries,” IEEE Transactions on Smart Grid, vol.8, no.5, pp.2411–2419, 2017. doi: 10.1109/TSG.2017.2720159
[31]	J. H. Bell, K. A. Bonawitz, A. Gascón, et al., “Secure single-server aggregation with (poly)logarithmic overhead,” in Proceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security, Virtual Event USA, pp.1253–1269, 2020.
[32]	B. Choi, J. Y. Sohn, D. J. Han, et al., “Communication-computation efficient secure aggregation for federated learning,” arXiv preprint, arXiv: 2012.05433v3, 2021.
[33]	J. So, B. Güler, and A. S. Avestimehr, “Turbo-aggregate: breaking the quadratic aggregation barrier in secure federated learning,” IEEE Journal on Selected Areas in Information Theory, vol.2, no.1, pp.479–489, 2021. doi: 10.1109/JSAIT.2021.3054610
[34]	T. Jahani-Nezhad, M. A. Maddah-Ali, S. Z. Li, et al., “SwiftAgg: Communication-efficient and dropout-resistant secure aggregation for federated learning with worst-case security guarantees,” in Proceedings of the 2022 IEEE International Symposium on Information Theory (ISIT), Espoo, Finland, pp.103–108, 2022.
[35]	Z. Y. Liu, J. L. Guo, K. Y. Lam, et al., “Efficient dropout-resilient aggregation for privacy-preserving machine learning,” IEEE Transactions on Information Forensics and Security, vol.18, pp.1839–1854, 2023. doi: 10.1109/TIFS.2022.3163592
[36]	A. Shamir, “How to share a secret,” Communications of the ACM, vol.22, no.11, pp.612–613, 1979. doi: 10.1145/359168.359176
[37]	W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol.22, no.6, pp.644–654, 1976. doi: 10.1109/TIT.1976.1055638
[38]	M. Bellare and C. Namprempre, “Authenticated encryption: relations among notions and analysis of the generic composition paradigm,” in Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security, Kyoto, Japan, pp.531–545, 2000.
[39]	O. Goldreich, Foundations of Cryptography: Volume 1. Cambridge University Press, New York, USA, 2006.
[40]	H. K. Lee, H. S. Chung, and S. R. Kim, “Memory hacking analysis in mobile devices for hybrid model of copyright protection for android Apps,” in Proceedings of the 2013 Research in Adaptive and Convergent Systems, Montreal, QC, Canada, pp.342–346, 2013.
[41]	R. Canetti and H. Krawczyk, “Analysis of key-exchange protocols and their use for building secure channels,” in Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques, Innsbruck, Austria, pp.453–474, 2001.
[42]	H. B. Tian, Y. Zhan, and Y. M. Wang, “Analysis of host authentication mechanism in current pod copy protection system,” IEEE Transactions on Consumer Electronics, vol.51, no.3, pp.922–924, 2005. doi: 10.1109/TCE.2005.1510504
[43]	P. Kairouz, Z. Y. Liu, and T. Steinke, “The distributed discrete Gaussian mechanism for federated learning with secure aggregation”, in Proceedings of the 38th International Conference on Machine Learning, ML Research Press (Publisher), pp.5201–5212, 2021.
[44]	W. B. Mao, Modern Cryptography: Theory and Practice, Prentice Hall, Upper Saddle River, NJ, USA, pp.397–409, 2003.
[45]	M. Dworkin, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC. Gaithersburg: NIST, 2007.