Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption
Federated learning, as one of the three main technical routes for privacy computing, has been widely studied and applied in both academia and industry. However, malicious nodes may tamper with the algorithm execution process or submit false learning results, which directly affects the performance of...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2023-11-01
|
| Series: | Entropy |
| Subjects: | |
| Online Access: | https://www.mdpi.com/1099-4300/25/11/1550 |
| _version_ | 1827639896864456704 |
|---|---|
| author | Bingxue Zhang Guangguang Lu Pengpeng Qiu Xumin Gui Yang Shi |
| author_facet | Bingxue Zhang Guangguang Lu Pengpeng Qiu Xumin Gui Yang Shi |
| author_sort | Bingxue Zhang |
| collection | DOAJ |
| description | Federated learning, as one of the three main technical routes for privacy computing, has been widely studied and applied in both academia and industry. However, malicious nodes may tamper with the algorithm execution process or submit false learning results, which directly affects the performance of federated learning. In addition, learning nodes can easily obtain the global model. In practical applications, we would like to obtain the federated learning results only by the demand side. Unfortunately, no discussion on protecting the privacy of the global model is found in the existing research. As emerging cryptographic tools, the zero-knowledge virtual machine (ZKVM) and homomorphic encryption provide new ideas for the design of federated learning frameworks. We have introduced ZKVM for the first time, creating learning nodes as local computing provers. This provides execution integrity proofs for multi-class machine learning algorithms. Meanwhile, we discuss how to generate verifiable proofs for large-scale machine learning tasks under resource constraints. In addition, we implement the fully homomorphic encryption (FHE) scheme in ZKVM. We encrypt the model weights so that the federated learning nodes always collaborate in the ciphertext space. The real results can be obtained only after the demand side decrypts them using the private key. The innovativeness of this paper is demonstrated in the following aspects: 1. We introduce the ZKVM for the first time, which achieves zero-knowledge proofs (ZKP) for machine learning tasks with multiple classes and arbitrary scales. 2. We encrypt the global model, which protects the model privacy during local computation and transmission. 3. We propose and implement a new federated learning framework. We measure the verification costs under different federated learning rounds on the IRIS dataset. Despite the impact of homomorphic encryption on computational accuracy, the framework proposed in this paper achieves a satisfactory 90% model accuracy. Our framework is highly secure and is expected to further improve the overall efficiency as cryptographic tools continue to evolve. |
| first_indexed | 2024-03-09T16:50:28Z |
| format | Article |
| id | doaj.art-0d614a2f25804651a092c8e39392304a |
| institution | Directory Open Access Journal |
| issn | 1099-4300 |
| language | English |
| last_indexed | 2024-03-09T16:50:28Z |
| publishDate | 2023-11-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Entropy |
| spelling | doaj.art-0d614a2f25804651a092c8e39392304a2023-11-24T14:41:05ZengMDPI AGEntropy1099-43002023-11-012511155010.3390/e25111550Advancing Federated Learning through Verifiable Computations and Homomorphic EncryptionBingxue Zhang0Guangguang Lu1Pengpeng Qiu2Xumin Gui3Yang Shi4School of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology, Shanghai 200093, ChinaSchool of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology, Shanghai 200093, ChinaSchool of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology, Shanghai 200093, ChinaSchool of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology, Shanghai 200093, ChinaSchool of Optical-Electrical and Computer Engineering, University of Shanghai for Science and Technology, Shanghai 200093, ChinaFederated learning, as one of the three main technical routes for privacy computing, has been widely studied and applied in both academia and industry. However, malicious nodes may tamper with the algorithm execution process or submit false learning results, which directly affects the performance of federated learning. In addition, learning nodes can easily obtain the global model. In practical applications, we would like to obtain the federated learning results only by the demand side. Unfortunately, no discussion on protecting the privacy of the global model is found in the existing research. As emerging cryptographic tools, the zero-knowledge virtual machine (ZKVM) and homomorphic encryption provide new ideas for the design of federated learning frameworks. We have introduced ZKVM for the first time, creating learning nodes as local computing provers. This provides execution integrity proofs for multi-class machine learning algorithms. Meanwhile, we discuss how to generate verifiable proofs for large-scale machine learning tasks under resource constraints. In addition, we implement the fully homomorphic encryption (FHE) scheme in ZKVM. We encrypt the model weights so that the federated learning nodes always collaborate in the ciphertext space. The real results can be obtained only after the demand side decrypts them using the private key. The innovativeness of this paper is demonstrated in the following aspects: 1. We introduce the ZKVM for the first time, which achieves zero-knowledge proofs (ZKP) for machine learning tasks with multiple classes and arbitrary scales. 2. We encrypt the global model, which protects the model privacy during local computation and transmission. 3. We propose and implement a new federated learning framework. We measure the verification costs under different federated learning rounds on the IRIS dataset. Despite the impact of homomorphic encryption on computational accuracy, the framework proposed in this paper achieves a satisfactory 90% model accuracy. Our framework is highly secure and is expected to further improve the overall efficiency as cryptographic tools continue to evolve.https://www.mdpi.com/1099-4300/25/11/1550federated learningzero-knowledge virtual machinehomomorphic encryptionverifiabilitymodel privacy |
| spellingShingle | Bingxue Zhang Guangguang Lu Pengpeng Qiu Xumin Gui Yang Shi Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption Entropy federated learning zero-knowledge virtual machine homomorphic encryption verifiability model privacy |
| title | Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption |
| title_full | Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption |
| title_fullStr | Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption |
| title_full_unstemmed | Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption |
| title_short | Advancing Federated Learning through Verifiable Computations and Homomorphic Encryption |
| title_sort | advancing federated learning through verifiable computations and homomorphic encryption |
| topic | federated learning zero-knowledge virtual machine homomorphic encryption verifiability model privacy |
| url | https://www.mdpi.com/1099-4300/25/11/1550 |
| work_keys_str_mv | AT bingxuezhang advancingfederatedlearningthroughverifiablecomputationsandhomomorphicencryption AT guangguanglu advancingfederatedlearningthroughverifiablecomputationsandhomomorphicencryption AT pengpengqiu advancingfederatedlearningthroughverifiablecomputationsandhomomorphicencryption AT xumingui advancingfederatedlearningthroughverifiablecomputationsandhomomorphicencryption AT yangshi advancingfederatedlearningthroughverifiablecomputationsandhomomorphicencryption |