SAFELearn: Secure Aggregation for private FEderated Learning

No Thumbnail Available
Journal Title
Journal ISSN
Volume Title
Conference article in proceedings
Date
2021-05
Major/Subject
Mcode
Degree programme
Language
en
Pages
7
56-62
Series
Proceedings - 2021 IEEE Symposium on Security and Privacy Workshops, SPW 2021
Abstract
Federated learning (FL) is an emerging distributed machine learning paradigm which addresses critical data privacy issues in machine learning by enabling clients, using an aggregation server (aggregator), to jointly train a global model without revealing their training data thereby, it improves not only privacy but is also efficient as it uses the computation power and data of potentially millions of clients for training in parallel. However, FL is vulnerable to so-called inference attacks by malicious aggregators which can infer information about clients' data from their model updates. Secure aggregation restricts the central aggregator to only learn the summation or average of the updates of clients. Unfortunately, existing protocols for secure aggregation for FL suffer from high communication, computation, and many communication rounds.In this work, we present SAFELearn, a generic design for efficient private FL systems that protects against inference attacks that have to analyze individual clients' model updates using secure aggregation. It is flexibly adaptable to the efficiency and security requirements of various FL applications and can be instantiated with MPC or FHE. In contrast to previous works, we only need 2 rounds of communication in each training iteration, do not use any expensive cryptographic primitives on clients, tolerate dropouts, and do not rely on a trusted third party. We implement and benchmark an instantiation of our generic design with secure two-party computation. Our implementation aggregates 500 models with more than 300K parameters in less than 0.5 seconds.
Description
| openaire: EC/H2020/786641/EU//SHERPA Funding Information: Acknowledgements. This project received funding from the European Research Council (ERC) under the European Union’s Horizon 2020 research and innovation program (grant agreement No. 850990 PSOTI), was co-funded by the DFG — SFB 1119 CROSSING/236615297 and GRK 2050 Privacy & Trust/251805230, and by the BMBF and HMWK within ATHENE. It was partially funded by the European Commission through the SHERPA Horizon 2020 project under grant agreement No. 786641. It was partially funded by the Private AI Collaborative Research Institute (PrivateAI) established by Intel, Avast, and Borsetta. Publisher Copyright: © 2021 IEEE.
Keywords
Data Privacy, Federated Learning, Inference Attacks, Secure Computation
Other note
Citation
Fereidooni, H, Marchal, S, Miettinen, M, Mirhoseini, A, Mollering, H, Nguyen, T D, Rieger, P, Sadeghi, A R, Schneider, T, Yalame, H & Zeitouni, S 2021, SAFELearn: Secure Aggregation for private FEderated Learning . in Proceedings - 2021 IEEE Symposium on Security and Privacy Workshops, SPW 2021 ., 9474309, IEEE, pp. 56-62, IEEE Symposium on Security and Privacy, San Francisco, California, United States, 24/05/2021 . https://doi.org/10.1109/SPW53761.2021.00017