Cryptanalysis and Improvement of DeepPAR: Privacy-Preserving and Asynchronous Deep Learning for Industrial IoT

Abstract

Industrial Internet of Things (IIoT) is gradually changing the mode of traditional industries with the rapid development of big data. Besides, thanks to the development of deep learning, it can be used to extract useful knowledge from the large amount of data in the IIoT to help improve production and service quality. However, the lack of large-scale data sets will lead to low performance and overfitting of learning models. Therefore, federated deep learning with distributed data sets has been proposed. Nevertheless, the research has shown that federated learning can also leak the private data of participants. In IIoT, once the privacy of participants in some special application scenarios is leaked, it will directly affect national security and people’s lives, such as smart power grid and smart medical care. At present, several privacy-preserving federated learning schemes have been proposed to preserve data privacy of participants, but security issues prevent them from being fully applied. In this article, we analyze the security of the DeepPAR scheme proposed by Zhang et al., and point out that the scheme is insecure in the re-encryption key generation process, which will cause the leakage of the secret key of participants or the proxy server. In addition, the scheme is not resistant to collusion attacks between the parameter server and participants. Based on this, we propose an improved scheme. The security proof shows that the improved scheme solves the security problem of the original scheme and is resistant to collusion attacks. Finally, the security and accuracy of the scheme is illustrated by performance analysis.