Robust Secure Aggregation with Lightweight Verification for Federated Learning

Abstract

Verifiable secure aggregation (VSA) is a critical procedure in federated learning (FL), where secure aggregation achieves local gradients aggregation while data confidentiality is preserved, and verifiability enables participants to verify the correctness of aggregated results returned by a central server (CS). Most of existing solutions for VSA employ cumbersome cryptographic primitives and techniques (e.g., homomorphic encryption, bilinear pairing, interactive proof systems), which impose high communication round complexity and computational costs on participants or CS. Besides, user dropouts occur commonly in cross-device FL as a result of unstable network connection, it is demanded to design particular mechanism to deal with such events. In this paper, we present a robust secure aggregation scheme with lightweight verification for FL, by utilizing Shamir’s secret sharing technique to design a random masking code to protect the confidentiality of local gradients and achieve resilience to possible user dropout. To support verifiability upon aggregation, we extend a multi-key homomorphic MAC to achieve verification over gradient vector space. We provide security analysis to show that our scheme can protect data confidentiality against collusion attacks, meanwhile ensure the verifiable results are unforgeable under the assumption pseudorandom functions exist. We implement our scheme to verify its correctness and feasibility, performance evaluation shows its advantages in terms of efficiency and functionality.