AbstractWith the continuous development of the internet of things (IoT), federated learning is being widely applied. This technology keeps data locally to protect data security. However, during the process of uploading gradients from local clients, there is a possibility of leaking sensitive information such as identities. To address this issue, this paper presents a secure and efficient anonymous federated learning framework. In our proposed, we first design a lightweight key‐sharing protocol based on elliptic curve cryptography (ECC) to generate shared keys and ensure secure communication. We then describe the improved process of federated learning, where clients communicate with the cloud server using pseudonyms to achieve anonymity. The security of our protocol is analyzed from both formal and informal perspectives, demonstrating that our proposed protocol satisfies “session key security.” We also employ the formal verification tool ProVerif to validate the security of the protocol in terms of mutual authentication and key configuration in the Dolve–Yao threat model. Finally, the computational and communication costs of the proposed anonymous federated learning framework are evaluated, showing that both the computational and communication expenses are relatively low. A comparison was made between the proposed federated learning process and three other federated learning processes, demonstrating the clear advantages of our proposed.
Read full abstract