Byzantine-Resilient Secure Aggregation for Federated Learning Without Privacy Compromises
This addresses security and privacy risks in federated learning for applications like healthcare or finance, offering a novel solution with strong guarantees.
The paper tackles the problem of ensuring privacy and security in federated learning by proposing ByITFL, a scheme that provides resilience against Byzantine users while maintaining full information-theoretic privacy, achieving this without compromising data confidentiality from the federator or other users.
Federated learning (FL) shows great promise in large scale machine learning, but brings new risks in terms of privacy and security. We propose ByITFL, a novel scheme for FL that provides resilience against Byzantine users while keeping the users' data private from the federator and private from other users. The scheme builds on the preexisting non-private FLTrust scheme, which tolerates malicious users through trust scores (TS) that attenuate or amplify the users' gradients. The trust scores are based on the ReLU function, which we approximate by a polynomial. The distributed and privacy-preserving computation in ByITFL is designed using a combination of Lagrange coded computing, verifiable secret sharing and re-randomization steps. ByITFL is the first Byzantine resilient scheme for FL with full information-theoretic privacy.