| With the rapid development of the big data era,machine learning and artificial intelligence have been widely used in various fields.Machine models play a crucial role in these applications,and the quality of the model depends on the quality and quantity of the data used during training.However,due to the existence of a large amount of privacy information in the data,legal restrictions on data circulation have led to the problem of data islands.Federated learning has been proposed to solve this problem,but it still faces security issues.Specifically,we propose relevant solutions to the security issues in the sample alignment,model training,and model prediction processes of federated learning:(1)A multi-party secure sample alignment scheme.Sample alignment is a prerequisite step in federated learning that ensures the correct training of models.Its goal is for multiple parties to obtain the intersection between their samples without revealing data privacy.Among existing multi-party sample alignment protocols,KMPRT is one of the most classic protocols,which uses oblivious programmable pseudorandom functions(OPPRF)to achieve multi-party privacy-preserving set intersection.However,they usually use an oblivious pseudorandom function(OPRF)to generate pseudo-random numbers,which requires a lot of online interaction.To avoid this frequent interaction,we propose a new multi-party sample alignment protocol based on zero-secret sharing(ZS)and garbled Bloom filters(GBF)technology.Our protocol eliminates frequent interaction,greatly reduces communication and computational costs,and can be effectively applied to datasets of different scales.(2)A secure verifiable model training and model prediction scheme.In federated learning,model training and prediction rely on third-party-assisted computation,which brings security and result correctness issues.During the training process,multiple data providers collaboratively train a learning model without disclosing local data.The goal is to enable multiple parties to cooperatively train a learning model while protecting data privacy and verifying the correctness of the trained model.During the prediction process,users want to use the trained model completed by a third party for prediction.The goal is to predict using the trained model without disclosing data privacy and model parameters,and to support the verification of prediction results.In both processes,we use the Paillier encryption algorithm to protect the security of the data and model parameters and add different verification factors to support the verification of the model and prediction results. |
PDF Full Text Request