Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Lotto: Secure Participant Selection against Adversarial Servers in Federated Learning

Zhifeng Jiang, Peng Ye, Shiqi He, Wei Wang, Ruichuan Chen, Bo Li

TL;DR

Lotto, an FL system that addresses this fundamental, yet underexplored issue by providing secure participant selection against an adversarial server, and achieves time-to-accuracy performance comparable to that of insecure selection methods, indicating a low computational overhead for secure selection.

Abstract

In Federated Learning (FL), common privacy-enhancing techniques, such as secure aggregation and distributed differential privacy, rely on the critical assumption of an honest majority among participants to withstand various attacks. In practice, however, servers are not always trusted, and an adversarial server can strategically select compromised clients to create a dishonest majority, thereby undermining the system's security guarantees. In this paper, we present Lotto, an FL system that addresses this fundamental, yet underexplored issue by providing secure participant selection against an adversarial server. Lotto supports two selection algorithms: random and informed. To ensure random selection without a trusted server, Lotto enables each client to autonomously determine their participation using verifiable randomness. For informed selection, which is more vulnerable to manipulation, Lotto approximates the algorithm by employing random selection within a refined client pool. Our theoretical analysis shows that Lotto effectively aligns the proportion of server-selected compromised participants with the base rate of dishonest clients in the population. Large-scale experiments further reveal that Lotto achieves time-to-accuracy performance comparable to that of insecure selection methods, indicating a low computational overhead for secure selection.

Lotto: Secure Participant Selection against Adversarial Servers in Federated Learning

TL;DR

Lotto, an FL system that addresses this fundamental, yet underexplored issue by providing secure participant selection against an adversarial server, and achieves time-to-accuracy performance comparable to that of insecure selection methods, indicating a low computational overhead for secure selection.

Abstract

In Federated Learning (FL), common privacy-enhancing techniques, such as secure aggregation and distributed differential privacy, rely on the critical assumption of an honest majority among participants to withstand various attacks. In practice, however, servers are not always trusted, and an adversarial server can strategically select compromised clients to create a dishonest majority, thereby undermining the system's security guarantees. In this paper, we present Lotto, an FL system that addresses this fundamental, yet underexplored issue by providing secure participant selection against an adversarial server. Lotto supports two selection algorithms: random and informed. To ensure random selection without a trusted server, Lotto enables each client to autonomously determine their participation using verifiable randomness. For informed selection, which is more vulnerable to manipulation, Lotto approximates the algorithm by employing random selection within a refined client pool. Our theoretical analysis shows that Lotto effectively aligns the proportion of server-selected compromised participants with the base rate of dishonest clients in the population. Large-scale experiments further reveal that Lotto achieves time-to-accuracy performance comparable to that of insecure selection methods, indicating a low computational overhead for secure selection.
Paper Structure (23 sections, 5 theorems, 16 equations, 9 figures, 3 tables)

This paper contains 23 sections, 5 theorems, 16 equations, 9 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Background and Motivation
  3. Federated Learning
  4. Enhancing Data Privacy in FL
  5. Privacy Loopholes in Common Defenses
  6. Lotto: Secure Participant Selection
  7. The Participant Selection Problem
  8. Threat Model
  9. Cryptographic Primitives
  10. Secure Random Selection
  11. Secure Informed Selection
  12. Security Analysis
  13. Implementation
  14. Evaluation
  15. Methodology
  16. ...and 8 more sections

Key Result

Theorem 1

Using an over-selection factor $\alpha>0$, the described process in Lotto results in at least $s$ candidates with probability of $1 - \sum_{i = 0}^{s - 1} \binom{n_{true}}{i} p^i (1-p)^{n_{true} - i}$ where $p = \alpha s /n$ and $n_{true}$ and $n$ is the actual size of the population and that used b

Figures (9)

  • Figure 1: Example impacts of dishonest majority.
  • Figure 2: A small over-selection factor ($\alpha$) suffices in practice.
  • Figure 4: Lotto excels in approximating the original algorithm when the majority of the initial population is "good".
  • Figure 5: The maximum exclusion scale $d$ that allows to achieve a target base rate of dishonest clients in the refined population ($c/n$) given various initial base rates ($c_{init}/n_{init}$).
  • Figure 6: Lotto's random selection effectively prevents arbitrary manipulation by the server in practical settings (\ref{['sec:design_security']}).
  • ...and 4 more figures

Theorems & Definitions (9)

  • Theorem 1: Effectiveness of Over-Selection
  • Theorem 2: Security of Random Selection
  • Corollary 1: Bounded Failure Probability in SecAgg bonawitz2017practical
  • Corollary 2: Controlled Privacy Cost in Distributed DP, I
  • proof
  • proof
  • proof
  • Corollary 3: Controlled Privacy Cost in Distributed DP, II
  • proof