Fluent: Round-efficient Secure Aggregation for Private Federated Learning
Xincheng Li, Jianting Ning, Geong Sen Poh, Leo Yu Zhang, Xinchun Yin, Tianwei Zhang
TL;DR
Fluent tackles privacy-preserving federated learning under a malicious server by delivering a round-efficient secure aggregation protocol with two novel innovations: a one-time handshake and seed-sharing phase that reuses mask shares across iterations, and a one-round consistency check that unmasked gradients only after dropout/consistency verification. It also extends to Fluent-Dynamic for dynamic client joining via hierarchical threshold secret sharing. The authors provide formal security proofs (simulation-based) and show significant efficiency gains over prior work, including reductions in client computation and communication, while maintaining dropout robustness. The approach enables scalable private FL across geographically distributed devices and mixed-resource environments, with practical implementation and evaluation on standard datasets demonstrating strong performance improvements and flexibility for dynamic participation.
Abstract
Federated learning (FL) facilitates collaborative training of machine learning models among a large number of clients while safeguarding the privacy of their local datasets. However, FL remains susceptible to vulnerabilities such as privacy inference and inversion attacks. Single-server secure aggregation schemes were proposed to address these threats. Nonetheless, they encounter practical constraints due to their round and communication complexities. This work introduces Fluent, a round and communication-efficient secure aggregation scheme for private FL. Fluent has several improvements compared to state-of-the-art solutions like Bell et al. (CCS 2020) and Ma et al. (SP 2023): (1) it eliminates frequent handshakes and secret sharing operations by efficiently reusing the shares across multiple training iterations without leaking any private information; (2) it accomplishes both the consistency check and gradient unmasking in one logical step, thereby reducing another round of communication. With these innovations, Fluent achieves the fewest communication rounds (i.e., two in the collection phase) in the malicious server setting, in contrast to at least three rounds in existing schemes. This significantly minimizes the latency for geographically distributed clients; (3) Fluent also introduces Fluent-Dynamic with a participant selection algorithm and an alternative secret sharing scheme. This can facilitate dynamic client joining and enhance the system flexibility and scalability. We implemented Fluent and compared it with existing solutions. Experimental results show that Fluent improves the computational cost by at least 75% and communication overhead by at least 25% for normal clients. Fluent also reduces the communication overhead for the server at the expense of a marginal increase in computational cost.