Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Confidential Federated Computations

Hubert Eichner, Daniel Ramage, Kallista Bonawitz, Dzmitry Huba, Tiziano Santoro, Brett McLarnon, Timon Van Overveldt, Nova Fallen, Peter Kairouz, Albert Cheu, Katharine Daly, Adria Gascon, Marco Gruteser, Brendan McMahan

TL;DR

This work addresses privacy challenges in federated learning and analytics by proposing Confidential Federated Computations, a TEEs-based architecture with an external-verifiability ledger. It combines data access policies, cryptographic erasure, and open-source components to prove to participants that server-side processing complies with pre-approved privacy guarantees, notably differential privacy, while defending against Sybil and other attacks. The framework introduces a ledger-as-key-unwrapper, a chain-of-trust across TEEs, and DP-friendly server-side computation primitives, enabling scalable, verifiable privacy for both open-set heavy hitters and cross-device/federated learning workflows. The approach aims to close gaps left by prior DP-only or SMPC-based schemes, offering stronger trust, portability, and potential for larger models, though it identifies open problems in scalability, side channels, and integration with SMPC for defense-in-depth in future work.

Abstract

Federated Learning and Analytics (FLA) have seen widespread adoption by technology platforms for processing sensitive on-device data. However, basic FLA systems have privacy limitations: they do not necessarily require anonymization mechanisms like differential privacy (DP), and provide limited protections against a potentially malicious service provider. Adding DP to a basic FLA system currently requires either adding excessive noise to each device's updates, or assuming an honest service provider that correctly implements the mechanism and only uses the privatized outputs. Secure multiparty computation (SMPC) -based oblivious aggregations can limit the service provider's access to individual user updates and improve DP tradeoffs, but the tradeoffs are still suboptimal, and they suffer from scalability challenges and susceptibility to Sybil attacks. This paper introduces a novel system architecture that leverages trusted execution environments (TEEs) and open-sourcing to both ensure confidentiality of server-side computations and provide externally verifiable privacy properties, bolstering the robustness and trustworthiness of private federated computations.

Confidential Federated Computations

TL;DR

This work addresses privacy challenges in federated learning and analytics by proposing Confidential Federated Computations, a TEEs-based architecture with an external-verifiability ledger. It combines data access policies, cryptographic erasure, and open-source components to prove to participants that server-side processing complies with pre-approved privacy guarantees, notably differential privacy, while defending against Sybil and other attacks. The framework introduces a ledger-as-key-unwrapper, a chain-of-trust across TEEs, and DP-friendly server-side computation primitives, enabling scalable, verifiable privacy for both open-set heavy hitters and cross-device/federated learning workflows. The approach aims to close gaps left by prior DP-only or SMPC-based schemes, offering stronger trust, portability, and potential for larger models, though it identifies open problems in scalability, side channels, and integration with SMPC for defense-in-depth in future work.

Abstract

Federated Learning and Analytics (FLA) have seen widespread adoption by technology platforms for processing sensitive on-device data. However, basic FLA systems have privacy limitations: they do not necessarily require anonymization mechanisms like differential privacy (DP), and provide limited protections against a potentially malicious service provider. Adding DP to a basic FLA system currently requires either adding excessive noise to each device's updates, or assuming an honest service provider that correctly implements the mechanism and only uses the privatized outputs. Secure multiparty computation (SMPC) -based oblivious aggregations can limit the service provider's access to individual user updates and improve DP tradeoffs, but the tradeoffs are still suboptimal, and they suffer from scalability challenges and susceptibility to Sybil attacks. This paper introduces a novel system architecture that leverages trusted execution environments (TEEs) and open-sourcing to both ensure confidentiality of server-side computations and provide externally verifiable privacy properties, bolstering the robustness and trustworthiness of private federated computations.
Paper Structure (62 sections, 4 figures)

This paper contains 62 sections, 4 figures.

Table of Contents

  1. Introduction
  2. Threat Model
  3. Potential Adversaries and Capabilities
  4. Data scientists
  5. Data access policy author
  6. Other end users
  7. Platform software author
  8. Platform software operator
  9. Data center operator
  10. Approach: Distributed Trust, Trusted Execution Environments, and Hardware Manufacturers
  11. Related Work
  12. Architecture
  13. General Design Principles
  14. Data anonymization
  15. Data minimization
  16. ...and 47 more sections

Figures (4)

  • Figure : High level overview of client, TEE, and server data process in proposed architecture.
  • Figure : An example access policy for the pipeline in figure \ref{['fig:overview']} allowing the initial data to be processed first by a TEE that performs a SELECT operation, then by a TEE that implements a DP sum with $\varepsilon \leq 1$ and $\delta \leq 10^{-15}$. Each stage may only access the data once, and no other access is allowed. Data (gray) and transformations (green) with a "lock" icon are inaccessible to the system operator, assuming correct ledger and TEE functionality.
  • Figure : Ordering of DP operations relative to proprietary code and example Private Heavy Hitters application which will be discussed in \ref{['sec:differentially_private_heavy_hitters']}.
  • Figure : The proposed architecture uses a Federated Program to orchestrate round progression instead of a Coordinator.