Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

On Securing Analog Lagrange Coded Computing from Colluding Adversaries

Rimpi Borah, J. Harshan

TL;DR

This work addresses securing Analog Lagrange Coded Computing (ALCC) from adversarial workers, including colluding ones, by leveraging Discrete Fourier Transform (DFT) codes for error correction and analyzing finite-precision effects. It introduces independent and joint error localization strategies to mitigate adversarial perturbations, and demonstrates that precision noise can influence the optimal attack strategy, showing that not all adversaries should inject noise to degrade accuracy. The paper further models strongly and weakly colluding attacks to optimize how adversaries inject errors, deriving explicit strategies and their impact on decoder performance. Overall, it presents the first comprehensive analysis of colluding adversaries in ALCC and proposes robust decoding approaches that improve end-to-end accuracy in adversarial and finite-precision settings, while outlining attack strategies that inform defense requirements.

Abstract

Analog Lagrange Coded Computing (ALCC) is a recently proposed coded computing paradigm wherein certain computations over analog datasets can be efficiently performed using distributed worker nodes through floating point implementation. While ALCC is known to preserve privacy of data from the workers, it is not resilient to adversarial workers that return erroneous computation results. Pointing at this security vulnerability, we focus on securing ALCC from a wide range of non-colluding and colluding adversarial workers. As a foundational step, we make use of error-correction algorithms for Discrete Fourier Transform (DFT) codes to build novel algorithms to nullify the erroneous computations returned from the adversaries. Furthermore, when such a robust ALCC is implemented in practical settings, we show that the presence of precision errors in the system can be exploited by the adversaries to propose novel colluding attacks to degrade the computation accuracy. As the main takeaway, we prove a counter-intuitive result that not all the adversaries should inject noise in their computations in order to optimally degrade the accuracy of the ALCC framework. This is the first work of its kind to address the vulnerability of ALCC against colluding adversaries.

On Securing Analog Lagrange Coded Computing from Colluding Adversaries

TL;DR

This work addresses securing Analog Lagrange Coded Computing (ALCC) from adversarial workers, including colluding ones, by leveraging Discrete Fourier Transform (DFT) codes for error correction and analyzing finite-precision effects. It introduces independent and joint error localization strategies to mitigate adversarial perturbations, and demonstrates that precision noise can influence the optimal attack strategy, showing that not all adversaries should inject noise to degrade accuracy. The paper further models strongly and weakly colluding attacks to optimize how adversaries inject errors, deriving explicit strategies and their impact on decoder performance. Overall, it presents the first comprehensive analysis of colluding adversaries in ALCC and proposes robust decoding approaches that improve end-to-end accuracy in adversarial and finite-precision settings, while outlining attack strategies that inform defense requirements.

Abstract

Analog Lagrange Coded Computing (ALCC) is a recently proposed coded computing paradigm wherein certain computations over analog datasets can be efficiently performed using distributed worker nodes through floating point implementation. While ALCC is known to preserve privacy of data from the workers, it is not resilient to adversarial workers that return erroneous computation results. Pointing at this security vulnerability, we focus on securing ALCC from a wide range of non-colluding and colluding adversarial workers. As a foundational step, we make use of error-correction algorithms for Discrete Fourier Transform (DFT) codes to build novel algorithms to nullify the erroneous computations returned from the adversaries. Furthermore, when such a robust ALCC is implemented in practical settings, we show that the presence of precision errors in the system can be exploited by the adversaries to propose novel colluding attacks to degrade the computation accuracy. As the main takeaway, we prove a counter-intuitive result that not all the adversaries should inject noise in their computations in order to optimally degrade the accuracy of the ALCC framework. This is the first work of its kind to address the vulnerability of ALCC against colluding adversaries.
Paper Structure (10 sections, 7 theorems, 8 equations, 2 figures)

This paper contains 10 sections, 7 theorems, 8 equations, 2 figures.

Table of Contents

  1. Introduction
  2. Background on ALCC
  3. Encoding in ALCC
  4. Decoding in ALCC
  5. ALCC with Adversarial Workers
  6. On Independent Error Localization using DFT Decoder
  7. On Joint Error Localization using DFT Decoder
  8. Optimized Colluding Attacks on ALCC
  9. Strongly Colluding Attack
  10. Weakly Colluding Attack

Key Result

Proposition 1

ShH For an ALCC setting with parameters N and $K = (k+t-1)D + 1$, the erroneous computations returned by the $A$ adversarial workers can be nullified as long as $A \leq v \triangleq \lfloor \frac{N-K}{2}\rfloor$ and the floating-point operations of ALCC have infinite precision.

Figures (2)

  • Figure 1: Average relative error (in dB scale) of ALCC with parameters $N = 31, K = 15, \beta = 1.5, t = 3, \sigma = 10^6$ with and without the DFT decoders in the presence of adversarial workers. Here, the non-zero entries of adversarial matrices $\{\mathbf{E}_{i_{a}}\}$ are i.i.d as $\mathcal{CN}(10, 10^3)$.
  • Figure 2: Average relative error (in dB scale) of ALCC against strongly and weakly colluding attacks for $N = 31, K = 15$, $\sigma^{2}_{p} = 0.01$. For the strongly colluding case, the first row of $\mathbf{B}_{eff}$ has all ones, whereas the other rows have variable number of ones. For the weakly-colluding case, using $p^{*} = 0.257$ provides the worst-case accuracy for constraint length 8 as pointed above.

Theorems & Definitions (7)

  • Proposition 1
  • Theorem 1
  • Corollary 1
  • Proposition 2
  • Lemma 1
  • Proposition 3
  • Proposition 4