PQBFL: A Post-Quantum Blockchain-based Protocol for Federated Learning

TL;DR

PQBFL tackles quantum-era security in Federated Learning by integrating post-quantum cryptography with blockchain to provide confidential, authenticated, and auditable collaborative training. It introduces a dual-layer architecture with off-chain model transfers and on-chain transaction records, leveraging a ratcheting mechanism to achieve forward secrecy and post-compromise security across rounds. The protocol uses Kyber KEM and ECDH for key exchange, HKDF-derived chain keys, and signatures for integrity, while blockchain smart contracts support registrations and task management. The results indicate feasible computation and communication overheads and demonstrate resilience to common FL security threats, with future work aiming at post-quantum homomorphic techniques to further enhance privacy.

Abstract

One of the goals of Federated Learning (FL) is to collaboratively train a global model using local models from remote participants. However, the FL process is susceptible to various security challenges, including interception and tampering models, information leakage through shared gradients, and privacy breaches that expose participant identities or data, particularly in sensitive domains such as medical environments. Furthermore, the advent of quantum computing poses a critical threat to existing cryptographic protocols through the Shor and Grover algorithms, causing security concerns in the communication of FL systems. To address these challenges, we propose a Post-Quantum Blockchain-based protocol for Federated Learning (PQBFL) that utilizes post-quantum cryptographic (PQC) algorithms and blockchain to enhance model security and participant identity privacy in FL systems. It employs a hybrid communication strategy that combines off-chain and on-chain channels to optimize cost efficiency, improve security, and preserve participant privacy while ensuring accountability for reputation-based authentication in FL systems. The PQBFL specifically addresses the security requirement for the iterative nature of FL, which is a less notable point in the literature. Hence, it leverages ratcheting mechanisms to provide forward secrecy and post-compromise security during all the rounds of the learning process. In conclusion, PQBFL provides a secure and resilient solution for federated learning that is well-suited to the quantum computing era.

Figures (9)

• Figure 1: Federated learning architecture
• Figure 2: The proposed federated learning architecture
• Figure 3: Sequence diagram for registration and session key establishment.
• Figure 4: Sequence diagram for the send and receive model in a single training round.
• Figure 5: Illustration of PQBFL key exchange, encapsulation, decapsulation and derivation processes for different FL training rounds, $r$. Initially, Bob and Alice send public keys (ECDH key pairs, KEM key pair), which leads to the first asymmetric ratcheting and generation of the first root key $RK_{j}$. Then, given $L_{j}=9$, nine distinct keys (model key) are consecutively derived for each model round using symmetric ratcheting, $KDF_{S}$. The second asymmetric ratcheting is trigger by Bob again to derive the model keys for the $10$-th round in Bob and Alice party.