Secure Aggregation in Federated Learning using Multiparty Homomorphic Encryption
Erfan Hosseini, Shuangyi Chen, Ashish Khisti
TL;DR
This work tackles secure aggregation in federated learning by extending multiparty homomorphic encryption (MPHE) with a Shamir-based secret-sharing setup that enables decryption from any threshold of $k$ out of $N$ clients, addressing client dropouts and new joiners. The Robust Secure Aggregation (RSA) framework couples a one-time setup with a collaborative decryption phase and introduces a smudging noise mechanism to preserve security during aggregation. It further integrates a gradient compression scheme that reduces encryption and communication costs while providing convergence guarantees, enabling scalable training with large gradient vectors. Theoretical analysis provides correctness bounds and semi-honest security proofs, and experiments show linear scalability and favorable performance compared to existing baselines, especially when combined with compression. The approach offers practical secure aggregation for cross-device FL with dynamic participation and manageable overhead.
Abstract
A key operation in federated learning is the aggregation of gradient vectors generated by individual client nodes. We develop a method based on multiparty homomorphic encryption (MPHE) that enables the central node to compute this aggregate, while receiving only encrypted version of each individual gradients. Towards this end, we extend classical MPHE methods so that the decryption of the aggregate vector can be successful even when only a subset of client nodes are available. This is accomplished by introducing a secret-sharing step during the setup phase of MPHE when the public encryption key is generated. We develop conditions on the parameters of the MPHE scheme that guarantee correctness of decryption and (computational) security. We explain how our method can be extended to accommodate client nodes that do not participate during the setup phase. We also propose a compression scheme for gradient vectors at each client node that can be readily combined with our MPHE scheme and perform the associated convergence analysis. We discuss the advantages of our proposed scheme with other approaches based on secure multi-party computation. Finally we discuss a practical implementation of our system, compare the performance of our system with different approaches, and demonstrate that by suitably combining compression with encryption the overhead over baseline schemes is rather small.