Integrating Identity-Based Identification against Adaptive Adversaries in Federated Learning

TL;DR

This work tackles the vulnerability of Federated Learning to adaptive adversaries, specifically Reconnecting Malicious Clients, by integrating Identity-Based Identification at the aggregator. Using the TNC-IBI scheme over elliptic curves, the authors authenticate clients to prevent re-entry after disconnection and test this with two secure aggregation methods, Krum and Trimmed Mean. Experimental results show that IBI markedly improves robustness against RMCs, achieving final accuracies around 0.74 with Krum and 0.746 with Trimmed Mean, while maintaining consistent training. The paper discusses broader implications, including reputation-based defenses, IoT constraints, and extensions to decentralized FL, underscoring the need for holistic, proactive security against evolving adaptive threats.

Abstract

Federated Learning (FL) has recently emerged as a promising paradigm for privacy-preserving, distributed machine learning. However, FL systems face significant security threats, particularly from adaptive adversaries capable of modifying their attack strategies to evade detection. One such threat is the presence of Reconnecting Malicious Clients (RMCs), which exploit FLs open connectivity by reconnecting to the system with modified attack strategies. To address this vulnerability, we propose integration of Identity-Based Identification (IBI) as a security measure within FL environments. By leveraging IBI, we enable FL systems to authenticate clients based on cryptographic identity schemes, effectively preventing previously disconnected malicious clients from re-entering the system. Our approach is implemented using the TNC-IBI (Tan-Ng-Chin) scheme over elliptic curves to ensure computational efficiency, particularly in resource-constrained environments like Internet of Things (IoT). Experimental results demonstrate that integrating IBI with secure aggregation algorithms, such as Krum and Trimmed Mean, significantly improves FL robustness by mitigating the impact of RMCs. We further discuss the broader implications of IBI in FL security, highlighting research directions for adaptive adversary detection, reputation-based mechanisms, and the applicability of identity-based cryptographic frameworks in decentralized FL architectures. Our findings advocate for a holistic approach to FL security, emphasizing the necessity of proactive defence strategies against evolving adaptive adversarial threats.

Figures (5)

• Figure 1: Example IBI protocol.
• Figure 2: Implementation of our solution reproducing TNC-IBI protocol chia_pairing-free_2021 over elliptic curves.
• Figure 3: Command-line output for the FL aggregator showcasing parameter generation and authentication control.
• Figure 4: Command-line output for one of the clients showcasing client-side process for authentication in accordance with our proposed solution.
• Figure 5: Results for Gaussian Noise and ALIE attacks against two sets of simulations, one including only secure aggregation algorithms, the other with TNC-IBI implement over the FL environment. Showcasing the severity of RMC’s when no defences are present and effectiveness of TNC-IBI as a solution.