Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Secure Federated XGBoost with CUDA-accelerated Homomorphic Encryption via NVIDIA FLARE

Ziyue Xu, Yuan-Ting Hsieh, Zhihong Zhang, Holger R. Roth, Chester Chen, Yan Cheng, Andrew Feng

TL;DR

This work tackles privacy risks in federated XGBoost by integrating GPU-accelerated homomorphic encryption into NVIDIA FLARE to securely compute both horizontal and vertical federated XGBoost. It introduces a plugin-based architecture that couples XGBoost with HE, enabling secure aggregation over ciphertexts and providing CPU- and CUDA-accelerated implementations that deliver up to $30\times$ (vertical) speedups over prior solutions. The proposed secure patterns include horizontal and vertical histogram-based training, with inference secured by partial model sharing that preserves data ownership. The results demonstrate robust data privacy with substantial performance gains, making privacy-preserving federated XGBoost viable for high-stakes domains like fraud detection.

Abstract

Federated learning (FL) enables collaborative model training across decentralized datasets. NVIDIA FLARE's Federated XGBoost extends the popular XGBoost algorithm to both vertical and horizontal federated settings, facilitating joint model development without direct data sharing. However, the initial implementation assumed mutual trust over the sharing of intermediate gradient statistics produced by the XGBoost algorithm, leaving potential vulnerabilities to honest-but-curious adversaries. This work introduces "Secure Federated XGBoost", an efficient solution to mitigate these risks. We implement secure federated algorithms for both vertical and horizontal scenarios, addressing diverse data security patterns. To secure the messages, we leverage homomorphic encryption (HE) to protect sensitive information during training. A novel plugin and processor interface seamlessly integrates HE into the Federated XGBoost pipeline, enabling secure aggregation over ciphertexts. We present both CPU-based and CUDA-accelerated HE plugins, demonstrating significant performance gains. Notably, our CUDA-accelerated HE implementation achieves up to 30x speedups in vertical Federated XGBoost compared to existing third-party solutions. By securing critical computation steps and encrypting sensitive assets, Secure Federated XGBoost provides robust data privacy guarantees, reinforcing the fundamental benefits of federated learning while maintaining high performance.

Secure Federated XGBoost with CUDA-accelerated Homomorphic Encryption via NVIDIA FLARE

TL;DR

This work tackles privacy risks in federated XGBoost by integrating GPU-accelerated homomorphic encryption into NVIDIA FLARE to securely compute both horizontal and vertical federated XGBoost. It introduces a plugin-based architecture that couples XGBoost with HE, enabling secure aggregation over ciphertexts and providing CPU- and CUDA-accelerated implementations that deliver up to (vertical) speedups over prior solutions. The proposed secure patterns include horizontal and vertical histogram-based training, with inference secured by partial model sharing that preserves data ownership. The results demonstrate robust data privacy with substantial performance gains, making privacy-preserving federated XGBoost viable for high-stakes domains like fraud detection.

Abstract

Federated learning (FL) enables collaborative model training across decentralized datasets. NVIDIA FLARE's Federated XGBoost extends the popular XGBoost algorithm to both vertical and horizontal federated settings, facilitating joint model development without direct data sharing. However, the initial implementation assumed mutual trust over the sharing of intermediate gradient statistics produced by the XGBoost algorithm, leaving potential vulnerabilities to honest-but-curious adversaries. This work introduces "Secure Federated XGBoost", an efficient solution to mitigate these risks. We implement secure federated algorithms for both vertical and horizontal scenarios, addressing diverse data security patterns. To secure the messages, we leverage homomorphic encryption (HE) to protect sensitive information during training. A novel plugin and processor interface seamlessly integrates HE into the Federated XGBoost pipeline, enabling secure aggregation over ciphertexts. We present both CPU-based and CUDA-accelerated HE plugins, demonstrating significant performance gains. Notably, our CUDA-accelerated HE implementation achieves up to 30x speedups in vertical Federated XGBoost compared to existing third-party solutions. By securing critical computation steps and encrypting sensitive assets, Secure Federated XGBoost provides robust data privacy guarantees, reinforcing the fundamental benefits of federated learning while maintaining high performance.

Paper Structure

This paper contains 18 sections, 8 figures, 3 tables.

Table of Contents

  1. Introduction
  2. Collaboration Modes and Secure Patterns
  3. Collaboration Modes
  4. Data Split
  5. Algorithm
  6. Secure Patterns
  7. Horizontal Histogram-based
  8. Vertical Histogram-based
  9. Method Design
  10. Secure Horizontal
  11. Secure Vertical
  12. Encryption with proper HE schemes
  13. Plugin Interface for Processing and Encryption
  14. Experiments and Results
  15. Inference Model Safety on Vertical Collaboration
  16. ...and 3 more sections

Figures (8)

  • Figure 1: Partitioning of features $x$ and labels $y$ in horizontal and vertical federated learning setups.
  • Figure 2: Bagging Tree-based Federated XGBoost
  • Figure 3: Secure Horizontal Federated XGBoost
  • Figure 4: Secure Vertical Federated XGBoost
  • Figure 5: Plugin Interface for Encryption
  • ...and 3 more figures