Table of Contents
Fetching ...

PQS-BFL: A Post-Quantum Secure Blockchain-based Federated Learning Framework

Daniel Commey, Garth V. Crosby

TL;DR

This work addresses the quantum threat to Federated Learning by proposing PQS-BFL, a framework that fuses post-quantum digital signatures with blockchain-based verification to safeguard model updates. It selects ML-DSA-65 for on-chain authentication of updates, implements smart-contract-based verification, and benchmarks performance across MNIST, SVHN, and HAR with 3–30 clients. Results show sub-millisecond PQC operations and modest blockchain overhead (transactions dominated by network/consensus rather than cryptography), while maintaining comparable model accuracy to non-quantum-secure baselines and achieving sublinear round-time scaling. The study provides open-source tooling and reproducible benchmarks, demonstrating the practicality of long-term, quantum-resistant security for decentralized, healthcare-relevant FL systems.

Abstract

Federated Learning (FL) enables collaborative model training while preserving data privacy, but its classical cryptographic underpinnings are vulnerable to quantum attacks. This vulnerability is particularly critical in sensitive domains like healthcare. This paper introduces PQS-BFL (Post-Quantum Secure Blockchain-based Federated Learning), a framework integrating post-quantum cryptography (PQC) with blockchain verification to secure FL against quantum adversaries. We employ ML-DSA-65 (a FIPS 204 standard candidate, formerly Dilithium) signatures to authenticate model updates and leverage optimized smart contracts for decentralized validation. Extensive evaluations on diverse datasets (MNIST, SVHN, HAR) demonstrate that PQS-BFL achieves efficient cryptographic operations (average PQC sign time: 0.65 ms, verify time: 0.53 ms) with a fixed signature size of 3309 Bytes. Blockchain integration incurs a manageable overhead, with average transaction times around 4.8 s and gas usage per update averaging 1.72 x 10^6 units for PQC configurations. Crucially, the cryptographic overhead relative to transaction time remains minimal (around 0.01-0.02% for PQC with blockchain), confirming that PQC performance is not the bottleneck in blockchain-based FL. The system maintains competitive model accuracy (e.g., over 98.8% for MNIST with PQC) and scales effectively, with round times showing sublinear growth with increasing client numbers. Our open-source implementation and reproducible benchmarks validate the feasibility of deploying long-term, quantum-resistant security in practical FL systems.

PQS-BFL: A Post-Quantum Secure Blockchain-based Federated Learning Framework

TL;DR

This work addresses the quantum threat to Federated Learning by proposing PQS-BFL, a framework that fuses post-quantum digital signatures with blockchain-based verification to safeguard model updates. It selects ML-DSA-65 for on-chain authentication of updates, implements smart-contract-based verification, and benchmarks performance across MNIST, SVHN, and HAR with 3–30 clients. Results show sub-millisecond PQC operations and modest blockchain overhead (transactions dominated by network/consensus rather than cryptography), while maintaining comparable model accuracy to non-quantum-secure baselines and achieving sublinear round-time scaling. The study provides open-source tooling and reproducible benchmarks, demonstrating the practicality of long-term, quantum-resistant security for decentralized, healthcare-relevant FL systems.

Abstract

Federated Learning (FL) enables collaborative model training while preserving data privacy, but its classical cryptographic underpinnings are vulnerable to quantum attacks. This vulnerability is particularly critical in sensitive domains like healthcare. This paper introduces PQS-BFL (Post-Quantum Secure Blockchain-based Federated Learning), a framework integrating post-quantum cryptography (PQC) with blockchain verification to secure FL against quantum adversaries. We employ ML-DSA-65 (a FIPS 204 standard candidate, formerly Dilithium) signatures to authenticate model updates and leverage optimized smart contracts for decentralized validation. Extensive evaluations on diverse datasets (MNIST, SVHN, HAR) demonstrate that PQS-BFL achieves efficient cryptographic operations (average PQC sign time: 0.65 ms, verify time: 0.53 ms) with a fixed signature size of 3309 Bytes. Blockchain integration incurs a manageable overhead, with average transaction times around 4.8 s and gas usage per update averaging 1.72 x 10^6 units for PQC configurations. Crucially, the cryptographic overhead relative to transaction time remains minimal (around 0.01-0.02% for PQC with blockchain), confirming that PQC performance is not the bottleneck in blockchain-based FL. The system maintains competitive model accuracy (e.g., over 98.8% for MNIST with PQC) and scales effectively, with round times showing sublinear growth with increasing client numbers. Our open-source implementation and reproducible benchmarks validate the feasibility of deploying long-term, quantum-resistant security in practical FL systems.
Paper Structure (54 sections, 2 theorems, 3 equations, 9 figures, 5 tables, 1 algorithm)

This paper contains 54 sections, 2 theorems, 3 equations, 9 figures, 5 tables, 1 algorithm.

Key Result

Theorem 1

Under Assumptions assump:pqc, assump:hash, and assump:blockchain, the PQS-BFL protocol ensures update authenticity and integrity. Specifically, if the smart contract $\mathcal{SC}$ records an update hash $h_t^i$ as valid for client $C_i$, then with overwhelming probability: (a) the corresponding sig

Figures (9)

  • Figure 1: Radar chart comparing the relative strengths of PQC signature schemes across key metrics. Values are normalized on a logarithmic scale where appropriate, with higher scores indicating better performance.
  • Figure 2: Overview of the PQS-BFL System Architecture. Clients perform local training, sign update hashes using PQC (ML-DSA-65), and submit them to a blockchain smart contract for verification and recording. An aggregator (which could be decentralized or a trusted server) fetches verified updates to compute the global model.
  • Figure 3: Sequence diagram of the PQS-BFL protocol, showing interactions between FL clients, smart contract, blockchain network, and aggregator. The diagram illustrates the end-to-end process from initialization to model distribution, highlighting the use of ML-DSA-65 signatures for update verification.
  • Figure 4: Cryptographic performance comparison for the MNIST dataset configuration, illustrating the average operation times (left, logarithmic scale) and key/signature sizes (right) for ML-DSA-65 (PQC), ECDSA, and NONE (hashing only).
  • Figure 5: Training convergence comparison for the MNIST dataset (3 clients, blockchain enabled). Left: Smoothed test accuracy over FL rounds. Right: Smoothed training loss over FL rounds. Curves show comparable learning performance across PQC, ECDSA, and NONE configurations.
  • ...and 4 more figures

Theorems & Definitions (4)

  • Theorem 1: Update Authenticity and Integrity
  • proof : Proof Sketch
  • Theorem 2: Resistance to Forgery
  • proof