Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Efficient Privacy-Preserving Cross-Silo Federated Learning with Multi-Key Homomorphic Encryption

Abdullah Al Omar, Xin Yang, Euijin Choo, Omid Ardakanian

TL;DR

This work targets privacy-preserving cross-silo federated learning by addressing the high computation and communication overhead of multi-key homomorphic encryption (MKHE). It introduces MASER, which combines consensus-based magnitude pruning with parameter slicing to encrypt only the most important weights while enabling secure aggregation via MKCKKS and a trusted key manager; majority voting aligns sparsification across clients and slices optimize HE efficiency. Through experiments on MNIST and CIFAR-10 under IID and non-IID splits, MASER achieves accuracy close to vanilla FL while reducing MKHE-related overhead by 3.03× to 8.29× and keeping overhead close to 1.48–5× the vanilla baseline, depending on settings. The results demonstrate MASER’s strong privacy protection against data reconstruction attacks (ASR near zero, low PSNR) and robustness to malicious clients, signaling practical applicability for real-world cross-silo FL deployments with strict privacy and efficiency requirements.

Abstract

Federated Learning (FL) is susceptible to privacy attacks, such as data reconstruction attacks, in which a semi-honest server or a malicious client infers information about other clients' datasets from their model updates or gradients. To enhance the privacy of FL, recent studies combined Multi-Key Homomorphic Encryption (MKHE) and FL, making it possible to aggregate the encrypted model updates using different keys without having to decrypt them. Despite the privacy guarantees of MKHE, existing approaches are not well-suited for real-world deployment due to their high computation and communication overhead. We propose MASER, an efficient MKHE-based Privacy-Preserving FL framework that combines consensus-based model pruning and slicing techniques to reduce this overhead. Our experimental results show that MASER is 3.03 to 8.29 times more efficient than existing MKHE-based FL approaches in terms of computation and communication overhead while maintaining comparable classification accuracy to standard FL algorithms. Compared to a vanilla FL algorithm, the overhead of MASER is only 1.48 to 5 times higher, striking a good balance between privacy, accuracy, and efficiency in both IID and non-IID settings.

Efficient Privacy-Preserving Cross-Silo Federated Learning with Multi-Key Homomorphic Encryption

TL;DR

This work targets privacy-preserving cross-silo federated learning by addressing the high computation and communication overhead of multi-key homomorphic encryption (MKHE). It introduces MASER, which combines consensus-based magnitude pruning with parameter slicing to encrypt only the most important weights while enabling secure aggregation via MKCKKS and a trusted key manager; majority voting aligns sparsification across clients and slices optimize HE efficiency. Through experiments on MNIST and CIFAR-10 under IID and non-IID splits, MASER achieves accuracy close to vanilla FL while reducing MKHE-related overhead by 3.03× to 8.29× and keeping overhead close to 1.48–5× the vanilla baseline, depending on settings. The results demonstrate MASER’s strong privacy protection against data reconstruction attacks (ASR near zero, low PSNR) and robustness to malicious clients, signaling practical applicability for real-world cross-silo FL deployments with strict privacy and efficiency requirements.

Abstract

Federated Learning (FL) is susceptible to privacy attacks, such as data reconstruction attacks, in which a semi-honest server or a malicious client infers information about other clients' datasets from their model updates or gradients. To enhance the privacy of FL, recent studies combined Multi-Key Homomorphic Encryption (MKHE) and FL, making it possible to aggregate the encrypted model updates using different keys without having to decrypt them. Despite the privacy guarantees of MKHE, existing approaches are not well-suited for real-world deployment due to their high computation and communication overhead. We propose MASER, an efficient MKHE-based Privacy-Preserving FL framework that combines consensus-based model pruning and slicing techniques to reduce this overhead. Our experimental results show that MASER is 3.03 to 8.29 times more efficient than existing MKHE-based FL approaches in terms of computation and communication overhead while maintaining comparable classification accuracy to standard FL algorithms. Compared to a vanilla FL algorithm, the overhead of MASER is only 1.48 to 5 times higher, striking a good balance between privacy, accuracy, and efficiency in both IID and non-IID settings.

Paper Structure

This paper contains 21 sections, 8 equations, 8 figures, 1 table, 1 algorithm.

Table of Contents

  1. Introduction
  2. Background
  3. Federated Learning
  4. Multi-key Homomorphic Encryption
  5. Neural Network Pruning
  6. Threat Model
  7. Methodology
  8. Overview
  9. Model Training and Sparsification
  10. Parameter Slicing for Efficient Homomorphic Encryption and Model Aggregation
  11. Decryption and Model Reconstruction
  12. Experimental Analysis
  13. Datasets
  14. Baselines
  15. Implementation Details
  16. ...and 6 more sections

Figures (8)

  • Figure 1: An illustration of MASER components and data flow between them
  • Figure 2: Test accuracy across 25 FL rounds on MNIST
  • Figure 3: Test accuracy across 25 FL rounds on CIFAR10
  • Figure 4: Time overhead for 25 FL rounds on MNIST
  • Figure 5: Time overhead for 25 FL rounds on CIFAR-10
  • ...and 3 more figures

Theorems & Definitions (1)

  • Definition 1: RLWE lyubashevsky2013ideal