Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

EByFTVeS: Efficient Byzantine Fault Tolerant-based Verifiable Secret-sharing in Distributed Privacy-preserving Machine Learning

Zhen Li, Zijian Zhang, Wenjin Yang, Pengbo Wang, Zhaoqi Wang, Yan Wu, Xuyang Liu, Jing Sun

TL;DR

The paper addresses vulnerabilities in Verifiable Secret Sharing-based distributed privacy-preserving learning, notably a timing-based ASDP that enables targeted model poisoning (ACuMPA) and undermines convergence. It develops EByFTVeS, a PBFT-consensus-driven VSS scheme that enforces commitment within a verified window, merges VSS with secure aggregation, and provides formal validity, liveness, consistency, and privacy guarantees. The authors define ASDP and ACuMPA, analyze their implications, and demonstrate how EByFTVeS counters them while maintaining efficiency. Empirical results on DPML benchmarks and secure MPC show that ACuMPA degrades standard approaches, whereas EByFTVeS preserves model quality and training speed, outperforming a leading MPC baseline in efficiency.

Abstract

Verifiable Secret Sharing (VSS) has been widespread in Distributed Privacy-preserving Machine Learning (DPML), because invalid shares from malicious dealers or participants can be recognized by verifying the commitment of the received shares for honest participants. However, the consistency and the computation and communitation burden of the VSS-based DPML schemes are still two serious challenges. Although Byzantine Fault Tolerance (BFT) system has been brought to guarantee the consistency and improve the efficiency of the existing VSS-based DPML schemes recently, we explore an Adaptive Share Delay Provision (ASDP) strategy, and launch an ASDP-based Customized Model Poisoning Attack (ACuMPA) for certain participants in this paper. We theoretically analyzed why the ASDP strategy and the ACuMPA algorithm works to the existing schemes. Next, we propose an [E]fficient [By]zantine [F]ault [T]olerant-based [Ve]rifiable [S]ecret-sharing (EByFTVeS) scheme. Finally, the validity, liveness, consistency and privacy of the EByFTVeS scheme are theoretically analyzed, while the efficiency of the EByFTVeS scheme outperforms that of the-state-of-art VSS scheme according to comparative experiment results.

EByFTVeS: Efficient Byzantine Fault Tolerant-based Verifiable Secret-sharing in Distributed Privacy-preserving Machine Learning

TL;DR

The paper addresses vulnerabilities in Verifiable Secret Sharing-based distributed privacy-preserving learning, notably a timing-based ASDP that enables targeted model poisoning (ACuMPA) and undermines convergence. It develops EByFTVeS, a PBFT-consensus-driven VSS scheme that enforces commitment within a verified window, merges VSS with secure aggregation, and provides formal validity, liveness, consistency, and privacy guarantees. The authors define ASDP and ACuMPA, analyze their implications, and demonstrate how EByFTVeS counters them while maintaining efficiency. Empirical results on DPML benchmarks and secure MPC show that ACuMPA degrades standard approaches, whereas EByFTVeS preserves model quality and training speed, outperforming a leading MPC baseline in efficiency.

Abstract

Verifiable Secret Sharing (VSS) has been widespread in Distributed Privacy-preserving Machine Learning (DPML), because invalid shares from malicious dealers or participants can be recognized by verifying the commitment of the received shares for honest participants. However, the consistency and the computation and communitation burden of the VSS-based DPML schemes are still two serious challenges. Although Byzantine Fault Tolerance (BFT) system has been brought to guarantee the consistency and improve the efficiency of the existing VSS-based DPML schemes recently, we explore an Adaptive Share Delay Provision (ASDP) strategy, and launch an ASDP-based Customized Model Poisoning Attack (ACuMPA) for certain participants in this paper. We theoretically analyzed why the ASDP strategy and the ACuMPA algorithm works to the existing schemes. Next, we propose an [E]fficient [By]zantine [F]ault [T]olerant-based [Ve]rifiable [S]ecret-sharing (EByFTVeS) scheme. Finally, the validity, liveness, consistency and privacy of the EByFTVeS scheme are theoretically analyzed, while the efficiency of the EByFTVeS scheme outperforms that of the-state-of-art VSS scheme according to comparative experiment results.

Paper Structure

This paper contains 26 sections, 5 theorems, 6 equations, 5 figures, 4 tables, 5 algorithms.

Table of Contents

  1. Introduction
  2. Related Works
  3. Preliminaries
  4. VSS
  5. Byzantine Fault Tolerance (BFT) System
  6. The VSS-based Distributed Privacy-preserving Machine Learning
  7. Models and Goals
  8. System Model
  9. Threat Model
  10. System Goal
  11. Adaptive Share Delay Provision
  12. Theoretical Analysis
  13. The ASDP-based Customized Model Poisoning Attack
  14. The ACuMPA Scheme
  15. Theoretical Analysis
  16. ...and 11 more sections

Key Result

Theorem 1

Let $\Delta=\tfrac{1}{N}\sum_{i=1}^{N}v_i$ be the global gradient and let $\mathcal{S}$ denote the index set of the top-$k$ coordinates w.r.t. $|\Delta_i|$. For any client $i$, define the normal similarity lower bound If $k\ge C(\alpha)\log d$ for a constant $C(\alpha)$ depending only on the Dirichlet concentration parameter $\alpha$, then there exists a vector $u\in\{-1,0,1\}^d$ with $\mathrm{su

Figures (5)

  • Figure 1: The Flowchart of the BFT-based VSS in DPML
  • Figure 2: The Core Procedure of the ACuMPA Scheme
  • Figure 3: Accuracy Results using CNN model.
  • Figure 4: Accuracy Results using ResNet model.
  • Figure 5: Accuracy Results using AlexNet model.

Theorems & Definitions (10)

  • Theorem 1: Existence of Common Substitute Vector
  • proof
  • Theorem 2: Validity
  • proof
  • Theorem 3: Liveness
  • proof
  • Theorem 4: Consistency
  • proof
  • Theorem 5: Privacy
  • proof