Federated learning (FL) enables collaborative model training across distributed data silos without exposing raw data, with increasing deployment in critical domains such as healthcare consortiums and financial institutions where data sensitivity is paramount. However, existing FL systems rarely achieve both robust privacy protection and verifiable correctness in the presence of realistic adversaries. Current privacy mechanisms typically impose prohibitive overhead or become vulnerable under server–client collusion, while the verifiability of global updates is often absent. In this paper, we propose a practical verifiable aggregation scheme for privacy-preserving federated learning (PVA-FL) that delivers both confidentiality of local updates and end-to-end verifiability of aggregation processes. Secure aggregation is realized via homomorphic proxy re-encryption augmented with blinding, providing robust protection of local model updates against server-client collusion attacks. Furthermore, a lightweight verification framework based on aggregate signatures enables participants to independently validate that the released aggregation result genuinely reflects authenticated local contributions under the prescribed aggregation rule. Experimental evaluation demonstrates that PVA-FL achieves low computational and communication overhead while maintaining strong privacy and verifiability guarantees, establishing its practical viability for secure collaborative learning in distributed environments.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

PVA-FL: Practical Verifiable Aggregation for Privacy-Preserving Federated Learning

  • Jiali Song,
  • Yujue Wang,
  • Changsong Yang,
  • Zhen Liu,
  • Shuo Wang,
  • Yong Ding

摘要

Federated learning (FL) enables collaborative model training across distributed data silos without exposing raw data, with increasing deployment in critical domains such as healthcare consortiums and financial institutions where data sensitivity is paramount. However, existing FL systems rarely achieve both robust privacy protection and verifiable correctness in the presence of realistic adversaries. Current privacy mechanisms typically impose prohibitive overhead or become vulnerable under server–client collusion, while the verifiability of global updates is often absent. In this paper, we propose a practical verifiable aggregation scheme for privacy-preserving federated learning (PVA-FL) that delivers both confidentiality of local updates and end-to-end verifiability of aggregation processes. Secure aggregation is realized via homomorphic proxy re-encryption augmented with blinding, providing robust protection of local model updates against server-client collusion attacks. Furthermore, a lightweight verification framework based on aggregate signatures enables participants to independently validate that the released aggregation result genuinely reflects authenticated local contributions under the prescribed aggregation rule. Experimental evaluation demonstrates that PVA-FL achieves low computational and communication overhead while maintaining strong privacy and verifiability guarantees, establishing its practical viability for secure collaborative learning in distributed environments.