Zero Knowledge Proof based Gradient Aggregation for Federated Learning: Conclusion & References

TABLE OF LINKS

Abstract & Introduction

Related Work & Preliminaries

Methodology

Theoretical and Empirical Analysis

Results

Conclusion & References

Conclusion

We present a novel and pioneering approach called zkFL, which utilizes ZKPs to ensure a trustworthy aggregation process on the centralized aggregator. Through rigorous theoretical analysis, we establish that zkFL effectively addresses the challenge posed by a malicious aggregator during the model aggregation phase. Moreover, we extend zkFL to a blockchain-based system, significantly reducing the verification burden on the clients. The empirical analysis demonstrates that our design achieves superior levels of security and privacy compared to traditional FL systems while maintaining a favorable training speed for the clients.

These results showcase the practical feasibility and potential advantages of zkFL and its blockchain-based version in real-world applications.

Acknowledgments

This work was supported in part by the FLock Research Grant.

References

1. Diego F Aranha, Emil Madsen Bennedsen, Matteo Campanelli, Chaya Ganesh, Claudio Orlandi, and Akira Takahashi. Eclipse: enhanced compiling method for pedersen-committed zksnark engines. In IACR International Conference on PublicKey Cryptography, pages 584–614. Springer, 2022.
2. Karim Baghery, Markulf Kohlweiss, Janno Siim, and Mikhail Volkhov. Another look at extraction and randomization of groth’s zk-snark. In Financial Cryptography and Data Security: 25th International Conference, FC 2021, Virtual Event, March 1–5, 2021, Revised Selected Papers, Part I 25, pages 457–475. Springer,
3. Nir Bitansky. Verifiable random functions from non-interactive witnessindistinguishable proofs. Journal of Cryptology, 33(2):459–493, 2020.
4. Joseph Bonneau, Andrew Miller, Jeremy Clark, Arvind Narayanan, Joshua A Kroll, and Edward W Felten. Sok: Research perspectives and challenges for bitcoin and cryptocurrencies. In 2015 IEEE Symposium on Security and Privacy, pages 104– 121. IEEE, 2015.
5. Sean Bowe, Jack Grigg, and Daira Hopwood. Recursive proof composition without a trusted setup. Cryptology ePrint Archive, 2019.
6. Lukas Burkhalter, Hidde Lycklama, Alexander Viand, Nicolas K¨uchler, and Anwar Hithnawi. Rofl: Attestable robustness for secure federated learning. arXiv preprint arXiv:2107.03311, 2021.
7. Xiaoyu Cao and Neil Zhenqiang Gong. Mpaf: Model poisoning attacks to federated learning based on fake clients. In Proceedings of the IEEE/CVF Conference on Computer Vision and Pattern Recognition, pages 3396–3404, 2022.
8. Nanqing Dong, Zhipeng Wang, Jiahao Sun, Michael Kampffmeyer, Yizhe Wen, Shuoying Zhang, William Knottenbelt, and Eric Xing. Defending against malicious behaviors in federated learning with blockchain. arXiv preprint arXiv:2307.00543, 2023.
9. Haohua Duan, Liyao Xiang, Xinbing Wang, Pengzhi Chu, and Chenghu Zhou. A new zero knowledge argument for general circuits and its application. IEEE Transactions on Information Forensics and Security, 2023.
10. Juan Garay and Aggelos Kiayias. Sok: A consensus taxonomy in the blockchain era. In Topics in Cryptology–CT-RSA 2020: The Cryptographers’ Track at the RSA Conference 2020, San Francisco, CA, USA, February 24–28, 2020, Proceedings, pages 284–318. Springer, 2020.
11. Oded Goldreich and Yair Oren. Definitions and properties of zero-knowledge proof systems. Journal of Cryptology, 7(1):1–32, 1994.
12. Jens Groth. On the size of pairing-based non-interactive arguments. In International Conference on the Theory and Applications of Cryptographic Techniques, pages 305–326. Springer, 2016.
13. Kaiming He, Xiangyu Zhang, Shaoqing Ren, and Jian Sun. Deep residual learning for image recognition. In CVPR, pages 770–778, 2016.
14. Gao Huang, Zhuang Liu, Laurens Van Der Maaten, and Kilian Q Weinberger. Densely connected convolutional networks. In CVPR, pages 4700–4708, 2017.
15. Huawei Huang, Wei Kong, Sicong Zhou, Zibin Zheng, and Song Guo. A survey of state-of-the-art on blockchains: Theories, modelings, and tools. ACM Computing Surveys (CSUR), 54(2):1–42, 2021.
16. Wael Issa, Nour Moustafa, Benjamin Turnbull, Nasrin Sohrabi, and Zahir Tari. Blockchain-based federated learning for securing internet of things: A comprehensive survey. ACM Computing Surveys, 55(9):1–43, 2023.
17. Peter Kairouz, H Brendan McMahan, Brendan Avent, Aur´elien Bellet, Mehdi Bennis, Arjun Nitin Bhagoji, Kallista Bonawitz, Zachary Charles, Graham Cormode, Rachel Cummings, et al. Advances and open problems in federated learning. Foundations and Trends® in Machine Learning, 14(1–2):1–210, 2021.
18. Joe Kilian. A note on efficient zero-knowledge proofs and arguments. In Proceedings of the twenty-fourth annual ACM symposium on Theory of computing, pages 723– 732, 1992.
19. Hyesung Kim, Jihong Park, Mehdi Bennis, and Seong-Lyun Kim. Blockchained ondevice federated learning. IEEE Communications Letters, 24(6):1279–1283, 2019.
20. Diederik P Kingma and Jimmy Ba. Adam: A method for stochastic optimization. In ICLR, 2015.
21. Yijing Li, Xiaofeng Tao, Xuefei Zhang, Junjie Liu, and Jin Xu. Privacy-preserved federated learning for autonomous driving. IEEE Transactions on Intelligent Transportation Systems, 23(7):8423–8434, 2021.
22. Tianyi Liu, Xiang Xie, and Yupeng Zhang. Zkcnn: Zero knowledge proofs for convolutional neural network predictions and accuracy. In ACM SIGSAC Conference on Computer and Communications Security, pages 2968–2985, 2021.
23. Brendan McMahan, Eider Moore, Daniel Ramage, Seth Hampson, and Blaise Aguera y Arcas. Communication-efficient learning of deep networks from decentralized data. In AISTATS, pages 1273–1282. PMLR, 2017.
24. Silvio Micali, Michael Rabin, and Salil Vadhan. Verifiable random functions. In 40th annual symposium on foundations of computer science (cat. No. 99CB37039), pages 120–130. IEEE, 1999.
25. Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. Decentralized business review, 2008.
26. Torben Pryds Pedersen. Non-interactive and information-theoretic secure verifiable secret sharing. In Annual international cryptology conference, pages 129–140. Springer, 1991.
27. Youyang Qu, Md Palash Uddin, Chenquan Gan, Yong Xiang, Longxiang Gao, and John Yearwood. Blockchain-enabled federated learning: A survey. ACM Computing Surveys, 55(4):1–35, 2022.
28. Eli Ben Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, and Madars Virza. Zerocash: Decentralized anonymous payments from bitcoin. In 2014 IEEE Symposium on Security and Privacy, pages 459–474. IEEE, 2014.
29. Xiaoqiang Sun, F Richard Yu, Peng Zhang, Zhiwei Sun, Weixin Xie, and Xiang Peng. A survey on zero-knowledge proof in blockchain. IEEE network, 35(4):198– 205, 2021.
30. Zhipeng Wang, Stefanos Chaliasos, Kaihua Qin, Liyi Zhou, Lifeng Gao, Pascal Berrang, Benjamin Livshits, and Arthur Gervais. On how zero-knowledge proof blockchain mixers improve, and worsen user privacy. In Proceedings of the ACM Web Conference 2023, pages 2022–2032, 2023.
31. Jiasi Weng, Jian Weng, Gui Tang, Anjia Yang, Ming Li, and Jia-Nan Liu. pvcnn: Privacy-preserving and verifiable convolutional neural network testing. IEEE Transactions on Information Forensics and Security, 18:2218–2233, 2023.
32. Jiasi Weng, Jian Weng, Jilian Zhang, Ming Li, Yue Zhang, and Weiqi Luo. Deepchain: Auditable and privacy-preserving deep learning with blockchain-based incentive. IEEE Transactions on Dependable and Secure Computing, 18(5):2438– 2455, 2019.
33. Gavin Wood. Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151:1–32, 2014.
34. Juncen Zhu, Jiannong Cao, Divya Saxena, Shan Jiang, and Houda Ferradi. Blockchain-empowered federated learning: Challenges, solutions, and future directions. ACM Computing Surveys, 55(11):1–31, 2023.