多服务器可追责的隐私保护联邦学习方案
Multi-server Accountable Privacy Protection Federated Learning Scheme
摘要
Abstract
With the rapid development of artificial intelligence technology,data-driven machine learning models have been widely used in finance,transportation and medical care.However,large-scale data are scattered and stored in different institutions,forming"data islands",which seriously restricts the rapid development of artificial intelligence.As an emerging framework to break through data islands,federated learning allows participants to co-train models under the premise of protecting data privacy.However,the existing federated learning schemes face challenges such as high risk of privacy leakage and low credibility of aggregation results.To solve these problems,this paper designs a multi-server accountable privacy-preserving federated learning scheme(MSAFL),which has the following characteristics:(1)It is a distributed multi-server federated learning architecture,and uses blockchain technology to build a secure and trusted model aggrega-tion platform;(2)The threshold secret sharing mechanism is used to protect data privacy through gradient fragmentation transmission;(3)Linear homomorphic hashing and blockchain technology are used to establish the verifiable aggregation results and the traceability system of malicious behavior.Theoretical analysis shows that MSAFL scheme has verifiability of results,accountability of malicious servers,robustness and security.Experimental results show that on the MNIST benchmark dataset,compared with the traditional federated averaging algorithm(FedAvg),the MSAFL scheme can effec-tively defend against gradient leakage attacks while ensuring the model convergence performance.Further comparison with other related schemes shows that MSAFL achieves a balance between security and computational efficiency.关键词
联邦学习/隐私保护/秘密共享/线性同态哈希/可追责Key words
federated learning/privacy preserving/secret sharing/linear homomorphic hashing/accountable分类
信息技术与安全科学引用本文复制引用
郭瑞,李非凡,张应辉,刘光军,李雪雷..多服务器可追责的隐私保护联邦学习方案[J].计算机科学与探索,2026,20(5):1380-1393,14.基金项目
国家密码科学基金(2025NCSF02037) (2025NCSF02037)
国家自然科学基金(62072369) (62072369)
北京市科技新星计划(20230484455) (20230484455)
陕西省重点研发计划项目(2020ZDLGY08-04) (2020ZDLGY08-04)
陕西省创新能力支持计划基金(2020KJXX-052) (2020KJXX-052)
陕西省自然科学基金一般项目(2024JC-YBMS-545,2024JC-YBMS-557) (2024JC-YBMS-545,2024JC-YBMS-557)
陕西省高校青年创新团队项目(23JP160) (23JP160)
西安市科技计划项目(23KGDW0018-2023).This work was supported by the National Cryptologic Science Fund of China(2025NCSF02037),the National Natural Science Founda-tion of China(62072369),the Beijing Nova Program(20230484455),the Key Research and Development Program of Shaanxi Province(2020ZDLGY08-04),the Innovation Capacity Support Program of Shaanxi Province(2020KJXX-052),the General Program of Natural Science Foundation of Shaanxi Province(2024JC-YBMS-545,2024JC-YBMS-557),the Project of Youth Innovation Team of Shaanxi Universities(23JP160),and the Science and Technology Program of Xi'an(23KGDW0018-2023). (23KGDW0018-2023)
