Practical secure aggregation for privacy-preserving machine learning
Abstract: We present a protocol for securely computing sums of vectors,
which has a constant number of rounds, low communication
overhead, robustness to failures, and which requires only one
server with limited trust. In our design the server has two
roles: it routes messages between the other parties, and it
computes the final result. We present two variants of the protocol: one is more efficient and can be proven secure against
honest but curious adversaries, in the plain model. The other
guarantees privacy against active adversaries (including an
actively adversarial server), but requires an extra round, and
is proven secure in the random oracle model. In both cases,
we can show formally that the server only learns users’ inputs
in aggregate, using a simulation-based proof as is standard
for MPC protocols. Both variants we present are practical
and we present benchmark results from our prototype implementation.
0 Replies
Loading