Go to DBLP homepageOn the Security of Verifiable and Oblivious Secure Aggregation for Privacy-Preserving Federated Learning
Abstract: Recently, to resist privacy leakage and aggregation result forgery in federated learning (FL), Wang et al. proposed a verifiable and oblivious secure aggregation protocol for FL, called VOSA. They claimed that VOSA was aggregate unforgeable and verifiable under a malicious aggregation server and gave detailed security proof. In this article, we show that VOSA is insecure, in which local gradients/aggregation results and their corresponding authentication tags/proofs can be tampered with without being detected by the verifiers. After presenting specific attacks, we analyze the reason for this security issue and give a suggestion to prevent it.
Loading