Defesa de Tese de Doutorado: Enhancing Privacy and Security in Federated Learning: Two Novel Aggregation Protocols Incorporating Homomorphic Encryption, DC-Nets, and Secret Sharing

Orientadores:
Fábio Borges de Oliveira - Laboratório Nacional de Computação Científica - LNCC

Hora: 10h

Banca Examinadora:
Fábio Borges de Oliveira - Laboratório Nacional de Computação Científica - LNCC (presidente)
Bruno Richard Schulze - Laboratório Nacional de Computação Científica - LNCC
Lisandro Zambenedetti Granville - Universidade Federal do Rio Grande do Sul - UFRGS
Raphael Carlos Santos Machado - Universidade Federal Fluminense - UFF

Suplentes:
Renato Portugal - Laboratório Nacional de Computação Científica - LNCC
Leonardo Martucci - Karlstad University

Resumo:

In the era of big data, devices such as smartphones and sensors generate vast amounts of data that are used for machine learning tasks such as image recognition and sentiment analysis. However, these data can contain sensitive personal information, risking privacy breaches with serious consequences. Federated Learning (FL) offers a solution by enabling devices to collaboratively train a model without sharing the data itself, only exchanging model gradients to ensure privacy. Despite its benefits, the potential for data reconstruction from gradients poses a threat to data confidentiality, underscoring the importance of secure and encrypted model aggregation in FL. This thesis introduces innovative secure aggregation protocols for Federated Learning, leveraging advanced cryptographic techniques such as Homomorphic Encryption, Dining Cryptographer Networks (DC-Nets), and Secret Sharing, to ensure data privacy and security during the aggregation process. This work is concentrated on two main scenarios: Centralized Federated Learning (CFL) a nd Decentralized Federated Learning (DFL). For CFL, we propose a protocol that utilizes Homomorphic Encryption and DC-Nets, in conjunction with Shamir’s Secret Sharing, enabling the secure aggregation of participant local models while keeping the local data private and secure. In the context of DFL, we develop a protocol that integrates DC-Nets with a Multi-Secret Sharing scheme, adding an extra layer of privacy without the need for a central server. The proposed protocols were validated through simulations using the MNIST dataset of handwritten digits. The results demonstrate that our protocols achieve results comparable to those of the FedAvg protocol in model accuracy, while significantly enhancing privacy protections. Moreover, the application of Homomorphic Encryption and DC-Nets, along with Secret Sharing, proved effective in thwarting potential attacks aimed at compromising user data privacy. Therefore, this thesis contributes to the field of Federated Learning by introducing aggregation methods that not only preserve participant data privacy and security, but also retain effectiveness in collaborative learning.