Research On Privacy-Preserving Mechanism Of Federated Learning Based On Homomorphic Encryption In Cloud Environment

With the rapid development of cloud computing and big data,cloud servers are widely used to train data outsourcing machine learning models due to their powerful storage and computing capabilities,but this learning method also brings a certain degree of security risk,that is,the leakage of personal privacy data.Because of the concern about data privacy protection and data centralized storage,as well as the need to better exploit the value of data,federated learning came into being.The participants does not need to upload personal data to cloud storage for centralized modeling.Instead,the model is trained locally,and then the model parameters are sent to the server for aggregation,so as to realize real-time update and optimization of the local model.But federated learning still has privacy and security concerns.On the one hand,the locally shared model parameters will be leaked,and data analysts can mine the user’s personal information from the shared model parameters through reverse reasoning;on the other hand,since the server cannot directly check the user’s local training data,it is easy to be exposed to malicious users.Some malicious users deliberately provide fake model parameters,resulting in the global model being unable to converge or the model failing to make correct predictions.Based on this,the primary research work of this thesis is as follows:1.To ensure the privacy of the existing fully homomorphic encryption scheme based on compressed ciphertext sharing model parameters when the federated learning model is updated and improve the efficiency of calculation and communication,this thesis proposes an efficient federated learning privacy protection scheme based on multi-key aggregation.Firstly,the homomorphic encryption algorithm of R-LWE is improved,and its related operations are simplified under the condition of unchanged security,and the computational efficiency is improved.Secondly,the aggregate public key and decryption sharing are defined.The improved R-LWE homomorphic encryption is adopted to protect private data such as local model parameters using multi-key aggregation public key encryption,and then the ciphertext is uploaded to the cloud server for aggregation.The decryption of the aggregated ciphertext requires the cooperation and sharing of all participants,which effectively prevents the privacy leakage of publicly shared information in federated learning.Finally,security analysis and experimental evaluation show that this scheme not only effectively resists collusion attacks between k≤n-2 participants and cloud servers,but also maintains the accuracy of the model and reduces communication costs compared to traditional federated learning.2.To guarantee the confidentiality of shared model parameters in the existing Byzantine robust random aggregation algorithm when updating the federated learning model,this thesis proposes a privacy protection supporting byzantine-robust federated learning scheme.Based on the existing byzantine robust random aggregation algorithm,the scheme first uses distributed paillier homomorphic encryption algorithm to encrypt the local model parameters and upload them to the cloud server for aggregation,ensuring the privacy of the shared model parameters.Secondly,before aggregation,the cloud server uses the set member proof protocol in zero-knowledge proof to detect and filter the abnormal model parameters uploaded by byzantine participants,which solves the untrustworthy problem of participants sharing model parameters and provides an efficient guarantee for model training.Finally,through experimental analysis,it is verified that this scheme not only protects user privacy,but also avoids various byzantine attacks and maintains model robustness.