Research On Privacy-Preserving Techniques For Horizontal Federated Support Vector Machine

With the advancement of big data technology,safeguarding the privacy and security of data has become a worldwide agreement.Nevertheless,in the absence of adaptable technologies that can cater to the emerging privacy and security protection needs,individuals may impose restrictions on the exchange of data among diverse entities,leading to the formation of "data silos".This,in turn,can restrict the exploration and application of the full potential of big data.Federated learning has emerged as a promising solution to eliminate data silos by enabling federated data mining while ensuring the privacy and security of participant data.It has been successfully implemented in several data-sensitive domains,including credit risk control and medical data analysis.However,current research indicates that the conventional federated learning framework is still susceptible to various privacy attacks,such as model inversion attacks and reconstruction attacks.Therefore,there is an urgent requirement to develop customized privacy-preserving techniques for specific federated learning tasks and ensure privacy-preserving during the parameter exchange phase of the federated learning process.In this thesis,we focus on the classic algorithm support vector machine in machine learning to conduct research on the key technology of privacy-preserving for horizontal federated learning.The primary objective of this research is to develop a privacy-preserving federated support vector machine algorithm that utilizes homomorphic encryption to protect the parameter exchange process in the federated support vector machine model.This is achieved by utilizing two encryption techniques: the conventional single-key CKKS homomorphic encryption and our proposed ciphertext-strong compact multi-key CKKS homomorphic encryption,which provides enhanced security.The main contributions of this work are as follows:1.We propose a privacy-preserving federated support vector machine algorithm based on traditional single-key CKKS homomorphic encryption.To address the issues of insufficient privacy-preserving during training and lack of research for federated nonlinear support vector machine in the traditional federated learning framework,this thesis proposes a privacy-preserving federated nonlinear support vector machine training algorithm(PPF-NSVM)using the random fourier feature algorithm and the traditional single-key CKKS homomorphic encryption scheme.Firstly,to tackle the classification problem of nonlinear data,we use the Burmester-Desmedt group key negotiation protocol and a pseudorandom number generator to generate identical random numbers among all parties.This ensures that each party can construct the same Gaussian kernel approximation mapping function.Secondly,the participating parties utilize the Gaussian kernel approximation mapping function generated by the random fourier feature algorithm to explicitly map the nonlinear data to a linearly separable high-dimensional space.Finally,by using the single-key CKKS homomorphic encryption technique along with a heuristic encoding scheme,the privacy of user data can be ensured while also concealing the contributions of each participating party.The experimental results show that the proposed PPF-NSVM algorithm can achieve privacy-preserving for the training process while guaranteeing the model’s accuracy without loss.2.We embed a multi-key CKKS scheme with strong compact ciphertext on Lattigo homomorphic encryption library.The ciphertext of multi-key homomorphic encryption needs to be jointly decrypted by all users involved in the computation,which provides stronger privacy-preserving than traditional homomorphic cryptography schemes.However,previous multi-key homomorphic encryption schemes,such as the CDKS scheme,did not consider ciphertext authorization and mostly used fractional cascaded private key aggregation to construct the private keys of user sets.This resulted in a joint ciphertext size that grew quadratically or linearly with an increased number of users,making it difficult to apply them to the horizontal federated learning scenario.To provide practical multi-key homomorphic encryption technology support for horizontal federated learning,this thesis implements a ciphertext strong compact multi-key CKKS scheme(AMCMK)in the widely used Lattigo homomorphic encryption library.Firstly,the technical route of embedding the AMCMK scheme is proposed by analyzing the dependency and interaction logic of each functional module in the Lattigo homomorphic encryption library.Secondly,the functional modules and calling interfaces of the AMCMK scheme are programmed and implemented based on the source code of Lattigo library.To enable the calling of the AMCMK scheme,it is associated with the upper layer interface.Finally,the correctness and effectiveness of the embedded AMCMK scheme in the Lattigo library are verified through experimental tests.The experimental results show that the embedded AMCMK algorithm modules and interfaces are available,and the operation results are correct.The performance comparison shows that the multi-key CKKS scheme proposed in this thesis has similar performance to the native single-key RNS-CKKS scheme supported by the Lattigo library for the same operations,with a maximum time difference of only 19.15 ms.3.We propose a federated support vector machine algorithm based on ciphertext strong compact multi-key CKKS.To address the problems that the CDKS scheme,a representative of previous multi-key CKKS homomorphic encryption schemes,has been proven to have security flaws in specific cases where only homomorphic addition calculations are performed,and the ciphertext size is positively correlated with the number of participants,which is not suitable for horizontal federated learning scenarios with a large number of parameter parties,this thesis proposes a federated support vector machine algorithm(MKF-SVM)based on ciphertext strong compact multi-key CKKS using the AMCMK scheme embedded in the Lattigo homomorphic encryption library as a basic tool.Firstly,the AMCMK algorithm requires all participants to participate in the decryption process together,and the absence of any participant’s decryption share will result in incorrect decryption,thereby increasing the ability of the federated support vector machine algorithm to resist collusion attacks.Secondly,when there are dynamic changes in the participating parties,this algorithm can refresh the keys by regenerating the ciphertext,converting the ciphertext corresponding to the old user set to the ciphertext corresponding to the new user set,thus avoiding the need to re-encrypt and upload the gradients.The experimental results show that the proposed MKF-SVM algorithm can guarantee the privacy of the gradients uploaded by the participants without affecting the model accuracy.In terms of performance,the introduction of ciphertext refreshing operations may slightly increase the computational overhead on the server side.