A Privacy-Preserving and Verifiable Federated Learning Scheme

Due to the complexity of the data environment, many organizations prefer to train deep learning models together by sharing training sets. However, this process is always accompanied by the restriction of distributed storage and privacy. Federated learning addresses this challenge by only sharing gradients with the server without revealing training sets. Unfortunately, existing research has shown that the server could extract information of the training sets from shared gradients. Besides, the server may falsify the calculated result to affect the accuracy of the trained model. To solve the above problems, we propose a privacy-preserving and verifiable federated learning scheme. Our scheme focuses on processing shared gradients by combining the Chinese Remainder Theorem and the Paillier homomorphic encryption, which can realize privacy-preserving federated learning with low computation and communication costs. In addition, we introduce the bilinear aggregate signature technology into federated learning, which effectively verifies the correctness of aggregated gradient. Moreover, the experiment shows that even with the added verification function, our scheme still has high accuracy and efficiency.