Search papers, labs, and topics across Lattice.
This paper introduces PRoVeFL, a modular framework for Federated Learning that enhances privacy, robustness against Byzantine attacks, and verifiability of model aggregation. By utilizing multiple servers and multi-key fully homomorphic encryption, PRoVeFL allows clients to securely encrypt and share model updates while enabling efficient statistical aggregation without compromising privacy. The framework achieves significant performance improvements, demonstrating up to 100x faster runtime compared to previous methods like Prio and 10x faster than ELSA, all while maintaining comparable security guarantees.
PRoVeFL achieves unprecedented efficiency in federated learning, improving runtime by up to 100x while ensuring robust privacy and verifiability.
Federated Learning (FL) enables multiple clients to collaboratively train machine learning models while retaining data locality, thereby enhancing user privacy. However, traditional FL frameworks rely on a centralized aggregation server and assume honest-but-curious clients, making them susceptible to both server-side inference and client-side poisoning attacks. Although recent work has explored secure and Byzantine-resilient FL protocols, they face a fundamental trade-off among privacy, integrity, and verifiability, and incur substantial computational and communication overhead due to the heavy use of cryptographic primitives. In this work, we propose PRoVeFL-a novel, modular FL framework that is Privacy-preserving, Byzantine-Robust, and ensures Verifiable aggregation. PRoVeFL employs multiple servers leveraging multi-key fully homomorphic encryption. Each client encrypts its local model updates and distributes encrypted shares to all servers. This design enables a hybrid computation model in which ciphertext operations are carefully offloaded to the plaintext domain under strict privacy constraints to efficiently evaluate complex statistical aggregation rules. PRoVeFL is compatible with a wide range of state-of-the-art Byzantine-robust aggregation algorithms (e.g., Krum, Trimmed Mean, FLTrust, norm clipping, MESAS, and more) and further enhances them with verifiability mechanisms that require minimal trust in at least one honest server. We evaluate it across different settings and demonstrate its scalability with varying numbers of parameters and participants. PRoVeFL improves runtime over the prior works, Prio and ELSA, based on distributed trust with comparable security guarantees, up to 100x and 10x, respectively.