English

Mitigating Leakage in Federated Learning with Trusted Hardware

Cryptography and Security 2020-11-13 v3 Machine Learning

Abstract

In federated learning, multiple parties collaborate in order to train a global model over their respective datasets. Even though cryptographic primitives (e.g., homomorphic encryption) can help achieve data privacy in this setting, some partial information may still be leaked across parties if this is done non-judiciously. In this work, we study the federated learning framework of SecureBoost [Cheng et al., FL@IJCAI'19] as a specific such example, demonstrate a leakage-abuse attack based on its leakage profile, and experimentally evaluate the effectiveness of our attack. We then propose two secure versions relying on trusted execution environments. We implement and benchmark our protocols to demonstrate that they are 1.2-5.4X faster in computation and need 5-49X less communication than SecureBoost.

Keywords

Cite

@article{arxiv.2011.04948,
  title  = {Mitigating Leakage in Federated Learning with Trusted Hardware},
  author = {Javad Ghareh Chamani and Dimitrios Papadopoulos},
  journal= {arXiv preprint arXiv:2011.04948},
  year   = {2020}
}

Comments

Presented at the Privacy Preserving Machine Learning Workshop (PriML/PPML Joint Edition) at the 34th Conference on Neural Information Processing Systems (NeurIPS 2020)

R2 v1 2026-06-23T20:02:22.432Z