物联网中多密钥同态加密的联邦学习隐私保护方法  被引量：1

作　　者：管桂林 支婷 陶政坪 曹扬 Guan Guilin;Zhi Ting;Tao Zhenping;Cao Yang(CETC Big Data Research Institute Co.,Ltd.,Guiyang 550022;National Engineering Research Center of Big Data Application to the Improvement of Governance Capacity,Guiyang 550022)

机构地区：[1]中电科大数据研究院有限公司,贵阳550022 [2]提升政府治理能力大数据应用技术国家工程研究中心,贵阳550022

出　　处：《信息安全研究》2024年第10期958-966,共9页Journal of Information Security Research

基　　金：国家重点研发计划项目(2023YFC3806001);贵州省科技支撑计划项目(2023MA6DN7B8X22057);海南省重大科技计划项目(ZDKJ2021051);贵州省高层次创新型人才项目(黔科合平台人才-GCC[2023]105)。

摘　　要：借助联邦学习,多个分布式物联网设备可在不泄露原始数据前提下通过传输模型更新共同训练全局模型.然而,联邦学习系统易受模型推理攻击的影响,导致系统鲁棒性和数据隐私性受损.针对现有联邦学习方案无法实现对共享梯度的机密性保护以及难以抵抗客户端和服务器发起的共谋攻击等问题,提出一种物联网中多密钥同态加密的联邦学习隐私保护方法.该方法利用多密钥同态加密实现了梯度更新机密性保护,首先通过采用代理重加密技术,将不同公钥下的密文转换为公共密钥下的加密数据,确保云服务器实现对梯度密文的解密.然后,物联网设备采用自身的公钥和随机秘密因子加密本地梯度数据,可抵抗恶意设备和服务器发起的合谋攻击.其次,设计了一种基于混合密码体制的身份认证方法,实现对联邦建模参与方身份的实时验证.此外,为了进一步降低客户端计算开销,将部分解密计算协同至可信服务器计算,用户只需少量的计算即可.通过对所提方案进行全面分析以评估其安全性和效率.结果表明,所提方案满足了预期的安全要求.实验仿真表明,该方案相较于现有方案,具有较低的计算开销,可实现更快且准确的模型训练.With federated learning,multiple distributed IoT devices can jointly train a global model by updating the transmission model without leaking raw data.However,federated learning systems are susceptible to model inference attacks,resulting in compromised system robustness and data privacy.A federated learning privacy protection method for multi-key homomorphic encryption in the Internet of Things is proposed to address the issues of existing federated learning solutions being unable to protect the confidentiality of shared gradients and resisting collusion attacks initiated by clients and servers.This method utilizes multi-key homomorphic encryption to achieve gradient update confidentiality protection.Firstly,by using proxy re-encryption technology,the ciphertext under different public keys is converted into encrypted data under the public key,ensuring that the cloud server can decrypt the gradient ciphertext.Then,IoT devices use their own public key and random secret factor to encrypt local gradient data,which can resist collusion attacks initiated by malicious devices and servers.Secondly,an identity authentication method based on hybrid cryptography was designed to achieve real-time verification of the identities of participants in federated modeling.In addition,in order to further reduce client computing costs,some decryption calculations are coordinated with trusted servers for computation,and users only need a small amount of computation.A comprehensive analysis was conducted on the proposed solution to evaluate its safety and efficiency.The results indicate that the proposed scheme meets the expected security requirements.Experimental simulation shows that compared to existing schemes,this scheme has lower computational overhead and can achieve faster and more accurate model training.

关 键 词：联邦学习 物联网 代理重加密 多密钥同态加密 隐私保护 抗合谋攻击 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]