The federated learning (FL) technique was developed to mitigate data privacy issues in the traditional machine learning paradigm. While FL ensures that a user's data always remain with the user, the gradients are shared with the centralized server to build the global model. This results in privacy leakage, where the server can infer private information from the shared gradients. To mitigate this flaw, the next-generation FL architectures proposed encryption and anonymization techniques to protect the model updates from the server. However, this approach creates other challenges, such as malicious users sharing false gradients. Since the gradients are encrypted, the server is unable to identify rogue users. To mitigate both attacks, this paper proposes a novel FL algorithm based on a fully homomorphic encryption (FHE) scheme. We develop a distributed multi-key additive homomorphic encryption scheme that supports model aggregation in FL. We also develop a novel aggregation scheme within the encrypted domain, utilizing users' non-poisoning rates, to effectively address data poisoning attacks while ensuring privacy is preserved by the proposed encryption scheme. Rigorous security, privacy, convergence, and experimental analyses have been provided to show that FheFL is novel, secure, and private, and achieves comparable accuracy at reasonable computational cost.

翻译：联邦学习技术旨在缓解传统机器学习范式中的数据隐私问题。虽然联邦学习确保用户数据始终保留在本地，但梯度仍需与中央服务器共享以构建全局模型，这导致隐私泄露——服务器可能从共享梯度中推断隐私信息。为弥补这一缺陷，新一代联邦学习架构采用加密和匿名化技术来保护模型更新免受服务器窥探。然而，这种方法引发了新挑战：恶意用户可共享虚假梯度，而由于梯度处于加密状态，服务器无法识别恶意用户。为同时抵御这两种攻击，本文提出一种基于全同态加密（FHE）的新型联邦学习算法。我们设计了一种支持联邦学习模型聚合的分布式多密钥加法同态加密方案，同时开发了加密域内的创新聚合机制——利用用户的非投毒率有效应对数据投毒攻击，并通过所提加密方案确保隐私保护。严格的安全性、隐私性、收敛性分析与实验结果表明，FheFL在合理性计算开销下具有创新性、安全性、隐私性，并实现了可比精度。