Federated learning (FL) is a machine learning paradigm, which enables multiple and decentralized clients to collaboratively train a model under the orchestration of a central aggregator. FL can be a scalable machine learning solution in big data scenarios. Traditional FL relies on the trust assumption of the central aggregator, which forms cohorts of clients honestly. However, a malicious aggregator, in reality, could abandon and replace the client's training models, or insert fake clients, to manipulate the final training results. In this work, we introduce zkFL, which leverages zero-knowledge proofs to tackle the issue of a malicious aggregator during the training model aggregation process. To guarantee the correct aggregation results, the aggregator provides a proof per round, demonstrating to the clients that the aggregator executes the intended behavior faithfully. To further reduce the verification cost of clients, we use blockchain to handle the proof in a zero-knowledge way, where miners (i.e., the participants validating and maintaining the blockchain data) can verify the proof without knowing the clients' local and aggregated models. The theoretical analysis and empirical results show that zkFL achieves better security and privacy than traditional FL, without modifying the underlying FL network structure or heavily compromising the training speed.

翻译：联邦学习（FL）是一种机器学习范式，允许多个分散客户端在中央聚合器的协调下协同训练模型。在大数据场景中，FL可作为一种可扩展的机器学习解决方案。传统FL依赖于中央聚合器诚实组建客户端队列的信任假设。然而现实中，恶意聚合器可能丢弃或替换客户端的训练模型，或插入虚假客户端以操纵最终训练结果。本文提出zkFL方法，利用零知识证明解决训练模型聚合过程中恶意聚合器的问题。为确保聚合结果的正确性，聚合器每轮提供证明，向客户端证实其忠实执行了预定行为。为进一步降低客户端的验证成本，我们采用区块链以零知识方式处理证明，使矿工（即验证和维护区块链数据的参与者）无需知晓客户端的局部模型和聚合模型即可完成验证。理论分析与实验结果表明，zkFL在无需修改底层FL网络结构或严重牺牲训练速度的前提下，实现了优于传统FL的安全性与隐私保护能力。