In this paper, we propose an efficient secure aggregation scheme for federated learning that is protected against Byzantine attacks and privacy leakages. Processing individual updates to manage adversarial behavior, while preserving privacy of data against colluding nodes, requires some sort of secure secret sharing. However, communication load for secret sharing of long vectors of updates can be very high. To resolve this issue, in the proposed scheme, local updates are partitioned into smaller sub-vectors and shared using ramp secret sharing. However, this sharing method does not admit bi-linear computations, such as pairwise distance calculations, needed by outlier-detection algorithms. To overcome this issue, each user runs another round of ramp sharing, with different embedding of data in the sharing polynomial. This technique, motivated by ideas from coded computing, enables secure computation of pairwise distance. In addition, to maintain the integrity and privacy of the local update, the proposed scheme also uses a vector commitment method, in which the commitment size remains constant (i.e. does not increase with the length of the local update), while simultaneously allowing verification of the secret sharing process.

翻译：本文提出一种高效的安全聚合方案，用于保护联邦学习免受拜占庭攻击与隐私泄露。处理单个更新以管理对抗行为，同时防止数据被合谋节点窃取，需要某种形式的安全秘密共享。然而，对长向量更新进行秘密共享的通信开销极高。为解决此问题，本方案将局部更新分割为更小的子向量，并采用斜坡秘密共享进行分发。但该方法不支持异常检测算法所需的双线性计算（如成对距离计算）。为此，每个用户运行另一轮斜坡共享，在共享多项式中使用不同的数据嵌入。该技术借鉴编码计算思想，可实现安全的成对距离计算。此外，为维护局部更新的完整性与隐私性，本方案还采用一种向量承诺方法，其承诺大小保持恒定（即不随局部更新长度增长），同时允许验证秘密共享过程。