Due to the widespread availability of data, machine learning (ML) algorithms are increasingly being implemented in distributed topologies, wherein various nodes collaborate to train ML models via the coordination of a central server. However, distributed learning approaches face significant vulnerabilities, primarily stemming from two potential threats. Firstly, the presence of Byzantine nodes poses a risk of corrupting the learning process by transmitting inaccurate information to the server. Secondly, a curious server may compromise the privacy of individual nodes, sometimes reconstructing the entirety of the nodes' data. Homomorphic encryption (HE) has emerged as a leading security measure to preserve privacy in distributed learning under non-Byzantine scenarios. However, the extensive computational demands of HE, particularly for high-dimensional ML models, have deterred attempts to design purely homomorphic operators for non-linear robust aggregators. This paper introduces SABLE, the first homomorphic and Byzantine robust distributed learning algorithm. SABLE leverages HTS, a novel and efficient homomorphic operator implementing the prominent coordinate-wise trimmed mean robust aggregator. Designing HTS enables us to implement HMED, a novel homomorphic median aggregator. Extensive experiments on standard ML tasks demonstrate that SABLE achieves practical execution times while maintaining an ML accuracy comparable to its non-private counterpart.

翻译：由于数据的广泛可用性，机器学习算法正越来越多地在分布式拓扑中实现——各节点通过中央服务器的协调协作训练机器学习模型。然而，分布式学习方法面临显著的安全隐患，主要源于两种潜在威胁。其一，拜占庭节点的存在可能通过向服务器传输错误信息破坏学习过程；其二，好奇的服务器可能危及单个节点的隐私，有时甚至重构节点的全部数据。同态加密已成为非拜占庭场景下保护分布式学习隐私的主要安全措施。然而，同态加密巨大的计算开销（特别是针对高维机器学习模型）阻碍了为非线性鲁棒聚合器设计纯同态算子的尝试。本文提出SABLE，首个同态且抗拜占庭的分布式学习算法。SABLE利用HTS——一种实现广泛使用的坐标修剪均值鲁棒聚合器的新型高效同态算子。设计HTS使我们能够实现HMED，一种新型同态中位数聚合器。在标准机器学习任务上的大量实验表明，SABLE在保持与非私有方法相当机器学习精度的同时，实现了实用的执行时间。