Federated learning (FL) shows great promise in large scale machine learning, but brings new risks in terms of privacy and security. We propose ByITFL, a novel scheme for FL that provides resilience against Byzantine users while keeping the users' data private from the federator and private from other users. The scheme builds on the preexisting non-private FLTrust scheme, which tolerates malicious users through trust scores (TS) that attenuate or amplify the users' gradients. The trust scores are based on the ReLU function, which we approximate by a polynomial. The distributed and privacy-preserving computation in ByITFL is designed using a combination of Lagrange coded computing, verifiable secret sharing and re-randomization steps. ByITFL is the first Byzantine resilient scheme for FL with full information-theoretic privacy.

翻译：联邦学习（FL）在大规模机器学习中展现出巨大潜力，但同时也带来了隐私与安全方面的新风险。本文提出ByITFL——一种新颖的联邦学习方案，该方案既能抵御拜占庭用户的攻击，又能确保用户数据对联邦服务器及其他用户保持私密。该方案基于已有的非隐私保护FLTrust方案构建，后者通过信任分数（TS）衰减或放大用户梯度以容忍恶意用户。信任分数的计算基于ReLU函数，我们采用多项式对其进行近似。ByITFL中的分布式隐私保护计算融合了拉格朗日编码计算、可验证秘密共享及重随机化步骤。ByITFL是首个实现完全信息论隐私保护的拜占庭鲁棒联邦学习方案。