Secure Multiparty Computation (MPC) can improve the security and privacy of data owners while allowing analysts to perform high quality analytics. Secure aggregation is a secure distributed mechanism to support federated deep learning without the need for trusted third parties. In this paper we present a highly performant secure aggregation protocol with sub-linear communication complexity. Our protocol achieves greater communication and computation efficiencies through a group-based approach. It is similar to secret sharing protocols extended to vectors of values-aka gradients-but within groups we add an additional layer of secret sharing of shares themselves-aka sharding. This ensures privacy of secret inputs in the standard real/ideal security paradigm, in both semi-honest and malicious settings where the server may collude with the adversary. In the malicious setting with 5% corrupt clients and 5% dropouts, our protocol can aggregate over a federation with 100,000,000 members and vectors of length 100 while requiring each client to communicate with only 350 other clients. The concrete computation cost for this aggregation is less than half a second for the server and less than 100ms for the client.
翻译:多党安全计算(MPC)可以改善数据拥有者的安全和隐私,同时允许分析家进行高质量的分析。安全汇总是一个安全的分布机制,用于支持联邦深层学习,而不需要信任第三方。在本文件中,我们展示了高度表现安全的汇总协议,具有亚线通信复杂性。我们的协议通过基于集团的方法实现了更大的通信和计算效率。类似于秘密共享协议,适用于价值-卡梯度的矢量,但在群体内部,我们增加了一层秘密分享股份本身的保密层。这确保了标准真实/理想安全模式中的秘密投入的隐私,在半诚实和恶意环境中,服务器可能与对手勾结。在5%的腐败客户和5%的辍学者这种恶意环境中,我们的协议可以将100万个成员和100万矢量的联邦合并在一起,同时要求每个客户仅与350个其他客户进行沟通。这一汇总的具体计算成本对于服务器来说不到一半秒,而对客户来说则不到100米。