Enhanced Security Verifiable Secure Aggregation Scheme in Federated Learning

Federated Learning(FL) enables multiple participants to build a loosely coupled distributed machine learning system under the coordination of a central server. Existing FL models typically assume that the server aggregating data is semi-honest, but this assumption does not align with the complexities of real-world application environments, where the server may carry out collusion attacks or replay attacks. VerifyNet is a representative federated learning protocol for verifiable secure aggregation. In this paper, we analyze the security of VerifyNet, identify two shortcomings: low tolerance to collusion attacks and inability to resist combinatorial replay attacks. Furthermore, we have experimentally confirmed the existence of these two security vulnerabilities. To address the issue of low tolerance for collusion attacks, we have constructed a secure homomorphic hash function key generator using a randomized approach to prevent malicious servers from obtaining shared keys and forging data. To address the issue of being unable to resist replay attacks, we have constructed a secure additional verification information generation algorithm using AES-CTR encryption mode, which prevents malicious servers from obtaining increments from historical data and constructing combinatorial replay attacks. Security analysis shows that our scheme effectively achieves privacy protection and aggregation verification. We tested the performance of the scheme in a local area network environment. Experimental data indicates that when the number of clients is 500 and the number of gradients per client is 5000, our scheme only requires an additional 5.76‰ computational overhead and 3.46% communication overhead compared to the VerifyNet protocol, and eliminates the security vulnerabilities of collusion attacks and combinatorial replay attacks.