PPFLV: privacy-preserving federated learning with verifiability

Federated learning, as an emerging framework for distributed machine learning, has received widespread attention. In federated learning, the cloud server and the users cooperatively train a model by sharing gradients rather than local private data. However, the users' private data may still be exposed by the shared gradients. Furthermore, the cloud server may perform incorrect aggregation operations on the gradients sent by users and send a forged or previous aggregated gradient to the users. In this paper, we propose PPFLV, a privacy-preserving federated learning scheme with verifiability. Specifically, to protect the users' privacy, we design an efficient double gradient blinding and encryption method to blind and encrypt the users' local gradients. Furthermore, we propose a novel double gradient verification method that can achieve secure verification while resisting replay attacks in the verification phase. With the proposed verification method, the users only require to perform lightweight operations to verify the correctness of the aggregated encrypted gradients and recover the aggregated gradient from the aggregated encrypted gradients. The experimental results show that PPFLV achieves comparable classification accuracy to the basic federated learning scheme while providing privacy protection and verifiability. Furthermore, PPFLV exhibits lower computation and communication overhead compared to related schemes.