Local Model Privacy-Preserving Study for Federated Learning

In federated learning framework, data are kept locally by clients, which provides naturally a certain level of privacy. However, we show in this paper that a curious onlooker can still infer some sensitive information of clients by looking at the exchanged messages. More precisely, for the linear regression task, the onlooker can decode the exact local model of each client in a constant number of rounds under both cross-device and cross-silo federated learning settings. We improve one of the learning algorithms and experimentally show that it makes the onlooker harder to decode the local model of clients.