Paper 2023/652

ScionFL: Efficient and Robust Secure Quantized Aggregation

Yaniv Ben-Itzhak, VMware Research Group
Helen Möllering, Technical University of Darmstadt
Benny Pinkas, Bar-Ilan University, Aptos Labs
Thomas Schneider, Technical University of Darmstadt
Ajith Suresh, Technology Innovation Institute
Oleksandr Tkachenko, DFINITY Foundation
Shay Vargaftik, VMware Research Group
Christian Weinert, Royal Holloway University of London
Hossein Yalame, Technical University of Darmstadt
Avishay Yanai, VMware Research Group

Secure aggregation is commonly used in federated learning (FL) to alleviate privacy concerns related to the central aggregator seeing all parameter updates in the clear. Unfortunately, most existing secure aggregation schemes ignore two critical orthogonal research directions that aim to (i) significantly reduce client-server communication and (ii) mitigate the impact of malicious clients. However, both of these additional properties are essential to facilitate cross-device FL with thousands or even millions of (mobile) participants. In this paper, we unite both research directions by introducing ScionFL, the first secure aggregation framework for FL that operates efficiently on quantized inputs and simultaneously provides robustness against malicious clients. Our framework leverages (novel) multi-party computation (MPC) techniques and supports multiple linear (1-bit) quantization schemes, including ones that utilize the randomized Hadamard transform and Kashin's representation. Our theoretical results are supported by extensive evaluations. We show that with no overhead for clients and moderate overhead for the server compared to transferring and processing quantized updates in plaintext, we obtain comparable accuracy for standard FL benchmarks. Moreover, we demonstrate the robustness of our framework against state-of-the-art poisoning attacks.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Minor revision. 2024 IEEE Conference on Secure and Trustworthy Machine Learning (SaTML)
MPCSecure AggregationQuantizationPoisoningDefenseFederated LearningPrivacy
Contact author(s)
ybenitzhak @ vmware com
moellering @ encrypto cs tu-darmstadt de
benny @ pinkas net
schneider @ encrypto cs tu-darmstadt de
ajith suresh @ tii ae
oleksandr tkachenko1 @ gmail com
shayv @ vmware com
christian weinert @ rhul ac uk
yalame @ encrypto cs tu-darmstadt de
ay yanay @ gmail com
2024-05-17: revised
2023-05-08: received
See all versions
Short URL
Creative Commons Attribution


      author = {Yaniv Ben-Itzhak and Helen Möllering and Benny Pinkas and Thomas Schneider and Ajith Suresh and Oleksandr Tkachenko and Shay Vargaftik and Christian Weinert and Hossein Yalame and Avishay Yanai},
      title = {ScionFL: Efficient and Robust Secure Quantized Aggregation},
      howpublished = {Cryptology ePrint Archive, Paper 2023/652},
      year = {2023},
      doi = {10.1109/SaTML59370.2024.00031},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.