Hartebrodt A, Röttger R (2023)
Publication Type: Journal article
Publication year: 2023
Book Volume: 18
Pages Range: 5122-5132
DOI: 10.1109/TIFS.2023.3301710
Federated learning (FL) is a privacy-aware data mining strategy keeping the private data on the owners' machine and thereby confidential. The clients compute local models and send them to an aggregator which computes a global model. In hybrid FL, the local parameters are additionally masked using secure aggregation, such that only the global aggregated statistics become available in clear text, not the client specific updates. In this context, we investigate the data leakage of three popular algorithms for QR decomposition, Gram-Schmidt orthonormalization, the Householder algorithm and Givens rotation. We show that, even when using additive SMPC, Givens rotation and the Householder matrix leak raw data and are therefore not suited for this computation paradigm. Gram-Schmidt orthonormalization relies on inner vector products and does not leak raw data points.
APA:
Hartebrodt, A., & Röttger, R. (2023). Privacy of Federated QR Decomposition Using Additive Secure Multiparty Computation. IEEE Transactions on Information Forensics and Security, 18, 5122-5132. https://doi.org/10.1109/TIFS.2023.3301710
MLA:
Hartebrodt, Anne, and Richard Röttger. "Privacy of Federated QR Decomposition Using Additive Secure Multiparty Computation." IEEE Transactions on Information Forensics and Security 18 (2023): 5122-5132.
BibTeX: Download