Secure Aggregation Protocols¶
Note
While this term might be used in other places, here it refers to a series of
protocols, including SecAgg, SecAgg+, LightSecAgg, FastSecAgg, etc.
This concept was first proposed by Bonawitz et al. in Practical Secure Aggregation
for Federated Learning on User-Held Data.
Secure Aggregation protocols are used to securely aggregate model updates from multiple clients while keeping the updates private. This is done by encrypting the model updates before sending them to the server. The server can decrypt only the aggregated model update without being able to inspect individual updates.
Flower now provides the SecAgg and SecAgg+ protocols. While we plan to implement
more protocols in the future, one may also implement their own custom secure aggregation
protocol via low-level APIs.
The SecAgg+ protocol in Flower¶
The SecAgg+ protocol is implemented using the SecAggPlusWorkflow in the
ServerApp and the secaggplus_mod in the ClientApp. The SecAgg protocol
is a special case of the SecAgg+ protocol, and one may use SecAggWorkflow and
secagg_mod for that.
You may find a detailed example in the Secure Aggregation Example. The documentation
for the SecAgg+ protocol configuration is available at SecAggPlusWorkflow.
The logic of the SecAgg+ protocol is illustrated in the following sequence diagram:
the dashed lines represent communication over the network, and the solid lines represent
communication within the same process. The ServerApp is connected to SuperLink,
and the ClientApp is connected to the SuperNode; thus, the communication between
the ServerApp and the ClientApp is done via the SuperLink and the
SuperNode.