A Scheme of Anti Gradient Leakage of Federated Learning Based on Blockchain

Federated learning provides a new solution for data security and privacy protection in the process of machine learning. In distributed learning, interactive gradient rather than direct exchange of data avoids the direct acquisition of data by malicious participants. The latest research shows that the gradient will also leak the data privacy during user training, current solutions to gradient leakage problems are mainly divided into two categories: 1. Encrypt the parameters of the model updating process by using the cryptography scheme; 2. Increase the interference noise for the gradient through thinning, gradient compression, adding noise and other schemes. However, the cryptographic scheme cannot be targeted at the aggregator, and the noise scheme has too much impact on the performance of the model. This paper uses the trust mechanism of blockchain to design an anti gradient leakage scheme for this problem: when the participants upload the gradient, the noise is added through the blockchain smart contract, and the noise value is randomly divided into multiple copies and stored in the blockchain. The central server obtains the noise sum of all participants through the smart contract, and aggregates the gradient to remove the noise. In the training process, all participants can only obtain the aggregation gradient and noise gradient, and cannot recover user data. At the same time, due to the automatic execution and tamper proof characteristics of blockchain smart contracts, malicious interference in the data exchange process is avoided.