Research

BFT-based Verifiable Secret Sharing Secures Distributed Machine Learning

A novel Byzantine Fault Tolerant verifiable secret sharing scheme thwarts model poisoning attacks, enhancing privacy and consistency in distributed machine learning.
September 20, 20253 min

The image displays a vibrant abstract composition featuring a glowing blue crystalline cluster at its core, enveloped by darker, angular geometric blocks. Smooth, white segmented structures intertwine around the central elements, contrasting with the sharp facets
The image showcases a complex metallic object, featuring interconnected loops and textured surfaces, rendered in cool blue and silver tones with a shallow depth of field. Prominent circular openings and smaller indentations are visible on its robust, mottled exterior

Briefing

The paper addresses the critical vulnerability of Verifiable Secret Sharing (VSS) schemes in Distributed Privacy-preserving Machine Learning (DPML) to model poisoning attacks, stemming from inconsistent share commitments and high overhead. It proposes EByFTVeS, an Efficient Byzantine Fault Tolerant-based VSS scheme, which integrates a modified Practical Byzantine Fault Tolerance (PBFT) consensus mechanism to enforce consistent share distribution and verification. This foundational breakthrough ensures the integrity and reliability of collaborative machine learning models, significantly enhancing security against malicious actors in decentralized environments.

The image presents a detailed, close-up view of a sophisticated blue and dark grey mechanical apparatus. Centrally, a metallic cylinder prominently displays the Bitcoin symbol, surrounded by neatly coiled black wires and intricate structural elements

Context

Prior to this research, established VSS-based DPML frameworks faced a significant theoretical limitation → the inherent inconsistency of commitments and substantial computational and communication overhead. Malicious dealers could exploit these weaknesses through an Adaptive Share Delay Provision (ASDP) strategy, enabling them to provide inconsistent or delayed shares that would pass local verification, ultimately leading to a successful model poisoning attack (ACuMPA) and compromising the integrity of the aggregated machine learning model. This undermined the fundamental promise of secure, collaborative computation in distributed systems.

The image showcases a complex, abstract device centered around a cluster of brilliant blue, faceted crystals. Radiating outward are sleek white and metallic structures, some sharp and others rounded, alongside a prominent cylindrical component emitting a blue glow

Analysis

The core mechanism of EByFTVeS involves integrating a modified Practical Byzantine Fault Tolerance (PBFT) consensus algorithm directly into the VSS process. Instead of allowing direct, potentially inconsistent broadcasting of shares and verification results, EByFTVeS mandates that all such communications → including share distribution, verification outcomes, and aggregated shares → are routed through this consensus layer. This fundamental shift ensures that all honest participants receive an identical, cryptographically consistent set of encrypted shares and their corresponding verification statuses. The scheme modifies PBFT by introducing an additional “Pre-Propose” phase, accommodating participant-initiated requests and guaranteeing that malicious actors cannot manipulate individual shares or delay their broadcast to launch model poisoning attacks, as the consensus mechanism enforces agreement on all shared data.

A close-up view reveals a complex molecular arrangement composed of shimmering blue crystalline facets and smooth white spheres, all linked by white rod-like structures. This abstract visualization effectively embodies the core principles of blockchain technology and cryptocurrency networks

Parameters

  • Core Concept → Efficient Byzantine Fault Tolerant Verifiable Secret Sharing (EByFTVeS)
  • Problem Identified → Adaptive Share Delay Provision (ASDP)
  • Attack Mechanism → ASDP-based Customized Model Poisoning Attack (ACuMPA)
  • Underlying Consensus → Practical Byzantine Fault Tolerance (PBFT)
  • Application Domain → Distributed Privacy-preserving Machine Learning (DPML), Secure Multi-Party Computation (MPC)
  • Key Authors → Zhen Li, Zijian Zhang, Wenjin Yang, Pengbo Wang, Zhaoqi Wang, Meng Li, Yan Wu, Xuyang Liu, Jing Sun, Liehuang Zhu
  • Key Properties → Validity, Liveness, Consistency, Privacy

A prominent spherical object, textured like the moon with visible craters, is centrally positioned, appearing to push through a dense, intricate formation of blue and grey geometric shards. These angular, reflective structures create a sense of depth and dynamic movement, framing the emerging sphere

Outlook

This research establishes a robust foundation for building more secure and trustworthy distributed machine learning and multi-party computation systems. By effectively neutralizing model poisoning attacks, EByFTVeS enhances the reliability of collaborative AI training and confidential data processing, facilitating broader adoption of privacy-preserving techniques in sensitive real-world applications such as healthcare, finance, and supply chain management. Future research avenues include exploring the integration of EByFTVeS with other advanced cryptographic primitives, optimizing its scalability for extremely large-scale distributed environments, and investigating its applicability in emerging decentralized autonomous organizations requiring high integrity and Byzantine fault tolerance.

A visually striking, abstract object floats against a soft grey-white gradient background, featuring a textured, translucent surface that shifts from clear to deep blue. Two highly polished metallic cylindrical modules are integrated into its core, with a prominent central component and a smaller one positioned below

Verdict

EByFTVeS decisively advances the security and integrity of distributed privacy-preserving machine learning by effectively neutralizing sophisticated model poisoning attacks through a robust, consensus-driven verifiable secret sharing mechanism.

Signal Acquired from → arxiv.org

Micro Crypto News Feeds

byzantine fault tolerance

Definition ∞ Byzantine Fault Tolerance is a property of a distributed system that allows it to continue operating correctly even when some of its components fail or act maliciously.

machine learning

Definition ∞ Machine learning is a field of artificial intelligence that enables computer systems to learn from data and improve their performance without explicit programming.

consensus mechanism

Definition ∞ A 'Consensus Mechanism' is the process by which a distributed network agrees on the validity of transactions and the state of the ledger.

verifiable secret sharing

Definition ∞ Verifiable secret sharing is a cryptographic protocol that partitions a secret into several distinct components, or shares, allocated among multiple participants.

model poisoning

Definition ∞ Model poisoning refers to an adversarial attack technique where malicious data is injected into a machine learning model's training dataset.

byzantine fault

Definition ∞ A Byzantine fault is a failure in a distributed computer system where components may exhibit arbitrary or malicious behavior.

multi-party computation

Definition ∞ Multi-Party Computation (MPC) is a cryptographic protocol enabling multiple parties to jointly compute a function over their private inputs without disclosing those inputs to each other.

distributed machine learning

Definition ∞ Distributed machine learning refers to the training of artificial intelligence models across multiple computational nodes or devices.

secret sharing

Definition ∞ Secret sharing is a cryptographic technique that divides a secret piece of information into multiple parts, called shares.

Tags:

Tags: