CN115549901B - Batch aggregation method for federal learning in Internet of vehicles environment - Google Patents
Batch aggregation method for federal learning in Internet of vehicles environment Download PDFInfo
- Publication number
- CN115549901B CN115549901B CN202211196414.7A CN202211196414A CN115549901B CN 115549901 B CN115549901 B CN 115549901B CN 202211196414 A CN202211196414 A CN 202211196414A CN 115549901 B CN115549901 B CN 115549901B
- Authority
- CN
- China
- Prior art keywords
- rsu
- vehicle
- training
- data
- vehicles
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000002776 aggregation Effects 0.000 title claims abstract description 43
- 238000004220 aggregation Methods 0.000 title claims abstract description 43
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000004364 calculation method Methods 0.000 claims abstract description 17
- 238000013524 data verification Methods 0.000 claims abstract description 5
- 230000006855 networking Effects 0.000 claims abstract description 5
- 238000012549 training Methods 0.000 claims description 63
- 238000012795 verification Methods 0.000 claims description 19
- 230000008569 process Effects 0.000 claims description 8
- 238000006116 polymerization reaction Methods 0.000 claims description 7
- 230000004044 response Effects 0.000 claims description 6
- 239000003999 initiator Substances 0.000 claims description 5
- 238000012935 Averaging Methods 0.000 claims description 4
- 230000002452 interceptive effect Effects 0.000 claims description 2
- 238000011946 reduction process Methods 0.000 claims description 2
- 239000000725 suspension Substances 0.000 claims 1
- 230000006854 communication Effects 0.000 abstract description 9
- 238000004891 communication Methods 0.000 abstract description 8
- 238000005516 engineering process Methods 0.000 abstract description 8
- 230000004931 aggregating effect Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012360 testing method Methods 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 238000007418 data mining Methods 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000011478 gradient descent method Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000007726 management method Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3218—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs
- H04L9/3221—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using proof of knowledge, e.g. Fiat-Shamir, GQ, Schnorr, ornon-interactive zero-knowledge proofs interactive zero-knowledge proofs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Traffic Control Systems (AREA)
Abstract
The invention discloses a batch aggregation method for federal learning in a vehicle networking environment, which comprises system initialization, vehicle learning and model aggregation, wherein the method realizes hiding of original gradient data based on an asymmetric public key cryptosystem, and ensures the privacy of user data; the user can realize data verification on the premise of not revealing own privacy by using a zero knowledge proof technology on the basis of a federal learning architecture, and meanwhile, the malicious vehicle certificate can be tracked; in addition, a batch aggregation protocol is provided, so that communication and calculation overheads can be effectively reduced. The invention provides a safe, efficient and privacy-preserving batch aggregation protocol for federal learning in the Internet of vehicles.
Description
Technical Field
The invention belongs to the technical field of Internet of vehicles, in particular to an asymmetric key and zero knowledge proof technology, and particularly relates to a batch aggregation method for federal learning in an Internet of vehicles environment.
Background
The Internet of vehicles is an important field of informatization and industrialization deep integration, and has great potential in the aspects of improving road safety and traffic efficiency, optimizing congestion control, traffic management and the like. The internet of vehicles has massive data, the data comprise data generated by cameras, radars, global positioning system (Global Positioning System, GPS) and other sensors of the vehicles, and traffic facility data generated by Road Side Units (RSU), and the like, and the traffic environment of cities can be further improved by effectively utilizing the data, so that the intelligent traffic system is the core of the intelligent traffic system. At the same time, however, since devices in the internet of vehicles communicate in a wireless open environment, this may lead to privacy leakage, e.g., a camera of the vehicle may expose a user's frequent access area, a GPS of the vehicle may expose the user's location track information, etc. Therefore, how to effectively use data while ensuring privacy security is an important issue facing the internet of vehicles. Federal learning is an emerging artificial intelligence basic technology, and is first proposed by google in 2016, and a corresponding learning framework is also proposed by the micro-public banks, so that the application of the intelligent learning framework and privacy calculation in the field of internet of vehicles are promising due to the privacy protection characteristics. On the premise of effectively protecting privacy, the federal learning utilizes a large amount of scattered data of vehicles to conduct data mining on each vehicle participating in federal learning, local data are utilized to train local models and then are sent to an aggregation server, after the server receives enough local models, the aggregation server generates global models and then sends the global models to the vehicles participating in federal learning, and a good federal learning result is finally obtained through iteration.
With the development of the new generation of communication technology, the network conditions of the internet of vehicles are greatly improved, but due to the large number of devices contained in the internet of vehicles and different communication environments of the devices, a serious disconnection problem can be generated. Its network has the following two features: first, there are a large number of vehicles in the internet of vehicles, and most of these vehicles are in a high-speed moving state, and often do not have a relatively stable network connection. Secondly, the network composition of the internet of vehicles is numerous and complicated, the network protocols used are also quite different, and many vehicles are limited by hardware conditions and cannot acquire higher network bandwidth. In such a network environment, how to solve the problem of vehicle disconnection and reduce network overhead is also another problem to be solved in the internet of vehicles.
In the prior art, an aggregation method for federal learning is available, but there is a problem that, as the invention patent CN113163366B uses a homomorphic encryption technology to realize protection of gradient data, the technical scheme allows encrypted data to be directly aggregated without decryption, but as the size of data volume increases, the calculation overhead also increases significantly, for example, patent CN113313264B proposes a federal learning scheme for a car networking scene, but the technical scheme lacks protection of data, and does not propose a corresponding encryption scheme to prevent leakage of vehicle privacy. In fact, many studies have pointed out that an attacker can deduce training data reversely from the trained gradient data, so that protection of the gradient data is also an integral part of federal learning in the environment of the internet of vehicles, for example, patent CN113987551a uses CPC light-weight encryption technology to protect vehicle privacy, but does not consider batch aggregation of data, the time of data aggregationComplexity is O (n 2 )。
Disclosure of Invention
The invention aims to: the invention aims to solve the defects in the prior art and provide a dynamic task mixed scheduling method in a diversified vehicle-mounted fog computing environment, and the invention realizes hiding of original gradient data based on an asymmetric public key cryptosystem and ensures the privacy of user data; the user can realize data verification on the premise of not revealing own privacy by using a zero knowledge proof technology on the basis of a federal learning architecture, and meanwhile, the malicious vehicle certificate can be tracked; a batch aggregation protocol for federal learning is also presented that effectively reduces communication and computational overhead.
The technical scheme is as follows: the invention discloses a batch aggregation method for federal learning in an Internet of vehicles environment, which comprises the following steps:
s1, system initialization
Generating a corresponding generator g by the training task initiator LEA according to bilinear pairing relation before federal learning 1 ,g 2 And selectively generate a random number s 1 ,s 2 And h, μ, v, s 1 ,s 2 As the LEA master private key, para= (g 1 ,g 2 μ, v, h, Γ) as LEA public key Γ = yg 2 ,γ∈Z q The method comprises the steps of carrying out a first treatment on the surface of the Initializing a drive test unit (RSU), wherein each RSU selects a plurality of random numbers as encryption private keys, and calculates a public key para'; initializing the vehicle, selecting a random number x by the vehicle participating in federal learning i ∈Z q As self private key and calculate to obtain corresponding public key A i ,A i =(x i +γ) -1 g 1 Simultaneously, the public key of the RSU and gamma in the LEA are temporarily stored in the vehicle-mounted unit OBU of the RSU and gamma in the LEA, and finally, all vehicles (A i ,x i ) Sending the information to the LEA, and tracking the LEA through a public key; i represents an i-th vehicle;
s2, vehicle participates in local training
Each vehicle participating in federal learning acquires the latest global model from a Road Side Unit (RSU) and carries out local training by using a data set (various sensor data carried by the vehicle), after the number of the specified rounds is reached, the parameters (weight and bias data of each layer of the model) of the trained local model are encrypted by a public key para' of the RSU, then the encrypted data are signed by a zero knowledge proof method, finally the encrypted data and the signature are sent to the RSU together, the RSU waits for further indication, if a stop command of the RSU is received, the group is stopped, and if the new global model is received, the local training is repeated;
s3, RSU aggregation model
Before federal learning starts, a road test unit RSU firstly initializes a global model by using default parameters (random weights and biases), wherein the global model is automatically selected according to a current task (for example, an LSTM model is selected in a traffic flow prediction Task (TFP) and a CNN model is selected in a traffic sign recognition Task (TSR)), and secondly broadcasts the initialized global model and waits for collecting response results of a vehicle;
and when all vehicles are trained, verifying whether the received response results are valid in batches, if so, aggregating all response data to generate a new global model, verifying whether the model meets the standard or not by using verification set data (data related to training tasks which do not participate in training at an RSU), if so, sending a training termination command to the vehicles, and if not, broadcasting a new global model by all the vehicles to perform a new round of training.
Further, the detailed steps of the step S1 are as follows:
s1.1, LEA initialization: training task initiator LEA according to bilinear pairing relationshipGenerating g 1 ,g 2 As generator, simultaneously generate random number +.>S 1 ,s 2 ∈Z q And satisfy s 1 μ=s 2 V=h, will s 1 ,s 2 As the LEA master private key, the LEA randomly selects gamma epsilon Z q Calculating Γ=yg 2 Finally, the group public key (g) 1 ,g 2 ,μ,v,h,Γ);
S1.2, initializing RSU: the RSU randomly selects 5 random numbers sk 1 ,sk 2 ,sk 3 ,sk 4 ,sk 5 ∈Z q As a data encryption private key, then through two random numbers κ 1 ,κ 2 ∈Z q To calculate pk 1 、pk 2 And pk 3 As the verification public key, RSU final public key is (κ) 1 ,κ 2 ,pk 1 ,pk 2 ,pk 3 );
pk 1 =sk 1 κ 1 +sk 2 κ 2 ,pk 2 =sk 3 κ 1 +sk 4 κ 2 ,pk 3 =sk 5 κ 1 ;
S1.3, initializing a vehicle: each vehicle participating in training randomly selects x i ∈Z q As a private key, a gamma-calculated vehicle's own public key a is obtained from the LEA i The acquired RSU public key (κ) 1 ,κ 2 ,pk 1 ,pk 2 ,pk 3 ) And gamma are stored in OBU of vehicle, and finally each vehicle will (A i ,x i ) And uploading to the LEA through a safe and trusted channel.
Further, the specific process of vehicle training in step S2 is as follows:
s2.1 vehicle training
The vehicles participating in training receive the global model from the RSU and verify the data M containing the global model information sent by the RSU R If the signature is correct, then the psi in the data is accepted as a global model, and then local training is carried out to obtain new local update G t+1 T represents the current training wheel number, G t A local model representing training of a certain vehicle at the t-th wheel, G t+1 Representing a local model of the t+1 round; m is M R Information sent on behalf of the RSU; psi represents the global model;
s2.2 encrypting the parameters Using the asymmetric Key System
The vehicle first selects a random numberThen calculate Z using RSU public key 1 、Z 2 、Z 3 And EN { G }; where G represents the new local update and then the original ciphertext is covered with EN { G }, with the resulting encrypted data being (Z 1 ,Z 2 ,En{G},Z 3 ) Wherein G represents the new local update G above t+1 ,Z 1 、Z 2 、Z 3 Then it is a random parameter for data verification;
the original ciphertext is covered by En { G } through the calculation, so that the data privacy is ensured, meanwhile, because an asymmetric key system is adopted, each vehicle uses public key for encryption, and the private key only exists at an RSU (RSU), so that the malicious vehicle cannot acquire training data of other vehicles through hijacking, and the safety of user data is ensured;
s2.3, adopting a zero knowledge proof system to sign the encrypted data
Vehicle selection random number a, b e Z p Then calculate T 1 =aμ,T 2 =bν,T 3 =A i The pair of + (a+b) h gives the result (T) 1 ,T 2 ,T 3 ) Through T 3 Pair A i Performing linear encryption on the ciphertext; the vehicle selects five random numbers c again a ,c b ,c x ,c α ,c β ∈Z p The vehicle establishes a non-interactive zero knowledge proof based on the Fiat-Shamir heuristic to perform signature calculation, and finally generates a signature sigma which isWhich does not contain any private data of the vehicleThe privacy of the vehicle is further ensured; the signature calculation comprises the following specific steps:
1) Calculating random parameters: c (C) 1 =c a μ,C 2 =c b v,C 4 =c x T 1 -c α μ,C 5 =c x T 2 -c β v,C 1 -C 5 Is a linear operation intermediate variable, and C 3 A bilinear pairing is used;
2) Calculation proves that:
3) Calculating verification parameters:
s2.4, data upload
Through steps 2.1-2.3, each vehicle calculates own model ciphertext and corresponding signature thereof to generate data msg= (sigma, cipher, T) stamp ) And uploading to the RSU, waiting for further indication of the RSU, if a stop command of the RSU is received, exiting the group, stopping training, and if a new global model is received, returning to the step S2.1 to repeat training.
Further, the specific process of the model polymerization in the step S3 is as follows:
s3.1 Global model initialization
Before the training task starts, the RSU generates a corresponding global model according to the training task target, for example, an LSTM model is used for a traffic flow prediction Task (TFP), a CNN model is used for a traffic sign recognition Task (TSR), and a default parameter (including random model weight and bias) is used for initializing the global model, namely, random model weight and bias information are distributed to the global model; broadcasting the global model when vehicles in the group participate in federal learning;
s3.2 gradient polymerization
When the RSU receives the vehicle training data, the RSU firstly stamps the time T stamp Verifying, if the time stamp is not up to date, ignoring the training data; if the time stamp is up to date, verifying the signature sigma;
when signature σ verification is valid, RSU restores the data: the reduction process is as follows: first h=hash (Z 1 ||Z 2 ||En { G }) and then using RSU private key calculation (sk) 1 +sk 3 H)Z 1 +(sk 2 +sk 4 H)Z 2 If Z in the calculation result and the encrypted data 3 If they are consistent, useRestoring the data;
after receiving the local update of all vehicles, accumulating and averaging all the parameters to be used as a new global model, using the global model to verify on a verification set, if the requirements are met, sending a training termination command to the participating vehicles, otherwise broadcasting a psi to all the vehicles, and carrying out the next training; the formula of accumulating and averaging isG i Representing from->The decrypted local model information of each vehicle; k (K) t Representing a vehicle; i K t I represents the total number of vehicles;
s3.3, because the step S3.2 is the signature verification aiming at a single vehicle, in an actual network, more than one vehicle participates in training is needed, and therefore, a batch gradient aggregation algorithm is still adopted for batch gradient aggregation of all signatures, and the method comprises the following steps:
1) Collecting local updates G, G of all vehicles 1 ,G 2 ,...,G n ;
2) Verifying whether each local update's timestamp is up-to-date;
3) Verifying whether the signature of each vehicle is valid, wherein the specific flow is as follows: selecting a random number delta i ∈Z p Calculating verification parameters Calculate->And associate it with +/in each signature>Comparing, if not, directly rejecting the batch of data, and if the result of each signature is equal, calculating the following equation:
and the result is still equal, the signature of the batch of data is determined to be correct, otherwise, the batch of data is directly discarded;
if all signatures are valid, H in each piece of encrypted data is calculated i =Hash(Z 1,i ,Z 2,i ,En{G} i ) And uses the private key of the RSU for the following comparison:if the results are equal, the following formula +.>Obtaining the sum of the batch of data, then only dividing the result by the total number of the batch of data to obtain a new global model parameter psi, and simultaneously using the model for verificationAnd (3) verifying the set, if the requirements are met, sending a training termination command to the participating vehicles, otherwise, broadcasting the psi to all vehicles, and performing the next training.
Further, the process of verifying the signature σ in step S3.2 is:
1) Calculating verification parameters:
2) Judging whether the signature is valid or not: calculation ofAnd compares the result with +.>Comparing whether the two are equal, if so, continuing to compare +.>And C in signature 3 Whether or not the same, if->And C 3 And if the current signature is equal, the current signature is determined to be valid, otherwise, the signature is determined to be invalid, and the training data is discarded.
The beneficial effects are that: compared with the prior art, the invention has the following advantages:
(1) The invention provides an aggregation method for federal learning based on asymmetric keys and zero knowledge proof technology, and compared with an encryption-based aggregation scheme, the invention combines identity verification into aggregation to ensure security.
(2) The invention ensures privacy, such as anonymity and unlinkability, of vehicles in federal learning. The aggregation of gradient data in the invention all occurs on a semi-honest RSU, and under the security assumption, no adversary can destroy anonymity.
(3) Compared with the prior art, the training speed is doubled, the communication cost is reduced by 47%, and the joint learning in the Internet of vehicles can be realized at lower calculation and communication cost.
Drawings
FIG. 1 is a flow chart of an implementation of the present invention;
FIG. 2 is a schematic diagram of a system framework of the present invention.
FIG. 3 is a schematic diagram comparing the efficiency of the present invention with that of the prior art safe polymerization scheme.
FIG. 4 is a schematic diagram showing the comparison of the efficiency of the present invention with that of the BatchCryptot scheme
Detailed Description
The technical scheme of the present invention is described in detail below, but the scope of the present invention is not limited to the embodiments.
The invention provides a batch aggregation method for federal learning in a vehicle networking environment, which is characterized in that after vehicles participating in federal learning are trained locally, data of a local model are firstly encrypted by an asymmetric encryption algorithm, signature data are generated based on ciphertext, and then the signature data are transmitted to an aggregation server. After verifying the signature data of the vehicles, the aggregation server conducts batch aggregation on the updated local models of the vehicles, generates global models and then sends the global models to each vehicle participating in federal learning. The scheme adopts a combination algorithm of batch aggregation and message authentication, and improves the efficiency of model aggregation on the premise of ensuring the privacy of the vehicle users.
In the aggregation of the whole federal learning model of the present invention, an attacker cannot obtain the local model parameters of the vehicle by eavesdropping on wireless communication and the like, because these parameters are encrypted in the communication process. Malicious users cannot destroy the model through back door attacks and the like, because the aggregation server must verify whether the vehicle sending the model belongs to a member user or not before aggregating the parameters thereof. The semi-trusted aggregation server cannot obtain any vehicle data of the uploaded local model, including identity information, because the uploaded data message adopts a zero knowledge proof mode.
For the convenience of understanding the technical solution of this embodiment, explanation will be made on related characters, and details are shown in table 1.
TABLE 1
Example 1:
as shown in fig. 1 to 2, the batch aggregation method for federal learning in the internet of vehicles environment of the present embodiment includes the following three links: system initialization, vehicle local training learning and RSU global model aggregation.
The present embodiment assumes that the vehicle A, B, C participates in training, and specifically illustrates the above 3 links as follows:
link i (system initialization):
the initiator LEA of the learning task selects a public curve and related parameters to generate bilinear pairing and multiplication cyclic group g thereof 1 ,g 2 . At the same time select a random number s 1 ,s 2 As a master private key, and calculates its public key (g 1 ,g 2 μ, ν, h, Γ); followed by initialization of the RSUs, each RSU selecting 5 random numbers sk 1 ,sk 2 ,sk 3 ,sk 4 ,sk 5 As an encryption private key, and calculates its public key (κ) 1 ,κ 2 ,pk 1 ,pk 2 ,pk 3 ) The method comprises the steps of carrying out a first treatment on the surface of the Finally, the vehicle A, B, C is initialized in sequence, and a random number a is selected first i As its own private key, calculate its own public key A at the same time i And temporarily storing the public keys of the RSU and the LEA in the OBU of the RSU and the LEA, and finally sending the public key and the private key of the RSU and the LEA to the LEA.
Link ii (local training):
the vehicle receives global model parameters from the RSU, and uses a gradient descent method to perform local training to obtain new local update G t+1 Secondly, adding parameters of the local model through a public key of the RSUCipher text (Z) 1 ,Z 2 ,En{G},Z 3 ) Secondly, the encrypted data is signed by a zero knowledge proof method to obtain a signatureFinally, the encrypted data Cipher and the signature sigma are sent to the RSU together, and the next operation is waited.
Link iii (model polymerization):
when all vehicles are trained, the RSU verifies whether the signature is valid in batches on the received result, and if so, the RSU uses a federal average algorithmAnd aggregating the data to generate a new global model psi, verifying whether the data reach the standard or not by using verification set data, sending a command for stopping training if the data reach the target, and broadcasting the new global model to perform a new round of training if the data do not reach the standard.
As shown in fig. 2 and fig. 3, the technical scheme of the present invention is compared with the existing secure polymerization scheme and the batch crypt scheme respectively. By using a prototype system built by Torch, traffic flow prediction Tasks (TFP) and traffic sign recognition Tasks (TSR) were compared with existing schemes (security aggregation proposed by google and batch crypt proposed by Zhang), respectively, and the time required for each round of training and the consumed bandwidth were mainly compared. The result shows that after the scheme is used, the training time cost of joint learning is reduced by 1 time, and meanwhile, the communication cost is reduced by 47 percent.
The technical scheme of the invention has the advantages that: 1) The method can effectively protect the privacy data of the vehicle, 2) can realize batch data aggregation, and reduces time expenditure, for example, the time required for encrypting the numbers 0-9 is only about 0.5s, batch data verification and addition are carried out, and the time complexity of aggregation is only O (n). In summary, the invention provides a safe, efficient and privacy-preserving batch aggregation protocol for the federal learning system in the Internet of vehicles environment.
Claims (5)
1. A batch aggregation method for federal learning in an Internet of vehicles environment is characterized by comprising the following steps: the method comprises the following steps:
s1, system initialization
Generating a corresponding generator g by the training task initiator LEA according to bilinear pairing relation before federal learning 1 ,g 2 And selectively generate a random number s 1 ,s 2 And h, μ, v, s 1 ,s 2 As the LEA master private key, the (g 1 ,g 2 μ, v, h, Γ) as LEA public key Γ = yg 2 ,γ∈Z q The method comprises the steps of carrying out a first treatment on the surface of the Initializing Road Side Units (RSU), wherein each RSU selects a plurality of random numbers as encryption private keys, and calculates a public key para' = (kappa) of the RSU 1 ,κ 2 ,pk 1 ,pk 2 ,pk 3 ) The method comprises the steps of carrying out a first treatment on the surface of the Initializing the vehicle, selecting a random number x by the vehicle participating in federal learning i ∈Z q As self private key and calculate to obtain corresponding public key A i ,A i =(x i +γ) -1 g 1 Simultaneously, the public key of the RSU and gamma in the LEA are temporarily stored in the vehicle-mounted unit OBU of the RSU and gamma in the LEA, and finally, all vehicles (A i ,x i ) Send to the LEA; i represents an i-th vehicle;
s2, vehicle participates in local training
Each vehicle participating in federal learning acquires the latest global model from a Road Side Unit (RSU) and carries out local training by using a data set of the vehicle, after the number of the vehicles reaches a specified number of rounds, the parameters of the trained local model are encrypted by a public key para' of the RSU, then the encrypted data are signed by a zero knowledge proof method, finally the encrypted data and the signature are sent to the RSU together, the RSU waits for further indication, if a stop command of the RSU is received, the group is to be exited for suspension training, and if the new global model is received, the local training is repeated;
s3, RSU aggregation model
Before federal learning starts, a road side unit RSU firstly uses default parameters, and initializes a global model, and the global model is automatically selected according to different tasks; secondly, broadcasting the initialized global model, and waiting for collecting encrypted data and signatures of the vehicle;
and when all vehicles are trained, verifying whether the received response results are valid in batches, if so, performing federal aggregation on the received response results to generate a new global model, verifying whether the received response results reach the standard by using verification set data, if so, sending a training termination command to the vehicles, and if not, broadcasting the new global model by all the vehicles to perform a new round of training.
2. The batch aggregation method for federal learning in an internet of vehicles environment according to claim 1, wherein: the detailed steps of the step S1 are as follows:
s1.1, LEA initialization: training task initiator LEA according to bilinear pairing relationshipGenerating g 1 ,g 2 As generator, simultaneously generate random number +.>S 1 ,s 2 ∈Z q And satisfy s 1 μ=s 2 v=h, will s 1 ,s 2 As the LEA master private key, the LEA randomly selects gamma epsilon Z q Calculating Γ=yg 2 Finally, the group public key (g) 1 ,g 2 ,μ,v,h,Γ);
S1.2, initializing RSU: the RSU randomly selects 5 random numbers sk 1 ,sk 2 ,sk 3 ,sk 4 ,sk 5 ∈Z q As a data encryption private key, then through two random numbers κ 1 ,κ 2 ∈Z q To calculate pk 1 、pk 2 And pk 3 As the verification public key, RSU final public key is (κ) 1 ,κ 2 ,pk 1 ,pk 2 ,pk 3 );
pk 1 =sk 1 κ 1 +sk 2 κ 2 ,pk 2 =sk 3 κ 1 +sk 4 κ 2 ,pk 3 =sk 5 κ 1 ;
S1.3, initializing a vehicle: each vehicle participating in training randomly selects x i ∈Z q As a private key, a gamma-calculated vehicle's own public key a is obtained from the LEA i The acquired RSU public key (κ) 1 ,κ 2 ,pk 1 ,pk 2 ,pk 3 ) And gamma are stored in OBU of vehicle, and finally each vehicle will (A i ,x i ) And uploaded to the LEA via a secure channel.
3. The batch aggregation method for federal learning in an internet of vehicles environment according to claim 2, wherein: the specific process of vehicle training in step S2 is as follows:
s2.1 vehicle training
The vehicles participating in training receive the global model psi from the RSU, if the signature is verified to be correct, the vehicles accept the psi as a new global model, and then perform local training to obtain a new local update G t+1 T represents the current training wheel number; g t+1 Representing a local model of the t+1 round;
s2.2 encrypting the parameters Using the asymmetric Key System
The vehicle first selects a random number omega epsilon Z p Then calculate Z using RSU public key 1 、Z 2 、Z 3 And EN { G }, where G represents a new local update G t+1 ,Z 1 、Z 2 、Z 3 Then it is a random parameter for data verification; then using EN { G } to cover the original text, and finally obtaining the encrypted data as Cipher= (Z) 1 ,Z 2 ,EN{G},Z 3 );
H=Hash(Z 1 ||Z 2 ||En{G}),κ 1 ,κ 2 ∈Z q ;
S2.3, adopting a zero knowledge proof system to sign the encrypted data
Vehicle selection random number a, b e Z p Then calculate T 1 =aμ,T 2 =bv,T 3 =A i And (a+b) h, to obtain the result (T) 1 ,T 2 ,T 3 ) Through T 3 Pair A i Ciphertext of linear encryption is carried out; the vehicle selects five random numbers c again a ,c b ,c x ,c α ,c β ∈Z p The vehicle establishes a non-interactive zero knowledge proof based on the Fiat-Shamir heuristic to perform signature calculation, and finally generates a signature sigma which is T 1 ,T 2 ,T 3 ,C 3 ,s a ,s b ,s x ,s α ,s β The signature calculation process comprises the following steps:
1) Calculating random parameters: c (C) 1 =c a μ,C 2 =c b v,C 4 =c x T 1 -c α μ,C 5 =c x T 2 -c β v,C 1 -C 5 Is a linear operation intermediate variable, and C 3 A bilinear pairing is used;
2) Calculation proves that:T stamp is a time stamp;
3) Calculating verification parameters:
s2.4, data upload
Through steps 2.1-2.3, each vehicle calculates own encrypted data and corresponding signature thereof to generate uploading data msg= (sigma, cipher, T) stamp ) And uploading to the RSU, waiting for further indication of the RSU, if a stop command of the RSU is received, exiting the group, stopping training, and if a new global model is received, returning to step S2.1 for repeating training.
4. A batch aggregation method for federal learning in a vehicle networking environment according to claim 3, wherein: the specific process of the model polymerization in the step S3 is as follows:
s3.1 Global model initialization
Before a training task starts, the RSU generates a corresponding global model according to a training task target, and initializes the global model by using default parameters, namely, random model weight and bias information are distributed to the global model, and when vehicles in a group participate in federal learning, the RSU broadcasts the parameters of the global model;
s3.2 gradient polymerization
When the RSU receives the encrypted data and the corresponding signature of the vehicle, the RSU firstly stamps the time T stam Verifying, if the time stamp is not up to date, ignoring the training data; if the time stamp is up to date, verifying the signature sigma;
when signature σ verification is valid, RSU restores the data: the reduction process is as follows: first h=hash (Z 1 ||Z 2 ||En { G }) and then using RSU private key calculation (sk) 1 +sk 3 H)Z 1 +(sk 2 +sk 4 H)Z 2 If Z in the calculation result and the encrypted data 3 If they are consistent, useRestoring the data;
after receiving the local update of all vehicles, accumulating and averaging all parameters of the global model to be used as a new global model, using the global model to verify on a verification set, if the requirements are met, sending a training termination command to the participating vehicles, otherwise broadcasting a psi to all vehicles, and carrying out the next training; the formula of accumulating and averaging isG i Representing from->The decrypted local model information of each vehicle; k (K) t Representing a vehicle; i K t I represents the total number of vehicles;
s3.3, verifying all vehicle signatures by using batch gradient aggregation, wherein the verification process is as follows:
1) Collecting local updates G, G of all vehicles 1 ,G 2 ,...,G n ;
2) Verifying whether each local update's timestamp is up-to-date;
3) Verifying whether the signature of each vehicle is valid: selecting a random number delta i ∈Z p Calculating verification parameters Calculate->And associate it with +/in each signature>Comparing, if not, directly rejecting the batch of data, and if the result of each signature is equal, calculating the following equation:
and the result is still equal, the signature of the batch of data is determined to be correct, otherwise, the batch of data is directly discarded;
if all signatures are valid, H in each piece of encrypted data is calculated i =Hash(Z 1,i ,Z 2,i ,En{G} i ) And uses the private key of the RSU for the following comparison:
if the results are equal, the following formula can be calculatedAnd obtaining the sum of the batch of data, dividing the result by the total number of the batch of data to obtain a new global model psi, simultaneously using the model to verify on a verification set, if the requirement is met, sending a training termination command to the participating vehicles, otherwise, broadcasting the psi to all vehicles, and performing the next round of training.
5. The batch aggregation method for federal learning in a vehicle networking environment of claim 4, wherein: the process of verifying the signature sigma in the step S3.2 is as follows:
1) Calculating verification parameters:
2) Judging whether the signature is valid or not: calculation ofAnd combines the result with +.>Comparing whether the two are equal, if so, continuing to compare +.>And C in signature 3 Whether or not the same, if->And C 3 And if the current signature is equal, the current signature is determined to be valid, otherwise, the signature is determined to be invalid, and the training data is discarded.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211196414.7A CN115549901B (en) | 2022-09-29 | 2022-09-29 | Batch aggregation method for federal learning in Internet of vehicles environment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211196414.7A CN115549901B (en) | 2022-09-29 | 2022-09-29 | Batch aggregation method for federal learning in Internet of vehicles environment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115549901A CN115549901A (en) | 2022-12-30 |
| CN115549901B true CN115549901B (en) | 2024-03-22 |
Family
ID=84732160
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211196414.7A Active CN115549901B (en) | 2022-09-29 | 2022-09-29 | Batch aggregation method for federal learning in Internet of vehicles environment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115549901B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118042464A (en) * | 2024-02-05 | 2024-05-14 | 安庆师范大学 | Internet of vehicles identity authentication and privacy protection method based on federal learning and unmanned aerial vehicle |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113163366A (en) * | 2021-04-25 | 2021-07-23 | 武汉理工大学 | Privacy protection model aggregation system and method based on federal learning in Internet of vehicles |
| CN114338045A (en) * | 2022-01-14 | 2022-04-12 | 中国人民解放军战略支援部队信息工程大学 | Information data verifiability safety sharing method and system based on block chain and federal learning |
-
2022
- 2022-09-29 CN CN202211196414.7A patent/CN115549901B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113163366A (en) * | 2021-04-25 | 2021-07-23 | 武汉理工大学 | Privacy protection model aggregation system and method based on federal learning in Internet of vehicles |
| CN114338045A (en) * | 2022-01-14 | 2022-04-12 | 中国人民解放军战略支援部队信息工程大学 | Information data verifiability safety sharing method and system based on block chain and federal learning |
Non-Patent Citations (1)
| Title |
|---|
| 高圆圆.隐私保护的动态异步联邦学习研究.全文. * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115549901A (en) | 2022-12-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Dua et al. | Secure message communication protocol among vehicles in smart city | |
| Vijayakumar et al. | Dual authentication and key management techniques for secure data transmission in vehicular ad hoc networks | |
| CN109495465B (en) | Privacy set intersection method based on intelligent contracts | |
| Basudan et al. | A privacy-preserving vehicular crowdsensing-based road surface condition monitoring system using fog computing | |
| CN107749836B (en) | Mobile sensing system and mobile sensing method for user privacy protection and data reliability | |
| CN109862114B (en) | Safe vehicle crowd-sourcing sensing method based on fog calculation | |
| CN113163366B (en) | Privacy protection model aggregation system and method based on federal learning in Internet of vehicles | |
| Cheng et al. | PPVF: privacy-preserving protocol for vehicle feedback in cloud-assisted VANET | |
| Kang et al. | Efficient authentication and access control of message dissemination over vehicular ad hoc network | |
| CN107979840A (en) | A kind of the car networking V2I Verification Systems and method of Key-insulated safety | |
| CN110166228B (en) | Privacy protection method based on certificate-free ring signcryption in vehicle-mounted self-organizing network | |
| CN105812354B (en) | Location privacy protection method based on attack resistance in car networking under a kind of LBS background | |
| CN108234445B (en) | Cloud establishment and data security transmission method for privacy protection in vehicle-mounted cloud | |
| CN112929167B (en) | Data aggregation method for protecting privacy in crowd sensing based on fog-assisted mobile | |
| CN107040516B (en) | Efficient pseudonym management and data integrity protection protocol | |
| CN103634788A (en) | Certificateless multi-proxy signcryption method with forward secrecy | |
| CN115549901B (en) | Batch aggregation method for federal learning in Internet of vehicles environment | |
| CN111581648B (en) | Method of federal learning to preserve privacy in irregular users | |
| CN114286332A (en) | Dynamic and efficient vehicle-mounted cloud management method with privacy protection function | |
| CN112437048A (en) | Image encryption method, first image encryption device, second image encryption device and system | |
| Zhang et al. | Secure and privacy-preserving attribute-based sharing framework in vehicles ad hoc networks | |
| Yeh et al. | Secure IoT-based, incentive-aware emergency personnel dispatching scheme with weighted fine-grained access control | |
| Di et al. | A Novel Identity‐Based Mutual Authentication Scheme for Vehicle Ad Hoc Networks | |
| CN113645028B (en) | Vehicle networking condition privacy protection system and method supporting dynamic key management | |
| CN116506154A (en) | Safe verifiable federal learning scheme |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |