WO2022217914A1 - 一种基于区块链的联邦学习方法及装置 - Google Patents

一种基于区块链的联邦学习方法及装置 Download PDF

Info

Publication number
WO2022217914A1
WO2022217914A1 PCT/CN2021/131317 CN2021131317W WO2022217914A1 WO 2022217914 A1 WO2022217914 A1 WO 2022217914A1 CN 2021131317 W CN2021131317 W CN 2021131317W WO 2022217914 A1 WO2022217914 A1 WO 2022217914A1
Authority
WO
WIPO (PCT)
Prior art keywords
gradient
round
sub
node
gradient information
Prior art date
Application number
PCT/CN2021/131317
Other languages
English (en)
French (fr)
Inventor
苗银宾
郑玮
童秋云
马卓然
范瑞彬
张开翔
李辉忠
严强
李成博
Original Assignee
深圳前海微众银行股份有限公司
西安电子科技大学
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳前海微众银行股份有限公司, 西安电子科技大学 filed Critical 深圳前海微众银行股份有限公司
Publication of WO2022217914A1 publication Critical patent/WO2022217914A1/zh

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • G06N20/20Ensemble learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • Embodiments of the present invention relate to the field of financial technology (Fintech), and in particular, to a blockchain-based federated learning method and device.
  • Fetech financial technology
  • Embodiments of the present invention relate to the field of financial technology (Fintech), and in particular, to a blockchain-based federated learning method and device.
  • the existing federated learning methods based on homomorphic encryption are generally: each device uses the local data set to train the local model, obtains the gradient information of the local model after training, and uses the homomorphic encryption algorithm (such as Paillier algorithm, etc.) to train the local model.
  • the encrypted local model gradient information is encrypted, and the encrypted local model gradient information is sent to the server.
  • the server performs aggregation processing on the encrypted local model gradient information according to a preset aggregation method to obtain the encrypted global model gradient information. (i.e. global model gradient information in ciphertext).
  • the server sends the encrypted global model gradient information to each device, so that each device uses the homomorphic encryption algorithm to decrypt the received encrypted global model gradient information, and based on the decrypted global model Gradient information continues to use the local data set to train the local model until the local model converges or the number of iterative training is reached, and the global model is obtained.
  • this processing method uses homomorphic encryption to provide a strong privacy guarantee for federated learning, it needs to perform complex encryption operations (such as modular multiplication or exponential operation, etc.), and the complex encryption operations are very time-consuming. Therefore, it needs to consume a lot of computing resources.
  • a larger ciphertext is generated after complex encryption operations, and the ciphertext consumes more network resources during transmission than during plaintext transmission.
  • the embodiments of the present invention provide a blockchain-based federated learning method and device, which are used to solve the problems of high computational overhead and high communication overhead caused by homomorphic encryption of local model gradient information in the prior art.
  • an embodiment of the present invention provides a blockchain-based federated learning method, including:
  • the first node trains the i-th round of local models based on the local training data, and determines the i+1-th round of local model gradient information after training; the first node is selected from N blockchain nodes for participation The node of the i+1th round of federated learning training; the i-th round of local model is obtained based on the i-th round of global model gradient ciphertext obtained from the blockchain by the first node;
  • the first node performs clipping and quantization on each first sub-gradient information in the i+1th round of local model gradient information based on the gradient clipping and quantization rule, respectively, to obtain each second sub-gradient information;
  • the first node merges every m second sub-gradient information in the second sub-gradient information according to the gradient merging rule to obtain n types of third sub-gradient information;
  • the first node performs homomorphic encryption on the n types of third sub-gradient information, respectively, to obtain n types of ciphertexts, and sends the n types of ciphertexts to the blockchain; the n types of ciphertexts use
  • the ciphertexts fed back by the first nodes in the i+1th round of federated learning training are aggregated at the aggregation nodes in the blockchain, so as to obtain the i+1th rounds of global model gradient ciphertexts.
  • the technical solutions in the present invention introduce a blockchain mechanism, and store the local model gradient ciphertext generated by each first node in the blockchain in the form of on-chain; at the same time, introduce into the blockchain
  • the aggregation node of the network performs aggregation processing to obtain the global model gradient ciphertext and upload it to the blockchain.
  • this method can ensure the integrity of the local model gradient ciphertext uploaded by each first node, and can ensure the public verifiability of the process of aggregation and processing of each local model gradient ciphertext and ensure The correctness of the global model gradient ciphertext, which can eliminate the possibility of malicious server-side in the prior art.
  • each first node performs clipping and quantization on each first sub-gradient information in the local model gradient information generated by itself based on the gradient clipping and quantization rules to obtain each second sub-gradient information, and according to the gradient merging rules, each Each m second sub-gradient information in the second sub-gradient information is combined to obtain n types of third sub-gradient information. Then, perform homomorphic encryption on n types of third sub-gradient information respectively to obtain n types of ciphertexts. Since the first sub-gradient information in the trained local model gradient information is clipped, quantized and merged respectively, and then homomorphic encryption is performed, it is helpful to reduce the consumption of computing resources caused by homomorphic encryption, and can reduce the amount of encryption. The network resources consumed in the process of file transmission can be solved, so that the problems of high computational overhead and high communication overhead caused by homomorphic encryption of local model gradient information in the prior art can be solved.
  • the method before the first node performs training on the i-th local model based on the local training data, the method further includes:
  • the first node performs homomorphic decryption on the ciphertext of the ith round of global model gradient information to obtain the ith round of global model gradient information;
  • the first node determines that the difference between the i-th round of global model gradient information and the i-1-th round of global model gradient information is greater than a set threshold.
  • the first node performs clipping and quantization on each first sub-gradient information in the i+1th round of local model gradient information based on gradient clipping and quantization rules, respectively, to obtain each second sub-gradient information, including:
  • the first node performs clipping processing on each of the first sub-gradient information based on a gradient clipping algorithm to obtain each clipped first sub-gradient information;
  • the first node performs quantization processing on each of the clipped first sub-gradient information based on a gradient quantization algorithm, respectively, to obtain each of the second sub-gradient information.
  • the information of each first sub-gradient can be simplified, which is more convenient for subsequent data processing, thereby helping to reduce the subsequent synchronization.
  • the complexity of the state encryption operation and help reduce the time consumed by the homomorphic encryption operation.
  • the first node performs quantization processing on the clipped first sub-gradient information based on a gradient quantization algorithm to obtain the second sub-gradient information, including:
  • the first node For each piece of first sub-gradient information in the clipped pieces of first sub-gradient information, the first node compares the first sub-gradient information with a gradient threshold; the gradient threshold is based on the clipped first sub-gradient information. is determined by the distribution law of each first sub-gradient information of ;
  • the first node determines second sub-gradient information corresponding to the first sub-gradient information according to a comparison result between the first sub-gradient information and the gradient threshold based on a gradient quantization rule.
  • the clipped first sub-gradient information by comparing the clipped first sub-gradient information with the threshold respectively, the clipped first sub-gradient information can be classified, so that the clipped first sub-gradient information can be classified in a timely and accurate manner based on the classification result.
  • Each of the first sub-gradient information is quantized to obtain each of the second sub-gradient information.
  • the method further includes:
  • the first node obtains the i+1 round global model gradient ciphertext from the blockchain, and performs homomorphic decryption on the i+1 round global model gradient ciphertext to obtain the i+1 round Global model gradient information;
  • the first node determines that the difference between the i+1 round global model gradient information and the i round global model gradient information is less than or equal to the set threshold, then the i+1 round global model The gradient information is used as the gradient information of the target global model to obtain a trained federated learning model.
  • the current federated learning training state can be known in time, so that the current federated learning training state can be obtained in a timely manner. Determine whether the i+2 round of federated learning training is required.
  • the i+1 round global model gradient information can be used as the target global model gradient information, In this way, the trained federated learning model is obtained.
  • an embodiment of the present invention provides a blockchain-based federated learning method, including:
  • the aggregation node obtains the n types of ciphertexts sent by each first node from the blockchain; the first node is a node selected from the N blockchain nodes for participating in the i+1th round of federated learning training; the The aggregation node is any one of the other nodes in the N blockchain nodes except the first nodes;
  • the aggregation node performs aggregation processing on the ciphertexts of the same type among the n types of ciphertexts of the first nodes, so as to obtain the i+1th round of global model gradient ciphertexts, and aggregates the i+1th round of global model gradients.
  • the ciphertext is sent to the blockchain;
  • the n types of ciphertexts are obtained by the first node respectively performing homomorphic encryption on the n types of third sub-gradient information; the n types of third sub-gradient information are obtained by the first node according to the gradient merging rule.
  • Each m second sub-gradient information in each second sub-gradient information is determined by merging; the each second sub-gradient information is the gradient of the i+1th round of the local model by the first node based on the gradient clipping and quantization rule.
  • Each first sub-gradient information in the information is obtained by clipping and quantization respectively; the i+1 round local model gradient information is determined by the first node training the i round local model based on local training data; the The ith round local model is obtained based on the ith round global model gradient ciphertext obtained by the first node from the blockchain.
  • the technical solution in the present invention introduces a blockchain mechanism on the one hand, and the aggregation node in the blockchain is any one randomly selected from other nodes except the first node among the N blockchain nodes. , which can ensure the randomness and unpredictability of aggregation node selection, which can further improve the security of aggregation processing. Then, based on the aggregation node, the local model gradient ciphertext generated by each first node on the chain is aggregated to obtain the global model gradient ciphertext and uploaded to the blockchain.
  • this method can ensure the public verifiability of the aggregation node aggregation process of each local model gradient ciphertext and the correctness of the global model gradient ciphertext, thereby eliminating the existing The possibility of server-side evil in technology.
  • the first node cuts and quantifies and combines the first sub-gradient information in the trained local model gradient information respectively, and then performs homomorphic encryption, which helps to reduce the consumption of computing resources generated by homomorphic encryption. And can reduce the network resources consumed in the process of ciphertext transmission.
  • the aggregation node performs aggregation processing on ciphertexts of the same type among the n types of ciphertexts of the first nodes, including:
  • the aggregation node verifies the signatures of the first nodes respectively;
  • the aggregation node performs aggregation processing on ciphertexts of the same type among the at least two n-type ciphertexts corresponding to the at least two first nodes that are successfully verified according to the set aggregation rules.
  • the authenticity of the ciphertext uploaded by each first node can be verified, and the risk of tampering in the sending process of the ciphertext can be avoided, so that each first node can be verified.
  • the authenticity of the identity information of the node, and at the same time, the ciphertext of the first node whose signature verification is unsuccessful can be screened out, so as to avoid interference with the subsequent ciphertext aggregation processing and affect the accuracy of the aggregation processing results.
  • the same type of ciphertexts of at least two first nodes that have been successfully verified can be aggregated, so as to obtain accurate global model gradient ciphertexts, and can ensure high accuracy of the aggregated processing results.
  • the method further includes:
  • the aggregation node receives the global model gradient ciphertext verification pass message sent by the proxy node; the proxy node is selected from the first nodes based on the proxy node selection rule; the global model gradient ciphertext verification pass message is: Generated by the proxy node when it is determined that the i+1 round global model gradient ciphertext is consistent with the i+1 round global model gradient ciphertext determined by itself based on the set aggregation rule;
  • the aggregation node determines that the proxy node's verification of the global model gradient ciphertext in the i+1th round meets the set requirements, it will add a new block corresponding to the i+1th round of global model gradient ciphertext to the blockchain.
  • the proxy node when it is determined that the verification of the global model gradient ciphertext of the i+1th round by the proxy node meets the set requirements, it can be determined that the i+1th round of the global model gradient ciphertext is accurate, and at the same time the accuracy of the global model gradient ciphertext can be determined.
  • the new block corresponding to the i+1 round global model gradient ciphertext is added to the blockchain, so that each first node can obtain the accurate i+1 round global model gradient ciphertext from the blockchain in time, and Based on the accurate i+1 round global model gradient ciphertext, it is judged whether the i+1 round federated learning training has satisfied the training termination condition.
  • an embodiment of the present invention provides a blockchain-based federated learning apparatus, including a determination unit and a first processing unit for executing the blockchain-based federated learning method described in the first aspect above.
  • an embodiment of the present invention provides a blockchain-based federated learning apparatus, including an acquisition unit and a second processing unit for executing the blockchain-based federated learning method described in the second aspect above.
  • an embodiment of the present invention provides a computing device, including at least one processor and at least one memory, wherein the memory stores a computer program, and when the program is executed by the processor, the processing is performed.
  • the device executes the blockchain-based federated learning method described in any of the first aspect or the second aspect.
  • an embodiment of the present invention provides a computer-readable storage medium, which stores a computer program executable by a computing device, and when the program runs on the computing device, causes the computing device to execute the above-mentioned first
  • the blockchain-based federated learning method described in any of the aspect or the second aspect is not limited to.
  • FIG. 1 is a schematic diagram of a federated learning system architecture according to an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a blockchain-based federated learning method provided by an embodiment of the present invention
  • FIG. 3 is a schematic flowchart of another blockchain-based federated learning method provided by an embodiment of the present invention.
  • FIG. 4 is a schematic structural diagram of a blockchain-based federated learning device provided by an embodiment of the present invention.
  • FIG. 5 is a schematic structural diagram of another blockchain-based federated learning device provided by an embodiment of the present invention.
  • FIG. 6 is a schematic structural diagram of a computing device according to an embodiment of the present invention.
  • the system architecture shown in FIG. 1 is used as an example to describe the federated learning system architecture applicable to the embodiments of the present invention.
  • the federated learning system architecture can be applied to the training of the credit overdue model, the training of the user asset risk control model, the training of the user product recommendation model, etc. In practical application scenarios, the embodiment of the present invention does not limit this. As shown in FIG.
  • the federated learning system architecture may include at least one first node (such as the first node 101 , the first node 102 and the first node 103 , etc.), the blockchain 200 and at least one aggregation node (such as the aggregation node) 301, aggregation node 302, aggregation node 303, etc.).
  • at least one aggregation node is formed as an aggregation committee, the aggregation committee is connected with the blockchain 200, and each first node is connected with the blockchain 200 respectively, for example, it can be connected in a wired way or wirelessly. Not limited.
  • the first node is used to participate in the training of the federated learning model.
  • the first node participates in the training of the i-th round of federated learning, it will first obtain the i-1th round of global model gradient ciphertext from the blockchain 200, and based on the local training data, the i-1th round of global model gradient ciphertext will be obtained.
  • the corresponding local model is trained, and the training result (ie, the i-th round of local model gradient) is homomorphically encrypted and uploaded to the blockchain 200 .
  • Aggregation nodes are used to participate in the aggregation of training results of federated learning models. For example, when an aggregation node participates in the aggregation of the training results of the ith round of federated learning, it first obtains the ith round of local model gradient ciphertext uploaded by each first node from the blockchain 200, and performs the ith round of local model gradient ciphertext uploaded by each first node from the blockchain 200. The round local model gradient ciphertext is aggregated to obtain the ith round of global model gradient ciphertext, and then the ith round of global model gradient ciphertext is uploaded to the blockchain 200 .
  • the blockchain 200 records the local model gradient ciphertext uploaded by the first node and the global model gradient ciphertext uploaded by the aggregation node, so that blockchain nodes that need the corresponding ciphertext can obtain from the blockchain 200 .
  • the blockchain 200 records the ith round of local model gradient ciphertext uploaded by the first node and the ith round of global model gradient ciphertext uploaded by the aggregation node.
  • FIG. 1 the structure shown in FIG. 1 above is only an example, which is not limited in this embodiment of the present invention.
  • FIG. 2 exemplarily shows a process of a blockchain-based federated learning method provided by an embodiment of the present invention, and the process can be executed by a blockchain-based federated learning device.
  • the process specifically includes:
  • Step 201 the first node obtains the ith round global model gradient ciphertext from the blockchain.
  • Step 202 the first node trains the local model corresponding to the ciphertext of the gradient ciphertext of the global model in the i-th round based on the local training data, and determines the gradient information of the local model in the i+1-th round after the training.
  • Step 203 the first node performs clipping and quantization on each of the first sub-gradient information in the i+1th round of local model gradient information based on the gradient clipping and quantization rule, respectively, to obtain each second sub-gradient information.
  • Step 204 the first node merges every m second sub-gradient information in the second sub-gradient information according to the gradient merging rule, to obtain n types of third sub-gradient information.
  • Step 205 the first node performs homomorphic encryption on the n types of third sub-gradient information, respectively, to obtain n types of ciphertexts.
  • Step 206 the first node sends the n-type ciphertext to the blockchain.
  • Step 207 the aggregation node obtains each n-type ciphertext sent by each first node from the blockchain.
  • Step 208 the aggregation node performs aggregation processing on the ciphertexts of the same type among the n types of ciphertexts of the first nodes, so as to obtain the i+1th round of global model gradient ciphertexts.
  • Step 209 the aggregation node sends the i+1 round global model gradient ciphertext to the blockchain.
  • the first node obtains the ith round of global model gradient ciphertext from the blockchain, and trains the local model corresponding to the ith round of global model gradient ciphertext based on the local training data, and determines that after training The i+1th round of local model gradient information. Specifically, the first node obtains the i-th global model from the blockchain after receiving the notification message sent by the i-th aggregation node that the block corresponding to the i-th global model gradient ciphertext has been uploaded to the blockchain Gradient ciphertext.
  • the i+1-th round of federated learning training needs to be performed.
  • the i+1-th round of federated learning training needs to be performed.
  • it can be determined in time whether the i+1 round of federated learning training is required; at the same time, it is determined that the difference between the i-th global model gradient information and the i-1 round global model gradient information is less than
  • subsequent federated learning training can also be avoided, thereby avoiding the waste of federated learning training resources.
  • the local model corresponding to the ith round of global model gradient information is trained based on the local training data, and the i+1th round of local model gradient information after training is determined.
  • the first node is a node selected from N blockchain nodes to participate in the i+1 round of federated learning training; the threshold can be set by those skilled in the art based on experimental results or experience or can be based on actual application scenarios set, which is not limited in this embodiment of the present invention.
  • the first node performs clipping and quantization of each first sub-gradient information in the i+1th round of local model gradient information based on the gradient clipping and quantization rules, respectively, to obtain each second sub-gradient information, and merge according to the gradient.
  • each m second sub-gradient information in each second sub-gradient information is combined to obtain n types of third sub-gradient information.
  • the first node performs clipping processing on each of the first sub-gradient information based on the gradient clipping algorithm to obtain each clipped first sub-gradient information, and based on the gradient quantization algorithm, respectively performs clipping processing on the clipped first sub-gradient information.
  • Quantization processing is performed to obtain each second sub-gradient information. Then, according to the gradient merging rule, each m second sub-gradient information in each second sub-gradient information is merged to obtain n types of third sub-gradient information. For example, assuming that there are 50 second sub-gradient information, the 50 second sub-gradient information can be divided into 5 groups in the form of 10 groups in turn, and for each group, the sub-gradient information contained in the group can be divided into 5 groups. Merge, so that 5 types of third sub-gradient information can be formed.
  • each first sub-gradient can be simplified, which is more convenient for subsequent data processing, thereby helping to reduce subsequent homomorphic encryption operations. complexity, and help reduce the time consumed by homomorphic encryption operations.
  • each m sub-gradient information in each second sub-gradient information is merged into one gradient information, so that the data amount of the sub-gradient information for subsequent homomorphic encryption can be reduced, thereby reducing the number of ciphertexts after homomorphic encryption. In this way, the consumption of computing resources generated by homomorphic encryption can be reduced, and the network resources consumed in the process of ciphertext transmission can be reduced.
  • the implementation process of the first node performing quantization processing on the clipped first sub-gradient information based on the gradient quantization algorithm is specifically: for each first sub-gradient information in the clipped first sub-gradient information, the first The node compares the first sub-gradient information with the gradient threshold, and based on the gradient quantization rule, determines the second sub-gradient information corresponding to the first sub-gradient information according to the comparison result of the first sub-gradient information and the gradient threshold. In this way, by comparing the clipped first sub-gradient information with the threshold respectively, the clipped first sub-gradient information can be classified, which facilitates the subsequent timely and accurate classification of the clipped first sub-gradient information based on the classification result.
  • the sub-gradient information is quantized to obtain each second sub-gradient information.
  • the gradient threshold is determined according to the distribution law of the clipped first sub-gradient information.
  • a gradient quantization rule is: if it is determined that the first sub-gradient information is greater than the gradient threshold, the first sub-gradient information is set to the first value; if it is determined that the first sub-gradient information is less than or equal to the absolute value of the gradient threshold, the first sub-gradient information is The sub-gradient information is set to the second value; if it is determined that the first sub-gradient information is less than the negative number of the gradient threshold, the first sub-gradient information is set to the third value, so that each second sub-gradient corresponding to each first sub-gradient information can be obtained. Gradient information.
  • Another gradient quantization rule is: if it is determined that the first sub-gradient information is greater than zero, the first sub-gradient information is set to a fourth value; if it is determined that the first sub-gradient information is less than or equal to zero, the first sub-gradient information is set to the fifth value, so that each second sub-gradient information corresponding to each first sub-gradient information can be obtained.
  • the first node performs homomorphic encryption on the n types of third sub-gradient information respectively to obtain n types of ciphertexts, and sends the n types of ciphertexts to the blockchain.
  • the first node encrypts n types of third sub-gradient information respectively according to a homomorphic encryption algorithm (such as Paillier homomorphic encryption algorithm, Gentry homomorphic encryption algorithm, etc.) to obtain n types of ciphertexts, and then encrypts n types of ciphertexts sent to the blockchain.
  • a homomorphic encryption algorithm such as Paillier homomorphic encryption algorithm, Gentry homomorphic encryption algorithm, etc.
  • the first node respectively performs clipping processing on the 20 pieces of first sub-gradient information based on a gradient clipping algorithm to obtain 20 pieces of clipped first sub-gradient information. Then, based on the gradient quantization algorithm, the 20 pieces of first sub-gradient information after being cut are quantized respectively to obtain 20 pieces of second sub-gradient information. Then, according to the gradient merging rule, each 2 second sub-gradient information in the 20 second sub-gradient information is merged to obtain 10 third sub-gradient information.
  • the Paillier homomorphic encryption algorithm is used to encrypt the 10 third sub-gradient information, respectively, to obtain 10 types of ciphertexts, and send the 10 types of ciphertexts to the blockchain.
  • the Paillier homomorphic encryption algorithm is directly used to encrypt 20 first sub-gradient information to obtain 20 types of ciphertexts. Significantly reduces the number of ciphertext transmissions, enabling efficient federated learning.
  • the aggregation node obtains each n-type ciphertext sent by each first node from the blockchain, and performs aggregation processing on the same type of ciphertext in each n-type ciphertext of each first node, thereby Obtain the i+1 round global model gradient ciphertext, and then send the i+1 round global model gradient ciphertext to the blockchain.
  • the technical solution in the present invention introduces a blockchain mechanism on the one hand, and the aggregation node in the blockchain is any one randomly selected from the other nodes except the first node among the N blockchain nodes, so that it can be Ensuring the randomness and unpredictability of aggregation node selection can further improve the security of aggregation processing. Then, based on the aggregation node, the local model gradient ciphertext generated by each first node on the chain is aggregated to obtain the global model gradient ciphertext and uploaded to the blockchain.
  • this method can ensure the public verifiability of the aggregation node aggregation process of each local model gradient ciphertext and the correctness of the global model gradient ciphertext, thereby eliminating the existing The possibility of server-side evil in technology.
  • the aggregation node is any one of the other nodes except the first nodes among the N blockchain nodes.
  • the aggregation node After acquiring each n-type ciphertext sent by each first node from the blockchain, the aggregation node first verifies the signature of each first node respectively, and obtains at least two first nodes that are successfully verified. Then, according to the set aggregation rules, the same type of ciphertexts in at least two n-type ciphertexts corresponding to the at least two first nodes that have been successfully verified are aggregated to obtain the i+1th round of global model gradient ciphertexts.
  • the ciphertext of each first node Based on this, by verifying the signature of each first node, the authenticity of the ciphertext uploaded by each first node can be verified, and the risk of tampering of the ciphertext during the sending process can be avoided, so that the ciphertext of each first node can be verified. At the same time, the ciphertext of the first node whose signature verification is not successful can be screened out, so as to avoid interference with the subsequent ciphertext aggregation processing and affect the accuracy of the aggregation processing result.
  • the same type of ciphertexts of at least two first nodes that have been successfully verified can be aggregated, so as to obtain accurate global model gradient ciphertexts, and can ensure high accuracy of the aggregated processing results.
  • each first node sends 10 types of ciphertext to the blockchain.
  • the aggregation node After obtaining the 10 types of ciphertexts sent by each of the 10 first nodes from the blockchain, the aggregation node first verifies the signatures of the 10 first nodes respectively, and obtains 8 first nodes that are successfully verified. Among them, the signature verification of 2 first nodes failed. Then, according to the set aggregation rules, the ciphertexts of the same type in the 8 10 types of ciphertexts are aggregated to obtain the i+1th round of global model gradient ciphertexts.
  • the aggregation node After the i+1 round global model gradient ciphertext is sent to the blockchain, the aggregation node will receive the global model gradient ciphertext verification pass message sent by the proxy node. Then based on the global model gradient ciphertext verification pass message, when it is determined that the proxy node's verification of the i+1th round of global model gradient ciphertext meets the set requirements, the new block corresponding to the i+1th round of global model gradient ciphertext is determined. Added to the blockchain; when it is determined that the proxy node's verification of the global model gradient ciphertext in the i+1 round does not meet the set requirements, the proxy node will be punished according to the monetary penalty mechanism.
  • the global model gradient ciphertext verification pass message is generated when the agent node determines that the i+1th round of global model gradient ciphertext is consistent with the i+1th round of global model gradient ciphertext determined by itself based on the set aggregation rules ; the proxy node is selected from each first node based on the proxy node selection rule.
  • the first node after obtaining the i+1 round global model gradient ciphertext, the first node obtains the i+1 round global model gradient ciphertext from the blockchain, and complies with the i+1 round global model gradient ciphertext. Perform homomorphic decryption to obtain the i+1 round global model gradient information. Then compare the difference between the i+1 round global model gradient information and the i round global model gradient information with the set threshold, and based on the comparison result, the current federated learning training state can be known in time, so that the current federated learning training state can be determined in time. Whether the i+2 round of federated learning training is required.
  • the i+1 round global model gradient information can be used as the target global model gradient information to obtain A trained federated learning model. If it is determined that the difference between the gradient information of the global model in the i+1 round and the gradient information of the global model in the i round is greater than the set threshold, the i+2 round of federated learning training needs to be performed until the training termination condition (the global model of the current round is satisfied) The difference between the gradient information and the global model gradient information of the previous round is less than or equal to the set threshold), so as to obtain a trained federated learning model.
  • each client node usually obtains multiple local model gradients (ie, multiple model parameters) when training the global model, and each local model gradient may include multiple sub-gradients.
  • each local model gradient may include multiple sub-gradients.
  • the gradient of a local model of a client node is Wi
  • the Wi contains j sub-gradients, that is,
  • Step1 Initialize the blockchain system.
  • homomorphic encryption based on the Paillier encryption system
  • homomorphic encryption algorithms such as CKKS that support the use of SIMD operations, can directly encode double-precision floating-point real numbers and even complex numbers, encrypt and operate
  • method, etc. for homomorphic encryption.
  • Each client node randomly selects an element from the zero-removed modulo q residual class Z q * as the private key.
  • q represents a randomly selected large prime number, and q>2 ⁇ , ⁇ represents the security parameter of the cryptographic system determined by the blockchain, ⁇ 2 64 .
  • Each client node randomly selects n elements, ie, r 1 , r 2 , . . . , rn , from the zero-removed modulo q residual class Z q * .
  • key that is, Among them, n represents a positive integer, g represents the generator of the multiplicative cyclic group G of order q; i represents the ith client node.
  • Each client node randomly selects a public key from its n public keys ⁇ pk i,1 ,pk i,2 ,...,pk i,n ⁇ as its own account address.
  • Step2 Determine the global model gradient of the 0th round of federated learning.
  • the following describes the implementation process of determining the global model gradient of the 0th round of federated learning in the embodiment of the present invention.
  • d can be an exponential power of 2, such as 2 7 , 2 8 , 2 9 and so on.
  • N [10, 20].
  • 100 client nodes participate in the federated learning of the financial scenario.
  • 10 or 20 client nodes are randomly selected from the 100 client nodes to form a round 0 aggregation committee.
  • 90 or 80 client nodes that are not randomly selected among the 100 client nodes are determined as workers to participate in the training of a federated learning model for a certain financial scenario.
  • the leader selection function Sor( ⁇ ) and the leader verification function Ver( ⁇ ) in the Algorand consensus protocol are called, and one worker is selected from all the workers as the leader of the 0th round.
  • leader selection function Sor( ) and the leader verification function Ver( ) can be expressed as:
  • the 0th round aggregation committee randomly initializes a 0th round global model gradient W 0 for federated learning.
  • the 0th round of aggregation committee uploads the global model gradient W 0 of the 0th round of federated learning to the blockchain through the addition function in the smart contract.
  • All members of the aggregation committee in round 0 use the gossip protocol to notify other client nodes participating in federated learning except themselves that the global model gradient W 0 has been uploaded to the blockchain.
  • the member can periodically (such as 1 second, 2 seconds, 5 seconds, etc.) use the gossip protocol to upload the global model gradient W 0 to the blockchain message Notify other client nodes participating in federated learning except itself.
  • all workers can perform the first round of federated learning training based on the global model gradient W 0 , that is, each worker trains the global model corresponding to the 0th round of global model gradient W 0 based on the local training data set, and obtains Round 1 local model gradients for this worker.
  • the K client nodes participating in federated learning can also be used as workers to participate in the training of the federated learning model. . That is, the N percent of client nodes have two identities, namely as members in the round 0 aggregation committee and as workers for participating in the training of the federated learning model.
  • the N percent of client nodes have two identities, namely as members in the round 0 aggregation committee and as workers for participating in the training of the federated learning model.
  • 10 or 20 client nodes are randomly selected from the 100 client nodes to form the 0th round of the aggregation committee, all the 100 client nodes are used as workers to participate in the Training of a federated learning model for a financial scenario.
  • Step3 Determine the gradient ciphertext of each worker's i+1-th local model.
  • each worker can process other local model gradients in the global model according to the processing process of the local model gradients to obtain respective corresponding local model gradient ciphertexts, which will not be repeated here.
  • the worker can use the preset gradient descent method (such as stochastic gradient descent method, full gradient descent method, mini-batch gradient descent method) method, Momentum gradient descent method, NAG gradient descent method, etc.), train the global model corresponding to the i-th global model gradient, and obtain the worker's i+1-th round of local model gradients.
  • i represents a counter, and the initial value of i is 0; the i+1th round of local model gradient includes multiple sub-gradients.
  • the worker may use the stochastic gradient descent method to train the global model corresponding to the ith round of global model gradients based on the local training data set to obtain the worker's ith+1 round of local model gradients.
  • the global model network structure can be CNN (Convolutional Neural Network) convolutional neural network structure, ResNet (Residual Neural Network) residual network structure, VGG-Net (Visual Geometry Group Network) deep convolutional network and so on.
  • the stochastic gradient descent method can satisfy the following form:
  • Each worker uses the gradient clipping algorithm to clip the i+1th round of local model gradients generated by itself to obtain the i+1th round of local model gradients after clipping.
  • each worker uses the gradient clipping formula to clip the gradient value of each first sub-gradient in the i+1th round of local model gradients generated by itself to the range of [-1,1].
  • the gradient clipping formula satisfies the following form:
  • l is a positive integer, which is related to the network structure of the global model and the input local training data set; Represents the j-th first sub-gradient of the k-th worker's i+1-th round of local model gradients; max( ) represents the function of taking the maximum value; tanh( ) represents the hyperbolic tangent function.
  • the global model is a convolutional neural network
  • the size of the input local training data set, the feeling of the neurons in the convolutional layer can be determined.
  • the wild size, stride, number of filters and zero padding are calculated.
  • each worker calculates the threshold of the worker's i+1th round of local model gradients according to the distribution characteristics of the first sub-gradients in its own i+1th round of local model gradients.
  • Each worker uses the gradient quantization algorithm to quantize the first sub-gradients in the i+1-th round of local model gradients after being cropped.
  • each worker can use the gradient multi-value quantization formula to convert the jth first sub-gradient of the i+1th round of local model gradient after cropping. quantified as Among them, the gradient multi-value quantization formula satisfies the following form:
  • each worker does not need to determine the threshold of the clipped i+1 round local model gradient, and can directly use the gradient binary quantization formula to calculate the jth of its own clipped i+1 round local model gradient.
  • the gradient binary quantization formula satisfies the following form:
  • Each worker uses the public key pk to perform batch homomorphic encryption on the quantized i+1th round of local model gradients to obtain multiple i+1th rounds of gradient ciphertexts.
  • each worker merges the second sub-gradients in the i+1th round of local model gradients after quantization according to the preset gradient merging rules. Every m second sub-gradients are merged to obtain n third sub-gradients. Then use the public key pk to perform batch homomorphic encryption on the n third sub-gradients, and obtain the n i+1 round gradient ciphertexts, that is Wherein, m and n are both integers greater than 1.
  • each worker uses the same public key when performing batch homomorphic encryption, and uses different private keys when performing homomorphic decryption, which is owned by each worker himself. 's private key.
  • each worker can also have its own public-private key pair, that is, the public key used by each worker is different when performing batch homomorphic encryption.
  • the private key used is not the same.
  • every 5 second sub-gradients can be merged into a new sub-gradient according to the preset gradient merging rule, so that 20 new sub-gradients can be determined.
  • use the public key pk to perform batch homomorphic encryption on the 20 new sub-gradients to obtain 20 i+1th round gradient ciphertexts.
  • every 5 second sub-gradients can be merged into a new sub-gradient in the following way, namely:
  • r can take 10, 11, etc. For example, if r takes 11, the new sub-gradient
  • every 10 second sub-gradients can also be merged into a new sub-gradient according to a preset gradient merging rule, so that 10 new sub-gradients can be determined. Then use the public key pk to perform homomorphic encryption on the 10 new sub-gradients to obtain 10 i+1 round gradient ciphertexts.
  • every 20 second sub-gradients can also be merged into a new sub-gradient according to a preset gradient merging rule, so that 5 new sub-gradients can be determined. Then use the public key pk to perform batch homomorphic encryption on the 5 new sub-gradients to obtain 5 i+1 round gradient ciphertexts.
  • those skilled in the art can set the value of m according to experience or specific application scenarios, which is not limited in this embodiment of the present invention.
  • the gradient of the i+1th round of local model is not clipped and quantized, and the public key pk is directly used to perform homomorphic encryption on all 100 sub-gradients included in the i+1th round of local model gradients. , obtain 100 gradient ciphertexts, and then transmit the 100 gradient ciphertexts to the server for aggregation processing. Since the prior art performs homomorphic encryption for all 100 sub-gradients, a large amount of homomorphic encryption computing resources are consumed, and the homomorphic encryption operation is very time-consuming, which increases the time cost of federated learning and reduces the efficiency of federated learning.
  • each sub-gradient in the i+1th round of local model gradients is clipped and quantized, for example, 100 sub-gradients in the i+1th round of local model gradients are clipped and quantized, and then merged according to a preset gradient.
  • the rule merges every 5 sub-gradients in the 100 sub-gradients in the i+1-th round of local model gradients after clipping and quantization, and determines 20 new sub-gradients. Then use the public key pk to perform batch homomorphic encryption on the 20 new sub-gradients to obtain 20 i+1th round gradient ciphertexts.
  • the respective gradient values of the 100 sub-gradients will be simplified, which is more convenient for subsequent data processing and helps to reduce subsequent homomorphic encryption.
  • the complexity of the operation also helps to reduce the time consumed by the homomorphic encryption operation, thereby improving the efficiency of the homomorphic encryption operation.
  • Encryption in this way, compared with the encryption of a single sub-gradient in the prior art, the consumption of computing resources generated by homomorphic encryption can be significantly reduced, and the number of ciphertext transmissions can be significantly reduced (that is, the network resources consumed in the process of ciphertext transmission can be reduced) , so as to achieve efficient federated learning.
  • Each worker uses the signature algorithm to determine the signatures of multiple i+1 round gradient ciphertexts.
  • each worker uses a signature algorithm (such as RSA digital signature algorithm, ELGamal digital signature algorithm, DSA digital signature algorithm, etc.) Perform signatures to generate multiple signatures of the i+1th round of gradient ciphertexts
  • a signature algorithm such as RSA digital signature algorithm, ELGamal digital signature algorithm, DSA digital signature algorithm, etc.
  • Each worker uploads the signatures of multiple i+1 round gradient ciphertexts and multiple i+1 round gradient ciphertexts to the blockchain.
  • each worker can convert multiple i+1th round gradient ciphertexts and the signatures of multiple gradient ciphertexts for the i+1th round Uploaded to the blockchain as a transaction.
  • each worker can cipher 20 gradient ciphertexts for the i+1th round and the signature of the 20 i+1 round gradient ciphertexts Uploaded to the blockchain as a transaction.
  • Step4 Aggregate each worker's i+1 round of local model gradient ciphertexts to determine the i+1th round of global model gradient ciphertext corresponding to each i+1 round of local model gradient ciphertexts .
  • each i+1th round of local model gradient ciphertext can include multiple The i+1th round gradient ciphertext.
  • the parameters s i+1 required for selecting the leader of the i+1 round can be generated in the following manner, namely:
  • N% client nodes from the K client nodes participating in federated learning, and form the N% client nodes into the i+1 round aggregation committee, and the rest Client nodes act as workers to participate in the training of the federated learning model.
  • there are 100 client nodes participating in the federated learning of a financial scenario and 15 client nodes are randomly selected from the 100 client nodes to form the i+1 round aggregation committee. Then, 85 client nodes that are not randomly selected among the 100 client nodes are determined as workers to participate in the training of a federated learning model for a financial scenario.
  • leader selection function Sor( ) and the leader verification function Ver( ) can be expressed as:
  • the i+1 round aggregation committee verifies the validity of each worker's signature, and records multiple i+1 round gradients of the workers whose signatures are verified successfully ciphertext.
  • each member of the i+1 round aggregation committee will participate in verifying the signatures of each worker, that is, each member of the i+1 round aggregation committee
  • the signatures of each worker will be obtained from the blockchain (for example, the signatures of each worker for each i+1 round of local model gradient ciphertexts in multiple i+1 rounds of gradient ciphertexts are obtained from the blockchain),
  • the nth i+1th round of gradient ciphertexts of the worker will be recorded and stored.
  • each member in the i+1 round of aggregation committee will participate in verifying the validity of each worker's signature, the worker will be determined only after the number of members whose signatures are successfully verified for the worker reaches a certain requirement. The verification of the signature was successful. For example, if there are 15 members in the i+1 round aggregation committee, and the number of members whose signatures are successfully verified against the worker exceeds two-thirds (that is, more than 10 members), it is confirmed that the verification of the worker's signature is successful. .
  • an agent may be randomly selected from the i+1 round aggregation committee or an agent may be designated to be responsible for verifying the validity of each worker's signature.
  • two agents may be randomly selected from the i+1 round aggregation committee or two agents may be designated to be responsible for verifying the validity of each worker's signature.
  • the i+1th round of aggregation committee For each i+1th round of local model gradient ciphertext, the i+1th round of aggregation committee, according to the set security aggregation rules, verifies all i+1th rounds of gradient ciphertexts of multiple workers whose signatures are successfully verified Perform aggregation processing to determine the i+1 round global model gradient ciphertext corresponding to each i+1 round local model gradient ciphertext.
  • the i+1 round aggregation committee aggregates the gradient ciphertexts of the same type in the n-type i+1 round gradient ciphertexts according to the set security aggregation rules, and determines the i+1 round local model gradient ciphertext.
  • the i+1th round global model gradient ciphertext corresponding to the text wherein, the i+1 round global model gradient ciphertext includes n global sub-gradient ciphertexts.
  • represents the number of workers who pass the signature verification in the ith+1th round.
  • any i+1 round of local model gradient ciphertexts continue to take 20 i+1 rounds of gradient ciphertexts uploaded to the blockchain by each worker as an example, and the signature verification is successful. There are 80 of them. Then the i+1 round aggregation committee aggregates 80 20 types of gradient ciphertexts of the same type in the i+1 round gradient ciphertext according to the set security aggregation rules, and determines the i+1 round global model gradient ciphertext. . Among them, the i+1 round global model gradient ciphertext includes 20 global sub-gradient ciphertexts.
  • Step5 Verify the i+1th round of global model gradient ciphertext corresponding to each i+1th round of local model gradient ciphertext.
  • the following describes an implementation process for verifying the i+1th round of global model gradient ciphertexts corresponding to each i+1th round of local model gradient ciphertexts in the embodiments of the present invention.
  • the i+1 round aggregation committee passes the transaction, and the i+1 round global model gradient ciphertext is Send to the smart contract to trigger the i+1 round leader to verify the global model gradient ciphertext in each i+1 round;
  • the i+1 round leader For each i+1 round global model gradient ciphertext, the i+1 round leader re-encrypts all i+1 round gradient ciphers of multiple workers whose signatures have been successfully verified according to the set security aggregation rules. The text is aggregated, and the new i+1 round global model gradient ciphertext is determined. And determines and are numerically equal. If determined to be equal, a new block containing all worker transactions is sent to the i+1 round aggregation committee. If it is determined that they are not equal, it is confirmed that the ciphertext of the global model gradient in the i+1 round is invalid.
  • the i+1 round aggregation committee uses a majority voting strategy to determine whether the transactions processed by the i+1 leader are correct based on a new block containing all worker transactions. If it is determined to be correct, the reward will be sent to the leader of the i+1 round, and the new block corresponding to the correct global model gradient ciphertext of each i+1 round will be added to the blockchain through the add function in the smart contract. Then, all members of the i+1 round aggregation committee use the gossip protocol to notify other participants except themselves that the new block corresponding to the i+1 round global model gradient ciphertext has been uploaded to the blockchain. client node.
  • the member can use the gossip protocol to periodically (such as 1 second, 2 seconds, 5 seconds, etc.)
  • the message that the corresponding new block has been uploaded to the blockchain is notified to other client nodes participating in federated learning except itself.
  • Step 4 to Step 5 the processing from Step 4 to Step 5 will be re-executed.
  • Step 6 Determine whether the gradient ciphertext of each i+1th round of the global model in the current latest block satisfies the training termination condition of the federated learning model.
  • the training termination condition of the federated learning model is that the difference between each global model gradient in the current latest block and the global model gradient corresponding to the previous round is less than or equal to the set threshold.
  • Each worker obtains the gradient ciphertext of each global model in the current latest block through the blockchain.
  • Each worker uses his own private key sk k to decrypt the ciphertext of each global model gradient in the current latest block to obtain the decrypted global model gradient.
  • each worker determines whether the difference between the global model gradient and the global model gradient corresponding to the previous round is less than or equal to a set threshold. If it is determined that the difference between the global model gradient and the global model gradient corresponding to the previous round is less than or equal to the set threshold, the global model gradient is used as the target global model gradient. If it is determined that the difference between the global model gradient and the global model gradient corresponding to the previous round is greater than the set threshold, i+1 is assigned to i, and the processing procedures from Step 3 to Step 6 are re-executed.
  • each worker obtains the i+1th round of the global model gradient ciphertext in the current latest block through the blockchain, and uses its own private key sk k to compose each i+th round in the current latest block.
  • One round of global model gradient ciphertext is decrypted, and each decrypted i+1 round global model gradient is obtained. Then, for each global model gradient in the current latest block, determine whether the difference between the i+1 round global model gradient and the corresponding i round global model gradient is less than or equal to the set threshold.
  • the i+1 round global model gradient is used as the target global model gradient, so that the trained federated learning model. If it is determined that the difference between the i+1 round global model gradient and the corresponding i round global model gradient is greater than the set threshold, assign i+1 to i, and re-execute the processing from Step 3 to Step 6, so that each work
  • the user uses the decrypted global model gradient of each i+1 round to perform the i+2 round of federated learning training until the training termination condition of the federated learning model is met.
  • FIG. 4 exemplarily shows a blockchain-based federated learning device provided by an embodiment of the present invention, and the device can execute the process of the blockchain-based federated learning method.
  • the device includes:
  • Determining unit 401 configured to train the i-th round of local models based on local training data, and determine the i+1-th round of local model gradient information after training;
  • the first node is selected from N blockchain nodes A node for participating in the i+1th round of federated learning training;
  • the i-th round of local model is obtained based on the i-th round of global model gradient ciphertext obtained from the blockchain by the first node;
  • the first processing unit 402 is configured to cut and quantify each first sub-gradient information in the i+1th round of local model gradient information based on the gradient clipping and quantization rule, respectively, to obtain each second sub-gradient information; according to the gradient merging rule , combine every m second sub-gradient information in the second sub-gradient information to obtain n types of third sub-gradient information; perform homomorphic encryption on the n types of third sub-gradient information respectively to obtain n types of third sub-gradient information ciphertext, and send the n-type ciphertext to the blockchain; the n-type ciphertext is used for each first node of the i+1th round of federated learning training by the aggregation nodes in the blockchain The feedback ciphertext is aggregated to obtain the i+1 round global model gradient ciphertext.
  • the first processing unit 402 is further configured to:
  • the first processing unit 402 is specifically configured to:
  • the first sub-gradient information is clipped based on the gradient clipping algorithm to obtain clipped first sub-gradient information
  • quantization processing is performed on each of the trimmed first sub-gradient information, respectively, to obtain each of the second sub-gradient information.
  • the first processing unit 402 is specifically configured to:
  • the first sub-gradient information is compared with a gradient threshold; the gradient threshold is based on the clipped first sub-gradient information.
  • the distribution law of gradient information is determined;
  • the second sub-gradient information corresponding to the first sub-gradient information is determined according to the comparison result between the first sub-gradient information and the gradient threshold.
  • the first processing unit 402 is further configured to:
  • the i+1 round global model gradient information is used as the target global model model gradient information to obtain a trained federated learning model.
  • FIG. 5 exemplarily shows another blockchain-based federated learning apparatus provided by an embodiment of the present invention, and the apparatus can execute the flow of the blockchain-based federated learning method.
  • the device includes:
  • the obtaining unit 501 is used to obtain each n types of ciphertexts sent by each first node from the blockchain; the first node is selected from the N blockchain nodes for participating in the i+1th round of federated learning training node; the aggregation node is any one of the other nodes in the N blockchain nodes except the first nodes;
  • the second processing unit 502 is configured to perform aggregation processing on the ciphertexts of the same type among the n types of ciphertexts of the first nodes, so as to obtain the i+1th round of global model gradient ciphertexts, and combine the i+1th ciphertexts
  • the round global model gradient ciphertext is sent to the blockchain; wherein, the n-type ciphertext is obtained by the first node respectively performing homomorphic encryption on the n-type third sub-gradient information; the n-type third sub-gradient information is obtained respectively;
  • the sub-gradient information is determined by the first node merging every m second sub-gradient information in the second sub-gradient information according to the gradient merging rule; the second sub-gradient information is determined by the first node based on the gradient
  • the clipping and quantization rules are obtained by clipping and quantizing each first sub-gradient information in the i+1th round of local model gradient information respectively; the i+1th round of local model gradient
  • the second processing unit 502 is specifically configured to:
  • aggregation processing is performed on the ciphertexts of the same type among the at least two n-type ciphertexts corresponding to the at least two first nodes that are successfully verified.
  • the second processing unit 502 is further configured to:
  • the global model gradient ciphertext verification pass message sent by the proxy node is received; the proxy node is based on the proxy node selection rule from the It is selected from each first node; the global model gradient ciphertext verification pass message is that the proxy node is determining the i+1th round of the global model gradient ciphertext and the ith ciphertext determined by itself based on the set aggregation rule. +1 round generated when the global model gradient ciphertext is consistent;
  • an embodiment of the present invention also provides a computing device, as shown in FIG. 6 , including at least one processor 601 and a memory 602 connected to the at least one processor, and processing is not limited in this embodiment of the present invention
  • the specific connection medium between the processor 601 and the memory 602 is taken as an example of the connection between the processor 601 and the memory 602 via a bus in FIG. 6 .
  • the bus can be divided into address bus, data bus, control bus and so on.
  • the memory 602 stores instructions that can be executed by at least one processor 601, and the at least one processor 601 can execute the instructions included in the foregoing blockchain-based federated learning method by executing the instructions stored in the memory 602. A step of.
  • the processor 601 is the control center of the computing device, and can use various interfaces and lines to connect various parts of the computing device, and realize the data by running or executing the instructions stored in the memory 602 and calling the data stored in the memory 602. deal with.
  • the processor 601 may include one or more processing units, and the processor 601 may integrate an application processor and a modem processor, wherein the application processor mainly processes the operating system, user interface, application programs, etc., and the modem
  • the calling processor mainly deals with issuing instructions. It can be understood that, the above-mentioned modulation and demodulation processor may not be integrated into the processor 601.
  • the processor 601 and the memory 602 may be implemented on the same chip, and in some embodiments, they may be implemented separately on separate chips.
  • the processor 601 may be a general-purpose processor, such as a central processing unit (CPU), a digital signal processor, an application specific integrated circuit (ASIC), a field programmable gate array or other programmable logic device, discrete gates or transistors Logic devices and discrete hardware components can implement or execute the methods, steps, and logic block diagrams disclosed in the embodiments of the present invention.
  • a general purpose processor may be a microprocessor or any conventional processor or the like.
  • the steps of the method disclosed in combination with the blockchain-based federated learning method embodiment can be directly embodied as executed by a hardware processor, or executed by a combination of hardware and software modules in the processor.
  • the memory 602 can be used to store non-volatile software programs, non-volatile computer-executable programs and modules.
  • the memory 602 may include at least one type of storage medium, for example, may include flash memory, hard disk, multimedia card, card-type memory, random access memory (Random Access Memory, RAM), Static Random Access Memory (Static Random Access Memory, SRAM), Programmable Read Only Memory (PROM), Read Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Magnetic Memory, Disk , CD-ROM, etc.
  • Memory 602 is, but is not limited to, any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer.
  • the memory 602 in this embodiment of the present invention may also be a circuit or any other device capable of implementing a storage function, for storing program instructions and/or data.
  • an embodiment of the present invention also provides a computer-readable storage medium, which stores a computer program executable by a computing device.
  • the computing device causes the Perform the steps described above for the blockchain-based federated learning approach.
  • embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.
  • computer-usable storage media including, but not limited to, disk storage, CD-ROM, optical storage, etc.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Evolutionary Computation (AREA)
  • Mathematical Physics (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Data Mining & Analysis (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Artificial Intelligence (AREA)
  • Machine Translation (AREA)

Abstract

一种基于区块链的联邦学习方法及装置,该方法包括第一节点基于本地训练数据对第i轮本地模型进行训练,确定训练后的第i+1轮本地模型梯度信息(202),基于梯度裁剪量化规则对第i+1轮本地模型梯度信息中各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息(203),按照梯度合并规则,将各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息(204),对n类第三子梯度信息分别进行同态加密,得到n类密文(205),并将n类密文发送给区块链(206)。由于将本地模型梯度信息中各第一子梯度信息分别进行裁剪量化及合并处理,再进行同态加密,因此可以降低同态加密所产生的计算资源消耗,并可以减少密文传输过程中所消耗的网络资源。

Description

一种基于区块链的联邦学习方法及装置
相关申请的交叉引用
本申请要求在2021年04月14日提交中国专利局、申请号为202110398076.4、申请名称为“一种基于区块链的联邦学习方法及装置”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
技术领域
本发明实施例涉及金融科技(Fintech)领域,尤其涉及一种基于区块链的联邦学习方法及装置。
背景技术
随着计算机技术的发展,越来越多的技术应用在金融领域,传统金融业正在逐步向金融科技转变,但由于金融行业的安全性、实时性要求,也对技术提出的更高的要求。
现有的基于同态加密的联邦学习方法一般是:各设备端利用本地数据集训练本地模型,得到各自训练后的本地模型梯度信息,并利用同态加密算法(比如Paillier算法等)对各自训练后的本地模型梯度信息进行加密,将各自加密后的本地模型梯度信息发送给服务端。然后,服务端在接收到各设备端发送的各自加密后的本地模型梯度信息后,按照预设的聚合方式对这些加密后的本地模型梯度信息进行聚合处理,得到处于加密状态的全局模型梯度信息(即密文形式的全局模型梯度信息)。服务端将处于加密状态的全局模型梯度信息发送给各设备端,以使各设备端利用同态加密算法对各自所接收的处于加密状态的全局模型梯度信息进行解密,并基于解密后的全局模型梯度信息继续利用本地数据集训练本地模型,直至本地模型收敛或达到迭代训练次数为止,得到全局模型。然而,这种处理方式虽然利用同态加密为联邦学习提供了强大的隐私保障,但由于它需要执行复杂的加密操作(比如模乘或指数运算等),且该复杂的加密操作非常耗时,因此需要消耗大量计算资源。同时,复杂加密操作后会产生更大的密文,该密文在传输过程中比明文传输过程中所消耗的网络资源更多。
综上,目前亟需一种基于区块链的联邦学习方法,用以解决现有技术中存在对本地模型梯度信息进行同态加密所产生的计算开销大以及通信开销大的问题。
发明内容
本发明实施例提供了一种基于区块链的联邦学习方法及装置,用以解决现有技术中存在对本地模型梯度信息进行同态加密所产生的计算开销大以及通信开销大的问题。
第一方面,本发明实施例提供了一种基于区块链的联邦学习方法,包括:
第一节点基于本地训练数据对第i轮本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息;所述第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型 梯度密文得到的;
所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息;
所述第一节点按照梯度合并规则,将所述各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息;
所述第一节点对所述n类第三子梯度信息分别进行同态加密,得到n类密文,并将所述n类密文发送给所述区块链;所述n类密文用于所述区块链中的聚合节点对第i+1轮联邦学习训练的各第一节点反馈的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文。
上述技术方案中,本发明中的技术方案一方面引入了区块链机制,将各第一节点产生的本地模型梯度密文以上链的方式存储至区块链中;同时,引入区块链中的聚合节点进行聚合处理,得到全局模型梯度密文并上链至区块链中。该方式基于区块链的去中心化以及可追溯特性可以确保各第一节点上传的本地模型梯度密文的完整性,并可以确保聚合处理各本地模型梯度密文过程的公开可验证性以及确保全局模型梯度密文的正确性,从而可以消除现有技术中服务端作恶的可能性。另一方面,各第一节点基于梯度裁剪量化规则对自身产生的本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息,并按照梯度合并规则,将各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息。然后对n类第三子梯度信息分别进行同态加密,得到n类密文。由于将训练后的本地模型梯度信息中各第一子梯度信息分别进行裁剪量化及合并处理,之后再进行同态加密,因此有助于降低同态加密所产生的计算资源消耗,并可以减少密文传输过程中所消耗的网络资源,从而可以解决现有技术中存在对本地模型梯度信息进行同态加密所产生的计算开销大以及通信开销大的问题。
可选地,在所述第一节点基于本地训练数据对第i轮本地模型进行训练之前,还包括:
所述第一节点对所述第i轮全局模型梯度信息密文进行同态解密,得到第i轮全局模型梯度信息;
所述第一节点确定所述第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值大于设定阈值。
上述技术方案中,在基于本地训练数据对第i轮本地模型进行训练之前,通过将第i轮全局模型梯度信息和第i-1轮全局模型梯度信息的差值与设定阈值进行比较,能够及时地获知当前的联邦学习训练状态,以此可以及时地确定是否需要进行第i+1轮联邦学习训练;同时在确定第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值小于等于设定阈值时,也可以避免后续再次进行联邦学习训练,从而避免联邦学习训练资源的浪费。
可选地,所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息,包括:
所述第一节点基于梯度裁剪算法分别对所述各第一子梯度信息进行裁剪处理,得到裁剪后的各第一子梯度信息;
所述第一节点基于梯度量化算法分别对所述裁剪后的各第一子梯度信息进行量化处理,得到所述各第二子梯度信息。
上述技术方案中,通过使用梯度裁剪算法以及梯度量化算法对各第一子梯度进行裁剪量化,可以使得各第一子梯度信息被简化,更便于后续的数据处理,从而有助于降低后续的同态加密运算的复杂度,并有助于减少同态加密运算所消耗的时间。
可选地,所述第一节点基于梯度量化算法分别对所述裁剪后的各第一子梯度信息进行量化处理,得到所述各第二子梯度信息,包括:
针对所述裁剪后的各第一子梯度信息中每个第一子梯度信息,所述第一节点将所述第一子梯度信息与梯度阈值进行比较;所述梯度阈值是根据所述裁剪后的各第一子梯度信息的分布规律确定的;
所述第一节点基于梯度量化规则,根据所述第一子梯度信息与所述梯度阈值的比较结果,确定所述第一子梯度信息对应的第二子梯度信息。
上述技术方案中,通过将裁剪后的各第一子梯度信息分别与阈值进行比较,可以实现对裁剪后的各第一子梯度信息的分类,如此便于后续基于分类结果及时准确地对裁剪后的各第一子梯度信息进行量化,以获得各第二子梯度信息。
可选地,在得到第i+1轮全局模型梯度密文之后,还包括:
所述第一节点从所述区块链获取所述第i+1轮全局模型梯度密文,并对所述第i+1轮全局模型梯度密文进行同态解密,得到第i+1轮全局模型梯度信息;
所述第一节点若确定所述第i+1轮全局模型梯度信息与所述第i轮全局模型梯度信息的差值小于等于所述设定阈值,则将所述第i+1轮全局模型梯度信息作为目标全局模型梯度信息,从而得到训练好的联邦学习模型。
上述技术方案中,通过将第i+1轮全局模型梯度信息和第i轮全局模型梯度信息的差值与设定阈值进行比较,可以及时地获知当前的联邦学习训练状态,以此可以及时地确定是否需要进行第i+2轮联邦学习训练。同时,在确定第i+1轮全局模型梯度信息与第i轮全局模型梯度信息的差值小于等于设定阈值时,就可以将第i+1轮全局模型梯度信息作为目标全局模型梯度信息,以此获得训练好的联邦学习模型。
第二方面,本发明实施例提供了一种基于区块链的联邦学习方法,包括:
聚合节点从区块链上获取各第一节点发送的各n类密文;第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述聚合节点是所述N个区块链节点中除所述各第一节点以外的其它节点中的任一个;
所述聚合节点对所述各第一节点的各n类密文中同类的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文,并将所述第i+1轮全局模型梯度密文发送给所述区块链;
其中,所述n类密文是所述第一节点对n类第三子梯度信息分别进行同态加密得到的;所述n类第三子梯度信息是所述第一节点按照梯度合并规则对各第二子梯度信息中每m个第二子梯度信息进行合并确定的;所述各第二子梯度信息是所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化得到的;所述第i+1轮本地模型梯度信息是所述第一节点基于本地训练数据对第i轮本地模型进行训练确定的;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的。
上述技术方案中,本发明中的技术方案一方面引入了区块链机制,区块链中的聚合节点是N个区块链节点中除各第一节点以外的其它节点中随机选取的任一个,如此可以确保聚合节点选取的随机性、不可预测性,进一步可以提升聚合处理的安全性。然后,基于聚合节点对上链的各第一节点产生的本地模型梯度密文进行聚合处理,得到全局模型梯度密文并上链至区块链中。同时,该方式基于区块链的去中心化以及可追溯特性可以确保聚合节点聚合处理各本地模型梯度密文过程的公开可验证性以及确保全局模型梯度密文的正 确性,从而可以消除现有技术中服务端作恶的可能性。此外,第一节点将训练后的本地模型梯度信息中各第一子梯度信息分别进行裁剪量化及合并处理,之后再进行同态加密,如此有助于降低同态加密所产生的计算资源消耗,并可以减少密文传输过程中所消耗的网络资源。
可选地,所述聚合节点对所述各第一节点的n类密文中同类的密文进行聚合处理,包括:
所述聚合节点对所述各第一节点的签名分别进行验证;
所述聚合节点按照设定的聚合规则,对验证成功的至少两个第一节点所对应的至少两个n类密文中同类的密文进行聚合处理。
上述技术方案中,通过对各第一节点的签名进行验证,可以验证各第一节点上传的密文的真实性,并可以避免密文在发送过程中存在篡改的风险,从而可以验证各第一节点的身份信息的真实性,同时,可以将签名验证不成功的第一节点的密文进行筛除,以避免对后续的密文聚合处理产生干扰,影响聚合处理结果的准确性。此外,按照设定的聚合规则,对验证成功的至少两个第一节点的同类密文进行聚合处理,可以得到准确的全局模型梯度密文,并可以确保聚合处理结果的准确度高。
可选地,在将所述第i+1轮全局模型梯度密文发送给所述区块链之后,还包括:
所述聚合节点接收代理节点发送的全局模型梯度密文验证通过消息;所述代理节点是基于代理节点选取规则从所述各第一节点中选取的;所述全局模型梯度密文验证通过消息是所述代理节点在确定所述第i+1轮全局模型梯度密文与自己基于设定的聚合规则所确定的第i+1轮全局模型梯度密文一致时生成的;
所述聚合节点若确定所述代理节点针对第i+1轮全局模型梯度密文的验证符合设定要求,则将所述第i+1轮全局模型梯度密文对应的新区块添加至所述区块链。
上述技术方案中,在确定代理节点针对第i+1轮全局模型梯度密文的验证符合设定要求时,就可以确定该第i+1轮全局模型梯度密文是准确的,同时将该准确的第i+1轮全局模型梯度密文对应的新区块添加至区块链,以便各第一节点能够及时地从区块链上获取该准确的第i+1轮全局模型梯度密文,并基于该准确的第i+1轮全局模型梯度密文判断第i+1轮联邦学习训练是否已满足训练终止条件。
第三方面,本发明实施例提供了一种基于区块链的联邦学习装置,包括用于执行上述第一方面所述的基于区块链的联邦学习方法的确定单元和第一处理单元。
第四方面,本发明实施例提供了一种基于区块链的联邦学习装置,包括用于执行上述第二方面所述的基于区块链的联邦学习方法的获取单元和第二处理单元。
第五方面,本发明实施例提供一种计算设备,包括至少一个处理器以及至少一个存储器,其中,所述存储器存储有计算机程序,当所述程序被所述处理器执行时,使得所述处理器执行上述第一方面或第二方面任意所述的基于区块链的联邦学习方法。
第六方面,本发明实施例提供一种计算机可读存储介质,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行上述第一方面或第二方面任意所述的基于区块链的联邦学习方法。
附图说明
为了更清楚地说明本发明实施例中的技术方案,下面将对实施例描述中所需要使用的附图作简要介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,对于本领域的普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。
图1为本发明实施例提供的一种联邦学习系统架构的示意图;
图2为本发明实施例提供的一种基于区块链的联邦学习方法的流程示意图;
图3为本发明实施例提供的另一种基于区块链的联邦学习方法的流程示意图;
图4为本发明实施例提供的一种基于区块链的联邦学习装置的结构示意图;
图5为本发明实施例提供的另一种基于区块链的联邦学习装置的结构示意图;
图6为本发明实施例提供的一种计算设备的结构示意图。
具体实施方式
为了使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明作进一步地详细描述,显然,所描述的实施例仅仅是本发明的一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例,都属于本发明保护的范围。
为了便于理解本发明实施例,首先以图1中示出的系统架构为例说明适用于本发明实施例的联邦学习系统架构。该联邦学习系统架构可以应用于信贷逾期模型的训练、用户资产风控模型的训练、用户产品推荐模型的训练等,在实际应用场景中,本发明实施例对此并不作限定。如图1所示,该联邦学习系统架构可以包括至少一个第一节点(比如第一节点101、第一节点102和第一节点103等)、区块链200和至少一个聚合节点(比如聚合节点301、聚合节点302和聚合节点303等)。其中,至少一个聚合节点组成为聚合委员会,聚合委员会与区块链200进行连接,且每个第一节点分别与区块链200进行连接,比如可以通过有线方式连接,或者通过无线方式连接,具体不作限定。
其中,第一节点用于参与联邦学习模型的训练。比如,第一节点参与第i轮联邦学习的训练,首先会从区块链200上获取第i-1轮全局模型梯度密文,并基于本地训练数据对第i-1轮全局模型梯度密文对应的本地模型进行训练,再将训练结果(即第i轮本地模型梯度)进行同态加密后上传至区块链200。
聚合节点用于参与联邦学习模型的训练结果的聚合。比如,聚合节点参与第i轮联邦学习的训练结果的聚合,首先会从区块链200上获取各第一节点上传的第i轮本地模型梯度密文,并对各第一节点上传的第i轮本地模型梯度密文进行聚合处理,以便得到第i轮全局模型梯度密文,再将第i轮全局模型梯度密文上传至区块链200。
区块链200会记录第一节点上传的本地模型梯度密文以及聚合节点上传的全局模型梯度密文,以便需要相应密文的区块链节点可以从该区块链200获取。比如,区块链200记录第一节点上传的第i轮本地模型梯度密文以及聚合节点上传的第i轮全局模型梯度密文。
需要说明的是,上述图1所示的结构仅是一种示例,本发明实施例对此不做限定。
基于上述描述,图2示例性的示出了本发明实施例提供的一种基于区块链的联邦学习方法的流程,该流程可以由基于区块链的联邦学习装置执行。
如图2所示,该流程具体包括:
步骤201,第一节点从区块链上获取第i轮全局模型梯度密文。
步骤202,所述第一节点基于本地训练数据对所述第i轮全局模型梯度密文对应的本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息。
步骤203,所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息。
步骤204,所述第一节点按照梯度合并规则,将所述各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息。
步骤205,所述第一节点对所述n类第三子梯度信息分别进行同态加密,得到n类密文。
步骤206,所述第一节点将所述n类密文发送给所述区块链。
步骤207,聚合节点从所述区块链上获取各第一节点发送的各n类密文。
步骤208,所述聚合节点对所述各第一节点的各n类密文中同类的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文。
步骤209,所述聚合节点将所述第i+1轮全局模型梯度密文发送给所述区块链。
上述步骤201和202中,第一节点从区块链上获取第i轮全局模型梯度密文,并基于本地训练数据对第i轮全局模型梯度密文对应的本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息。具体地,第一节点在接收到第i轮聚合节点发送的第i轮全局模型梯度密文对应的区块已上传至区块链的通知消息之后,从区块链上获取第i轮全局模型梯度密文。之后,对第i轮全局模型梯度信息密文进行同态解密,得到第i轮全局模型梯度信息,并确定第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值是否小于等于设定阈值。若确定第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值小于等于设定阈值,则将第i轮全局模型梯度信息作为目标全局模型梯度信息,从而得到训练好的联邦学习模型。若确定第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值大于设定阈值,则需要进行第i+1轮联邦学习训练。如此,在基于本地训练数据对第i轮本地模型进行训练之前,通过将第i轮全局模型梯度信息和第i-1轮全局模型梯度信息的差值与设定阈值进行比较,就可以及时地获知当前的联邦学习训练状态,以此可以及时地确定是否需要进行第i+1轮联邦学习训练;同时在确定第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值小于等于设定阈值时,也可以避免后续再次进行联邦学习训练,从而避免联邦学习训练资源的浪费。然后,基于本地训练数据对第i轮全局模型梯度信息对应的本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息。其中,第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;设定阈值可以由本领域技术人员根据实验结果或根据经验或者可以根据实际应用场景进行设置,本发明实施例对此并不作限定。
上述步骤203和204中,第一节点基于梯度裁剪量化规则对第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息,并按照梯度合并规则,将各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息。具体地,第一节点基于梯度裁剪算法分别对各第一子梯度信息进行裁剪处理,得到裁剪后的各第一子梯度信息,并基于梯度量化算法分别对裁剪后的各第一子梯度信息进行量化处理,得到各第二子梯度信息。再按照梯度合并规则,将各第二子梯度信息中每m个第二子 梯度信息进行合并,得到n类第三子梯度信息。比如,假设有50个第二子梯度信息,可以依次将该50个第二子梯度信息按照每10个一组的形式,分成5组,针对每个组,将该组所包含的子梯度信息进行合并,从而可以形成5类第三子梯度信息。如此,通过使用梯度裁剪算法以及梯度量化算法对各第一子梯度进行裁剪量化,可以使得各第一子梯度信息被简化,更便于后续的数据处理,从而有助于降低后续的同态加密运算的复杂度,并有助于减少同态加密运算所消耗的时间。同时,将各第二子梯度信息中每m个子梯度信息合并成为一个梯度信息,如此可以使得后续进行同态加密的子梯度信息的数据量减少,从而使得同态加密后的密文数量减少,以此可以降低同态加密所产生的计算资源消耗,并可以减少密文传输过程中所消耗的网络资源。
其中,第一节点基于梯度量化算法分别对裁剪后的各第一子梯度信息进行量化处理的实施过程具体为:针对裁剪后的各第一子梯度信息中每个第一子梯度信息,第一节点将第一子梯度信息与梯度阈值进行比较,并基于梯度量化规则,根据第一子梯度信息与梯度阈值的比较结果,确定第一子梯度信息对应的第二子梯度信息。如此,通过将裁剪后的各第一子梯度信息分别与阈值进行比较,可以实现对裁剪后的各第一子梯度信息的分类,如此便于后续基于分类结果及时准确地对裁剪后的各第一子梯度信息进行量化,以获得各第二子梯度信息。其中,梯度阈值是根据裁剪后的各第一子梯度信息的分布规律确定的。
一种梯度量化规则为:若确定第一子梯度信息大于梯度阈值,则将第一子梯度信息设置为第一值;若确定第一子梯度信息小于等于梯度阈值的绝对值,则将第一子梯度信息设置为第二值;若确定第一子梯度信息小于梯度阈值的负数,则将第一子梯度信息设置为第三值,从而可以得到各第一子梯度信息对应的各第二子梯度信息。
另一种梯度量化规则为:若确定第一子梯度信息大于零,则将第一子梯度信息设置为第四值;若确定第一子梯度信息小于等于零,则将第一子梯度信息设置为第五值,从而可以得到各第一子梯度信息对应的各第二子梯度信息。
上述步骤205和206中,第一节点对n类第三子梯度信息分别进行同态加密,得到n类密文,并将n类密文发送给区块链。具体地,第一节点根据同态加密算法(比如Paillier同态加密算法、Gentry同态加密算法等)分别对n类第三子梯度信息进行加密,得到n类密文,然后将n类密文发送给区块链。
示例性地,比如有20个第一子梯度信息,第一节点基于梯度裁剪算法分别对该20个第一子梯度信息进行裁剪处理,得到裁剪后的20个第一子梯度信息。再基于梯度量化算法分别对裁剪后的20个第一子梯度信息进行量化处理,得到20个第二子梯度信息。然后,按照梯度合并规则,将20个第二子梯度信息中每2个第二子梯度信息进行合并,得到10个第三子梯度信息。最后利用Paillier同态加密算法对该10个第三子梯度信息分别进行加密,得到10类密文,并将该10类密文发送给区块链。相比现有技术中直接利用Paillier同态加密算法将20个第一子梯度信息进行加密,得到20类密文,本发明的技术方案可以显著降低同态加密所产生的计算资源消耗,同时可以显著降低密文传输数量,从而实现高效率的联邦学习。
上述步骤207、208和209中,聚合节点从区块链上获取各第一节点发送的各n类密文,并对各第一节点的各n类密文中同类的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文,之后将第i+1轮全局模型梯度密文发送给区块链。如此,本发明中的技术方案一方面引入了区块链机制,区块链中的聚合节点是N个区块链节点中除各第一节点以外 的其它节点中随机选取的任一个,如此可以确保聚合节点选取的随机性、不可预测性,进一步可以提升聚合处理的安全性。然后,基于聚合节点对上链的各第一节点产生的本地模型梯度密文进行聚合处理,得到全局模型梯度密文并上链至区块链中。同时,该方式基于区块链的去中心化以及可追溯特性可以确保聚合节点聚合处理各本地模型梯度密文过程的公开可验证性以及确保全局模型梯度密文的正确性,从而可以消除现有技术中服务端作恶的可能性。其中,聚合节点是N个区块链节点中除各第一节点以外的其它节点中的任一个。
具体地,聚合节点在从区块链上获取各第一节点发送的各n类密文之后,首先对各第一节点的签名分别进行验证,得到验证成功的至少两个第一节点。再按照设定的聚合规则,对验证成功的至少两个第一节点所对应的至少两个n类密文中同类的密文进行聚合处理,以此得到第i+1轮全局模型梯度密文。基于此,通过对各第一节点的签名进行验证,可以验证各第一节点上传的密文的真实性,并可以避免密文在发送过程中存在篡改的风险,从而可以验证各第一节点的身份信息的真实性,同时,可以将签名验证不成功的第一节点的密文进行筛除,以避免对后续的密文聚合处理产生干扰,影响聚合处理结果的准确性。此外,按照设定的聚合规则,对验证成功的至少两个第一节点的同类密文进行聚合处理,可以得到准确的全局模型梯度密文,并可以确保聚合处理结果的准确度高。
示例性地,假设有10个第一节点,每个第一节点发送给区块链的密文有10类。聚合节点在从区块链上获取10个第一节点各自发送的10类密文之后,首先对10个第一节点的签名分别进行验证,得到验证成功的8个第一节点。其中,2个第一节点的签名验证失败。再按照设定的聚合规则,对8个10类密文中同类的密文进行聚合处理,以此得到第i+1轮全局模型梯度密文。
在将第i+1轮全局模型梯度密文发送给区块链之后,聚合节点会接收代理节点发送的全局模型梯度密文验证通过消息。再基于该全局模型梯度密文验证通过消息,在确定代理节点针对第i+1轮全局模型梯度密文的验证符合设定要求时,将第i+1轮全局模型梯度密文对应的新区块添加至区块链;在确定代理节点针对第i+1轮全局模型梯度密文的验证不符合设定要求时,会根据货币惩罚机制惩罚代理节点。其中,全局模型梯度密文验证通过消息是代理节点在确定第i+1轮全局模型梯度密文与自己基于设定的聚合规则所确定的第i+1轮全局模型梯度密文一致时生成的;代理节点是基于代理节点选取规则从各第一节点中选取的。
需要说明的是,在得到第i+1轮全局模型梯度密文之后,第一节点从区块链获取第i+1轮全局模型梯度密文,并对第i+1轮全局模型梯度密文进行同态解密,得到第i+1轮全局模型梯度信息。再将第i+1轮全局模型梯度信息和第i轮全局模型梯度信息的差值与设定阈值进行比较,并基于比较结果可以及时地获知当前的联邦学习训练状态,以此可以及时地确定是否需要进行第i+2轮联邦学习训练。若确定第i+1轮全局模型梯度信息与第i轮全局模型梯度信息的差值小于等于设定阈值,就可以将第i+1轮全局模型梯度信息作为目标全局模型梯度信息,以此获得训练好的联邦学习模型。若确定第i+1轮全局模型梯度信息与第i轮全局模型梯度信息的差值大于设定阈值,则需要进行第i+2轮联邦学习训练,直至满足训练终止条件(当前轮的全局模型梯度信息与上一轮的全局模型梯度信息的差值小于等于设定阈值),以此得到训练好的联邦学习模型。
有鉴于此,下面结合图3,对本发明实施例中基于区块链的联邦学习方法的实施过程 进行具体描述。其中,图3为本发明实施例提供的另一种基于区块链的联邦学习方法的流程示意图。此外,需要说明的是,每个客户端节点在训练全局模型的时候通常会得到多个本地模型梯度(即多个模型参数),且每个本地模型梯度可以包括多个子梯度。比如,某一客户端节点的某一本地模型梯度为W i,该W i包含j个子梯度,即,
Figure PCTCN2021131317-appb-000001
Step1:区块链系统初始化。
下面对本发明实施例中区块链系统初始化的实施过程进行描述。
a、构建Paillier加密系统,并基于Paillier加密系统为区块链系统中各客户端节点生成用于各自本地模型梯度加密的公钥pk i和私钥sk i。其中,区块链系统中有K个客户端节点。
需要说明的是,除了基于Paillier加密系统进行同态加密,也可以采用其它同态加密算法(比如支持使用SIMD操作、能直接对双精度浮点类型的实数甚至复数进行编码,加密和运算的CKKS方法等)进行同态加密。
b、每个客户端节点从去零的模q剩余类Z q *中随机选择一个元素,作为私钥。其中,q表示一个随机选取的大素数,且q>2 λ,λ表示由区块链所确定的密码系统安全参数,λ<2 64
c、每个客户端节点从去零的模q剩余类Z q *中随机选择n个元素,即,r 1,r 2,…,r n。将随机选取的n个元素(r 1,r 2,…,r n)分别与自己的私钥相乘,将g作为底数、每个乘积结果作为指数,计算每个客户端节点的n个公钥,即,
Figure PCTCN2021131317-appb-000002
Figure PCTCN2021131317-appb-000003
其中,n表示一个正整数,g表示阶为q的乘法循环群G的生成元;i表示第i个客户端节点。
d、每个客户端节点从它的n个公钥{pk i,1,pk i,2,…,pk i,n}中随机选取出一个公钥,作为自己的账户地址。
e、生成创世区块。
Step2:确定联邦学习的第0轮全局模型梯度。
下面对本发明实施例中确定联邦学习的第0轮全局模型梯度的实施过程进行描述。
a、基于参数选取规则,随机选取出一个长度为d比特的字符串,并将该字符串作为选取第0轮领导者所需的参数s 0。其中,d的取值可以为2的指数次方,比如2 7、2 8、2 9等。
b、从K个参与联邦学习的客户端节点中随机选取出百分之N的客户端节点,并将该百分之N的客户端节点组成为第0轮聚合委员会,而剩下的客户端节点则作为工作者,用于参与联邦学习模型的训练。其中,N∈[10,20]。
示例性地,针对某一金融类场景(比如银行零售信贷中风控服务场景、信用卡贷前贷中风控服务场景等)的联邦学习,有100个客户端节点参与该某一金融类场景的联邦学习。首先,从该100个客户端节点中随机选取出10个或20个客户端节点来组成为第0轮聚合委员会。再将该100个客户端节点中未被随机选中的90个或80个客户端节点确定为工作者,以用于参与针对某一金融类场景的联邦学习模型的训练。
c、基于Algorand共识协议,从所有工作者中确定出第0轮领导者。
具体地,调用Algorand共识协议中的领导者选择函数Sor(·)和领导者验证函数Ver(·),从所有工作者中选择出一个工作者,作为第0轮领导者。
其中,领导者选择函数Sor(·)和领导者验证函数Ver(·)可以表示为:
Sor(SK k,s 0,τ=1,role="工作者",w k,w total)→<H(·),π,t>
Ver(PK k,H(·),π,s 0,τ,role="工作者",w k,w total)→t
其中,PK k和SK k分别表示Paillier加密系统为给第k个工作者生成的公钥和私钥; τ=1,role="工作者"表示从所有工作者中选择出一个工作者,作为领导者;w k表示第k个工作者拥有的货币;w total代表区块链中全部的货币;H(·)表示哈希函数,将任意长度的字符串映射为长度为d比特的字符串;π表示工作者提交其贡献获得的相应回报;t表示选择第t个工作者作为领导者;3<k<m。
d、第0轮聚合委员会随机初始化出一个用于联邦学习的第0轮全局模型梯度W 0
e、第0轮聚合委员会通过智能合约中的添加函数,将第0轮联邦学习的全局模型梯度W 0上传至区块链。
f、第0轮聚合委员会中的全体成员使用gossip协议将全局模型梯度W 0已上传至区块链的消息通知给除自身以外的其它参与联邦学习的客户端节点。
示例性地,针对第0轮聚合委员会中每个成员,该成员可以使用gossip协议周期性(比如1秒、2秒、5秒等)地将全局模型梯度W 0已上传至区块链的消息通知给除自身以外的其它参与联邦学习的客户端节点。如此,所有工作者可以基于全局模型梯度W 0进行第1轮联邦学习的训练,即,每个工作者基于本地训练数据集,对第0轮全局模型梯度W 0对应的全局模型进行训练,得到该工作者的第1轮本地模型梯度。
需要说明的是,在将该百分之N的客户端节点组成为第0轮聚合委员会后,也可以将K个参与联邦学习的客户端节点都作为工作者,用于参与联邦学习模型的训练。也就是说,该百分之N的客户端节点有两个身份,即作为第0轮聚合委员会中的成员和用于参与联邦学习模型的训练的工作者。示例性地,从该100个客户端节点中随机选取出10个或20个客户端节点来组成为第0轮聚合委员会后,将该100个客户端节点都作为工作者,以用于参与针对某一金融类场景的联邦学习模型的训练。
Step3:确定每个工作者的各第i+1轮本地模型梯度密文。
下面以全局模型中的一个本地模型梯度为例,对本发明实施例中每个工作者确定本地模型梯度密文的实施过程进行描述。其中,每个工作者针对该全局模型中的其它本地模型梯度都可以按照该本地模型梯度的处理过程进行处理,以得到各自对应的各本地模型梯度密文,在此不再赘述。
a、针对参与第i+1轮联邦学习的训练的各工作者中每个工作者,该工作者可以利用预设的梯度下降方法(比如随机梯度下降方法、全量梯度下降法、小批量梯度下降法、Momentum梯度下降法、NAG梯度下降法等),对第i轮全局模型梯度对应的全局模型进行训练,得到该工作者的第i+1轮本地模型梯度。其中,i表示计数器,且i的初始值为0;第i+1轮本地模型梯度包括多个子梯度。
示例性地,该工作者可以采用随机梯度下降方法,基于本地训练数据集,对第i轮全局模型梯度对应的全局模型进行训练,得到该工作者的第i+1轮本地模型梯度。其中,全局模型网络结构可以为CNN(Convolutional Neural Network)卷积神经网络结构、ResNet(Residual Neural Network)残差网络结构、VGG-Net(Visual Geometry Group Network)深度卷积网络等。此外,随机梯度下降方法可以满足下述形式:
Figure PCTCN2021131317-appb-000004
其中,
Figure PCTCN2021131317-appb-000005
表示第k个工作者的第i+1轮本地模型梯度;η表示学习率;
Figure PCTCN2021131317-appb-000006
表示求导运算;L f(·)表示损失函数;D k表示第k个工作者拥有的本地数据集。
b、每个工作者利用梯度裁剪算法,将自身生成的第i+1轮本地模型梯度进行裁剪,得到裁剪后的第i+1轮本地模型梯度。
具体地,每个工作者利用梯度裁剪公式,将自身生成的第i+1轮本地模型梯度中各第一子梯度的梯度值裁剪到[-1,1]范围内。其中,梯度裁剪公式满足下述形式:
Figure PCTCN2021131317-appb-000007
其中,
Figure PCTCN2021131317-appb-000008
表示第k个工作者裁剪后的第i+1轮本地模型梯度的第j个第一子梯度;l为正整数,与全局模型的网络结构以及输入的本地训练数据集相关;
Figure PCTCN2021131317-appb-000009
表示第k个工作者第i+1轮本地模型梯度的第j个第一子梯度;max(·)表示取最大值函数;tanh(·)表示双曲正切函数。
需要说明的是,在本发明实施例中,比如全局模型为卷积神经网络,则对于卷积神经网络来说,l可以通过输入的本地训练数据集的尺寸、卷积层中神经元的感受野尺寸、步长、滤波器数量和零填充的数量等计算出来。
c、确定裁剪后的第i+1轮本地模型梯度的阈值。
具体地,每个工作者根据自身的裁剪后的第i+1轮本地模型梯度中各第一子梯度的分布特征,计算出该工作者的第i+1轮本地模型梯度的阈值。
示例性地,如果第k个工作者的裁剪后的第i+1轮本地模型梯度中各第一子梯度的分布是正态分布和平均分布组合,则该工作者的第i+1轮本地模型梯度的阈值Δ k为:
Figure PCTCN2021131317-appb-000010
d、每个工作者利用梯度量化算法,将自身的裁剪后的第i+1轮本地模型梯度中各第一子梯度进行量化处理。
具体地,每个工作者可以利用梯度多值量化公式,将自身的裁剪后的第i+1轮本地模型梯度的第j个第一子梯度
Figure PCTCN2021131317-appb-000011
量化为
Figure PCTCN2021131317-appb-000012
其中,梯度多值量化公式满足下述形式:
Figure PCTCN2021131317-appb-000013
其中,
Figure PCTCN2021131317-appb-000014
表示第k个工作者对自身的裁剪后的第i+1轮本地模型梯度的第j个第一子梯度进行量化后的第j个第二子梯度。
或者,每个工作者不需要确定裁剪后的第i+1轮本地模型梯度的阈值,可以直接利用梯度二值量化公式,将自身的裁剪后的第i+1轮本地模型梯度的第j个第一子梯度
Figure PCTCN2021131317-appb-000015
量化为
Figure PCTCN2021131317-appb-000016
其中,梯度二值量化公式满足下述形式:
Figure PCTCN2021131317-appb-000017
e、每个工作者利用公钥pk,对量化后的第i+1轮本地模型梯度进行批量同态加密,得到多个第i+1轮梯度密文。
具体地,每个工作者按照预设的梯度合并规则将量化后的第i+1轮本地模型梯度中各第二子梯度
Figure PCTCN2021131317-appb-000018
中每m个第二子梯度进行合并,得到n个第三子梯度。再利用公钥pk对该n个第三子梯度进行批量同态加密,得到n个第i+1轮梯度密文,即
Figure PCTCN2021131317-appb-000019
其中,m、n均为大于1的整数。
需要说明的是,本发明实施例中每个工作者在进行批量同态加密时所使用的公钥相同,在进行同态解密时所使用的私钥不相同,是每个工作者自己所拥有的私钥。当然,在实际实施过程中,每个工作者也可以都拥有自己的公私钥对,即,每个工作者在进行批量同态加密时所使用的公钥不相同,在进行同态解密时所使用的私钥不相同。
示例性地,针对每个工作者,该工作者自身的量化后的第i+1轮本地模型梯度中有100个第二子梯度,即,
Figure PCTCN2021131317-appb-000020
则可以按照预设的梯度合并规则将每5个第二子梯度合并为一个新子梯度,如此可以确定出20个新子梯度。再利用公钥pk对该20个新子梯度进行批量同态加密,得到20个第i+1轮梯度密文。比如,可以采用下述方式将每5个第二子梯度合并为一个新子梯度,即:
Figure PCTCN2021131317-appb-000021
Figure PCTCN2021131317-appb-000022
Figure PCTCN2021131317-appb-000023
…。
其中,r可以取10、11等,比如r取11,则新子梯度
Figure PCTCN2021131317-appb-000024
Figure PCTCN2021131317-appb-000025
Figure PCTCN2021131317-appb-000026
等。
或者,也可以按照预设的梯度合并规则将每10个第二子梯度合并为一个新子梯度,如此可以确定出10个新子梯度。再利用公钥pk对该10个新子梯度进行同态加密,得到10个第i+1轮梯度密文。或者,也可以按照预设的梯度合并规则将每20个第二子梯度合并为一个新子梯度,如此可以确定出5个新子梯度。再利用公钥pk对该5个新子梯度进行批量同态加密,得到5个第i+1轮梯度密文。在具体实施过程中,本领域技术人员可以依据经验或具体的应用场景对m的数值进行设置,本发明实施例对此并不作限定。
基于此可知,相比现有技术未对第i+1轮本地模型梯度进行裁剪量化,且直接利用公钥pk对第i+1轮本地模型梯度中所包含的100个子梯度都进行同态加密,得到100个梯度密文,再将该100个梯度密文传输给服务端进行聚合处理。由于现有技术针对100个子梯度都进行同态加密,因此需要消耗大量的同态加密运算资源,且同态加密运算非常耗时,从而增加联邦学习的时间成本,并导致联邦学习的效率降低。此外,由于现有技术针对100个子梯度都进行同态加密,导致产生的梯度密文数量很多(100个第i+1轮梯度密文),在 将该100个第i+1轮梯度密文传输给服务端的过程中需要消耗大量的网络资源,使得联邦学习的通信开销大幅增加。
然而,本发明实施例通过对第i+1轮本地模型梯度中各子梯度进行裁剪量化,比如对第i+1轮本地模型梯度中的100个子梯度进行裁剪量化,再按照预设的梯度合并规则将裁剪量化后的第i+1轮本地模型梯度中的100个子梯度中每5个子梯度进行合并,确定出20个新子梯度。再利用公钥pk对该20个新子梯度进行批量同态加密,得到20个第i+1轮梯度密文。如此,由于对第i+1轮本地模型梯度中100个子梯度进行裁剪量化,因此会使得该100个子梯度各自的梯度值被简化,更便于后续的数据处理,有助于降低后续的同态加密运算的复杂度,同时也有助于减少同态加密运算所消耗的时间,从而可以提高同态加密运算的效率。此外,通过按照预设的梯度合并规则将裁剪量化后的第i+1轮本地模型梯度中100个子梯度每5个子梯度进行合并,并对合并后的20个新子梯度进行批量同态加密,或者,也可以通过按照预设的梯度合并规则将裁剪量化后的第i+1轮本地模型梯度中100个子梯度每20个子梯度进行合并,并对合并后的5个新子梯度进行批量同态加密,如此,与现有技术加密单个子梯度相比,可以显著降低同态加密所产生的计算资源消耗,同时可以显著降低密文传输数量(即减少密文传输过程中所消耗的网络资源),从而实现高效率的联邦学习。
f、每个工作者利用签名算法,确定多个第i+1轮梯度密文的签名。
具体地,每个工作者利用签名算法(比如RSA数字签名算法、ELGamal数字签名算法、DSA数字签名算法等)对多个第i+1轮梯度密文
Figure PCTCN2021131317-appb-000027
进行签名,生成多个第i+1轮梯度密文的签名
Figure PCTCN2021131317-appb-000028
g、每个工作者将多个第i+1轮梯度密文以及多个第i+1轮梯度密文的签名上传至区块链。
具体地,每个工作者可以将多个第i+1轮梯度密文
Figure PCTCN2021131317-appb-000029
和多个第i+1轮梯度密文的签名
Figure PCTCN2021131317-appb-000030
以交易的形式上传至区块链。示例性地,每个工作者可以将20个第i+1轮梯度密文
Figure PCTCN2021131317-appb-000031
和20个第i+1轮梯度密文的签名
Figure PCTCN2021131317-appb-000032
以交易的形式上传至区块链。
Step4:将每个工作者的各第i+1轮本地模型梯度密文分别进行聚合,确定出每个第i+1轮本地模型梯度密文所对应的第i+1轮全局模型梯度密文。
下面对本发明实施例中将每个工作者的各第i+1轮本地模型梯度密文分别进行聚合的实施过程进行描述。其中,基于Step3可以得到每个工作者的各第i+1轮本地模型梯度对应的各第i+1轮本地模型梯度密文;每个第i+1轮本地模型梯度密文可以包括多个第i+1轮梯度密文。
a、生成选取第i+1轮领导者所需的参数。
具体地,可以按照下述方式生成选取第i+1轮领导者所需的参数s i+1,即:
s i+1=H(s i‖i)
b、从K个参与联邦学习的客户端节点中随机选取出百分之N的客户端节点,并将该百分之N的客户端节点组成为第i+1轮聚合委员会,而剩下的客户端节点则作为工作者,用于参与联邦学习模型的训练。示例性地,有100个客户端节点参与某一金融类场景的联 邦学习,从该100个客户端节点中随机选取出15个客户端节点来组成为第i+1轮聚合委员会。再将该100个客户端节点中未被随机选中的85个客户端节点确定为工作者,以用于参与针对某一金融类场景的联邦学习模型的训练。
然后,调用Algorand共识协议中的领导者选择函数Sor(·)和领导者验证函数Ver(·),从所有工作者中选择出一个工作者,作为第i+1轮领导者。
其中,领导者选择函数Sor(·)和领导者验证函数Ver(·)可以表示为:
Sor(SK k,s i+1,τ=1,role="工作者",w k,w total)→<H(·),π,t>
Ver(PK k,H(·),π,s i+1,τ,role="工作者",w k,w total)→t
c、创建一个包含所有工作者交易的新区块。
d、针对每个第i+1轮本地模型梯度密文,第i+1轮聚合委员会验证每个工作者签名的有效性,并记录签名验证成功的工作者的多个第i+1轮梯度密文。
具体地,针对每个第i+1轮本地模型梯度密文,第i+1轮聚合委员会中每个成员都会参与验证各工作者的签名,即,第i+1轮聚合委员会中每个成员都会从区块链上获取各工作者的签名(比如从区块链上获取各工作者针对每个第i+1轮本地模型梯度密文中多个第i+1轮梯度密文的签名),针对各工作者中每个工作者,在确定该工作者的签名验证成功后,会记录并存储该工作者的n个第i+1轮梯度密文。由于是第i+1轮聚合委员会中每个成员都会参与验证各工作者的签名的有效性,因此会采取针对该工作者的签名验证成功的成员数量达到一定要求后,才会确定该工作者的签名的验证是成功的。比如,第i+1轮聚合委员会中15个成员,针对该工作者的签名验证成功的成员数量超过三分之二(即超过10个成员),则确认该工作者的签名的验证是成功的。
或者,也可以从第i+1轮聚合委员会中随机选取出一个代理者或指定一个代理者,用于负责验证各工作者的签名的有效性。或者,也可以从第i+1轮聚合委员会中随机选取出两个代理者或指定两个代理者,用于负责验证各工作者的签名的有效性。在具体实施过程中,本领域技术人员可以依据具体的应用场景进行相应调整,本发明实施例对此并不作限定。
e、针对每个第i+1轮本地模型梯度密文,第i+1轮聚合委员会按照设定的安全聚合规则,对签名验证成功的多个工作者的所有第i+1轮梯度密文进行聚合处理,确定出每个第i+1轮本地模型梯度密文所对应的第i+1轮全局模型梯度密文。
具体地,针对任一第i+1轮本地模型梯度密文,假设签名验证成功的工作者有ρ个。则第i+1轮聚合委员会按照设定的安全聚合规则,对ρ个n类第i+1轮梯度密文中同类的梯度密文进行聚合处理,确定出该第i+1轮本地模型梯度密文所对应的第i+1轮全局模型梯度密文
Figure PCTCN2021131317-appb-000033
其中,该第i+1轮全局模型梯度密文包括n个全局子梯度密文。
全局子梯度密文
Figure PCTCN2021131317-appb-000034
全局子梯度密文
Figure PCTCN2021131317-appb-000035
全局子梯度密文
Figure PCTCN2021131317-appb-000036
…。
其中,
Figure PCTCN2021131317-appb-000037
等为第i轮全局模型梯度密文中的各全局子梯度密文;ρ表示第i+1轮通过签名验证的工作者的数量。
示例性地,针对任一第i+1轮本地模型梯度密文,继续以每个工作者上传至区块链的第i+1轮梯度密文有20个为例,而且签名验证成功的工作者有80个。则第i+1轮聚合委员会按照设定的安全聚合规则,对80个20类第i+1轮梯度密文中同类的梯度密文进行聚合处理,确定出第i+1轮全局模型梯度密文。其中,该第i+1轮全局模型梯度密文包括20个全局子梯度密文。
需要说明的是,除了上述所描述的安全聚合规则,还可以采用其它安全聚合规则(比如Krum聚合方法、修剪均值聚合方法、中值聚合方法等)对ρ个n类第i+1轮梯度密文中同类的梯度密文进行聚合处理。
Step5:对各第i+1轮本地模型梯度密文所对应的第i+1轮全局模型梯度密文进行验证。
下面对本发明实施例中将各第i+1轮本地模型梯度密文所对应的第i+1轮全局模型梯度密文进行验证的实施过程进行描述。
a、第i+1轮聚合委员会通过交易,将各第i+1轮全局模型梯度密文
Figure PCTCN2021131317-appb-000038
发送给智能合约,以触发第i+1轮领导者验证各第i+1轮全局模型梯度密文;
b、针对每个第i+1轮全局模型梯度密文,第i+1轮领导者按照设定的安全聚合规则,重新对签名验证成功的多个工作者的所有第i+1轮梯度密文进行聚合处理,确定出新的第i+1轮全局模型梯度密文
Figure PCTCN2021131317-appb-000039
并确定
Figure PCTCN2021131317-appb-000040
Figure PCTCN2021131317-appb-000041
在数值上是否相等。若确定相等,则将包含所有工作者交易的新区块发送给第i+1轮聚合委员会。若确定不相等,则确认第i+1轮全局模型梯度密文失效。
c、第i+1轮聚合委员会基于包含所有工作者交易的新区块,利用多数投票策略确定第i+1轮领导者处理的交易是否正确。若确定正确,则将奖励发送给第i+1轮领导者,并将正确的各第i+1轮全局模型梯度密文对应的新区块通过智能合约中的添加函数加入到区块链。然后,第i+1轮聚合委员会的全体成员使用gossip协议将各第i+1轮全局模型梯度密文对应的新区块已上传至区块链的消息通知给除自身以外的其它参与联邦学习的客户端节点。示例性地,针对第i+1轮聚合委员会中每个成员,该成员可以使用gossip协议周期性(比如1秒、2秒、5秒等)地将各第i+1轮全局模型梯度密文
Figure PCTCN2021131317-appb-000042
对应的新区块已上传至区块链的消息通知给除自身以外的其它参与联邦学习的客户端节点。
若确定不正确,则将包含所有工作者交易的新区块进行丢弃,并根据货币惩罚机制惩罚领导者,并重新执行Step4至Step5的处理过程。
Step6:确定当前最新区块中的各第i+1轮全局模型梯度密文是否满足联邦学习模型的训练终止条件。
下面对本发明实施例中每个工作者确定当前最新区块中的各第i+1轮全局模型梯度密文是否满足联邦学习模型的训练终止条件的实施过程进行描述。其中,联邦学习模型的训练终止条件为当前最新区块中的每个全局模型梯度与上一轮对应的全局模型梯度的差值小于等于设定阈值。
a、每个工作者通过区块链获取当前最新区块中的各全局模型梯度密文。
b、每个工作者利用自己的私钥sk k,对当前最新区块中的各全局模型梯度密文进行解密,得到解密后的各全局模型梯度。
c、针对当前最新区块中的每个全局模型梯度,每个工作者确定该全局模型梯度与上一轮对应的全局模型梯度的差值是否小于等于设定阈值。若确定该全局模型梯度与上一轮对应的全局模型梯度的差值小于等于设定阈值,则将该全局模型梯度作为目标全局模型梯度。 若确定该全局模型梯度与上一轮对应的全局模型梯度的差值大于设定阈值,则将i+1赋值给i,重新执行Step3至Step6的处理过程。
示例性地,每个工作者通过区块链获取当前最新区块中的第i+1轮全局模型梯度密文,并利用自己的私钥sk k,对当前最新区块中的各第i+1轮全局模型梯度密文进行解密,得到解密后的各第i+1轮全局模型梯度。再针对当前最新区块中的每个全局模型梯度,确定该第i+1轮全局模型梯度与对应的第i轮全局模型梯度的差值是否小于等于设定阈值。若确定该第i+1轮全局模型梯度与对应的第i轮全局模型梯度的差值小于等于设定阈值,则将该第i+1轮全局模型梯度作为目标全局模型梯度,从而得到训练好的联邦学习模型。若确定该第i+1轮全局模型梯度与对应的第i轮全局模型梯度的差值大于设定阈值,则将i+1赋值给i,重新执行Step3至Step6的处理过程,以使各工作者利用解密后的各第i+1轮全局模型梯度进行第i+2轮的联邦学习训练,直至满足联邦学习模型的训练终止条件。
基于相同的技术构思,图4示例性的示出了本发明实施例提供的一种基于区块链的联邦学习装置,该装置可以执行基于区块链的联邦学习方法的流程。
如图4所示,该装置包括:
确定单元401,用于基于本地训练数据对第i轮本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息;所述第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的;
第一处理单元402,用于基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息;按照梯度合并规则,将所述各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息;对所述n类第三子梯度信息分别进行同态加密,得到n类密文,并将所述n类密文发送给所述区块链;所述n类密文用于所述区块链中的聚合节点对第i+1轮联邦学习训练的各第一节点反馈的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文。
可选地,所述第一处理单元402还用于:
在基于本地训练数据对第i轮本地模型进行训练之前,对所述第i轮全局模型梯度信息密文进行同态解密,得到第i轮全局模型梯度信息;
确定所述第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值大于设定阈值。
可选地,所述第一处理单元402具体用于:
基于梯度裁剪算法分别对所述各第一子梯度信息进行裁剪处理,得到裁剪后的各第一子梯度信息;
基于梯度量化算法分别对所述裁剪后的各第一子梯度信息进行量化处理,得到所述各第二子梯度信息。
可选地,所述第一处理单元402具体用于:
针对所述裁剪后的各第一子梯度信息中每个第一子梯度信息,将所述第一子梯度信息与梯度阈值进行比较;所述梯度阈值是根据所述裁剪后的各第一子梯度信息的分布规律确定的;
基于梯度量化规则,根据所述第一子梯度信息与所述梯度阈值的比较结果,确定所述第一子梯度信息对应的第二子梯度信息。
可选地,所述第一处理单元402还用于:
在得到第i+1轮全局模型梯度密文之后,从所述区块链获取所述第i+1轮全局模型梯度密文,并对所述第i+1轮全局模型梯度密文进行同态解密,得到第i+1轮全局模型梯度信息;
若确定所述第i+1轮全局模型梯度信息与所述第i轮全局模型梯度信息的差值小于等于所述设定阈值,则将所述第i+1轮全局模型梯度信息作为目标全局模型梯度信息,从而得到训练好的联邦学习模型。
基于相同的技术构思,图5示例性的示出了本发明实施例提供的另一种基于区块链的联邦学习装置,该装置可以执行基于区块链的联邦学习方法的流程。
如图5所示,该装置包括:
获取单元501,用于从区块链上获取各第一节点发送的各n类密文;第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述聚合节点是所述N个区块链节点中除所述各第一节点以外的其它节点中的任一个;
第二处理单元502,用于对所述各第一节点的各n类密文中同类的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文,并将所述第i+1轮全局模型梯度密文发送给所述区块链;其中,所述n类密文是所述第一节点对n类第三子梯度信息分别进行同态加密得到的;所述n类第三子梯度信息是所述第一节点按照梯度合并规则对各第二子梯度信息中每m个第二子梯度信息进行合并确定的;所述各第二子梯度信息是所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化得到的;所述第i+1轮本地模型梯度信息是所述第一节点基于本地训练数据对第i轮本地模型进行训练确定的;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的。
可选地,所述第二处理单元502具体用于:
对所述各第一节点的签名分别进行验证;
按照设定的聚合规则,对验证成功的至少两个第一节点所对应的至少两个n类密文中同类的密文进行聚合处理。
可选地,所述第二处理单元502还用于:
在将所述第i+1轮全局模型梯度密文发送给所述区块链之后,接收代理节点发送的全局模型梯度密文验证通过消息;所述代理节点是基于代理节点选取规则从所述各第一节点中选取的;所述全局模型梯度密文验证通过消息是所述代理节点在确定所述第i+1轮全局模型梯度密文与自己基于设定的聚合规则所确定的第i+1轮全局模型梯度密文一致时生成的;
若确定所述代理节点针对第i+1轮全局模型梯度密文的验证符合设定要求,则将所述第i+1轮全局模型梯度密文对应的新区块添加至所述区块链。
基于相同的技术构思,本发明实施例还提供了一种计算设备,如图6所示,包括至少一个处理器601,以及与至少一个处理器连接的存储器602,本发明实施例中不限定处理器601与存储器602之间的具体连接介质,图6中处理器601和存储器602之间通过总线连接为例。总线可以分为地址总线、数据总线、控制总线等。
在本发明实施例中,存储器602存储有可被至少一个处理器601执行的指令,至少一个处理器601通过执行存储器602存储的指令,可以执行前述的基于区块链的联邦学习方法中所包括的步骤。
其中,处理器601是计算设备的控制中心,可以利用各种接口和线路连接计算设备的各个部分,通过运行或执行存储在存储器602内的指令以及调用存储在存储器602内的数据,从而实现数据处理。可选的,处理器601可包括一个或多个处理单元,处理器601可集成应用处理器和调制解调处理器,其中,应用处理器主要处理操作系统、用户界面和应用程序等,调制解调处理器主要处理下发指令。可以理解的是,上述调制解调处理器也可以不集成到处理器601中。在一些实施例中,处理器601和存储器602可以在同一芯片上实现,在一些实施例中,它们也可以在独立的芯片上分别实现。
处理器601可以是通用处理器,例如中央处理器(CPU)、数字信号处理器、专用集成电路(Application Specific Integrated Circuit,ASIC)、现场可编程门阵列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件,可以实现或者执行本发明实施例中公开的各方法、步骤及逻辑框图。通用处理器可以是微处理器或者任何常规的处理器等。结合基于区块链的联邦学习方法实施例所公开的方法的步骤可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。
存储器602作为一种非易失性计算机可读存储介质,可用于存储非易失性软件程序、非易失性计算机可执行程序以及模块。存储器602可以包括至少一种类型的存储介质,例如可以包括闪存、硬盘、多媒体卡、卡型存储器、随机访问存储器(Random Access Memory,RAM)、静态随机访问存储器(Static Random Access Memory,SRAM)、可编程只读存储器(Programmable Read Only Memory,PROM)、只读存储器(Read Only Memory,ROM)、带电可擦除可编程只读存储器(Electrically Erasable Programmable Read-Only Memory,EEPROM)、磁性存储器、磁盘、光盘等等。存储器602是能够用于携带或存储具有指令或数据结构形式的期望的程序代码并能够由计算机存取的任何其他介质,但不限于此。本发明实施例中的存储器602还可以是电路或者其它任意能够实现存储功能的装置,用于存储程序指令和/或数据。
基于相同的技术构思,本发明实施例还提供了一种计算机可读存储介质,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行上述基于区块链的联邦学习方法的步骤。
本领域内的技术人员应明白,本发明的实施例可提供为方法、系统、或计算机程序产品。因此,本发明可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且,本发明可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。
本发明是参照根据本发明的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器,使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。
显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本发明也意图包含这些改动和变型在内。

Claims (12)

  1. 一种基于区块链的联邦学习方法,其特征在于,包括:
    第一节点基于本地训练数据对第i轮本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息;所述第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的;
    所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息;
    所述第一节点按照梯度合并规则,将所述各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息;
    所述第一节点对所述n类第三子梯度信息分别进行同态加密,得到n类密文,并将所述n类密文发送给所述区块链;所述n类密文用于所述区块链中的聚合节点对第i+1轮联邦学习训练的各第一节点反馈的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文。
  2. 如权利要求1所述的方法,其特征在于,在所述第一节点基于本地训练数据对第i轮本地模型进行训练之前,还包括:
    所述第一节点对所述第i轮全局模型梯度信息密文进行同态解密,得到第i轮全局模型梯度信息;
    所述第一节点确定所述第i轮全局模型梯度信息与第i-1轮全局模型梯度信息的差值大于设定阈值。
  3. 如权利要求1所述的方法,其特征在于,所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息,包括:
    所述第一节点基于梯度裁剪算法分别对所述各第一子梯度信息进行裁剪处理,得到裁剪后的各第一子梯度信息;
    所述第一节点基于梯度量化算法分别对所述裁剪后的各第一子梯度信息进行量化处理,得到所述各第二子梯度信息。
  4. 如权利要求3所述的方法,其特征在于,所述第一节点基于梯度量化算法分别对所述裁剪后的各第一子梯度信息进行量化处理,得到所述各第二子梯度信息,包括:
    针对所述裁剪后的各第一子梯度信息中每个第一子梯度信息,所述第一节点将所述第一子梯度信息与梯度阈值进行比较;所述梯度阈值是根据所述裁剪后的各第一子梯度信息的分布规律确定的;
    所述第一节点基于梯度量化规则,根据所述第一子梯度信息与所述梯度阈值的比较结果,确定所述第一子梯度信息对应的第二子梯度信息。
  5. 如权利要求2所述的方法,其特征在于,在得到第i+1轮全局模型梯度密文之后,还包括:
    所述第一节点从所述区块链获取所述第i+1轮全局模型梯度密文,并对所述第i+1轮全局模型梯度密文进行同态解密,得到第i+1轮全局模型梯度信息;
    所述第一节点若确定所述第i+1轮全局模型梯度信息与所述第i轮全局模型梯度信息的差值小于等于所述设定阈值,则将所述第i+1轮全局模型梯度信息作为目标全局模型梯 度信息,从而得到训练好的联邦学习模型。
  6. 一种基于区块链的联邦学习方法,其特征在于,包括:
    聚合节点从区块链上获取各第一节点发送的各n类密文;第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述聚合节点是所述N个区块链节点中除所述各第一节点以外的其它节点中的任一个;
    所述聚合节点对所述各第一节点的各n类密文中同类的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文,并将所述第i+1轮全局模型梯度密文发送给所述区块链;
    其中,所述n类密文是所述第一节点对n类第三子梯度信息分别进行同态加密得到的;所述n类第三子梯度信息是所述第一节点按照梯度合并规则对各第二子梯度信息中每m个第二子梯度信息进行合并确定的;所述各第二子梯度信息是所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化得到的;所述第i+1轮本地模型梯度信息是所述第一节点基于本地训练数据对第i轮本地模型进行训练确定的;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的。
  7. 如权利要求6所述的方法,其特征在于,所述聚合节点对所述各第一节点的n类密文中同类的密文进行聚合处理,包括:
    所述聚合节点对所述各第一节点的签名分别进行验证;
    所述聚合节点按照设定的聚合规则,对验证成功的至少两个第一节点所对应的至少两个n类密文中同类的密文进行聚合处理。
  8. 如权利要求6所述的方法,其特征在于,在将所述第i+1轮全局模型梯度密文发送给所述区块链之后,还包括:
    所述聚合节点接收代理节点发送的全局模型梯度密文验证通过消息;所述代理节点是基于代理节点选取规则从所述各第一节点中选取的;所述全局模型梯度密文验证通过消息是所述代理节点在确定所述第i+1轮全局模型梯度密文与自己基于设定的聚合规则所确定的第i+1轮全局模型梯度密文一致时生成的;
    所述聚合节点若确定所述代理节点针对第i+1轮全局模型梯度密文的验证符合设定要求,则将所述第i+1轮全局模型梯度密文对应的新区块添加至所述区块链。
  9. 一种基于区块链的联邦学习装置,其特征在于,包括:
    确定单元,用于基于本地训练数据对第i轮本地模型进行训练,确定出训练后的第i+1轮本地模型梯度信息;所述第一节点是从N个区块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的;
    第一处理单元,用于基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化,得到各第二子梯度信息;按照梯度合并规则,将所述各第二子梯度信息中每m个第二子梯度信息进行合并,得到n类第三子梯度信息;对所述n类第三子梯度信息分别进行同态加密,得到n类密文,并将所述n类密文发送给所述区块链;所述n类密文用于所述区块链中的聚合节点对第i+1轮联邦学习训练的各第一节点反馈的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文。
  10. 一种基于区块链的联邦学习装置,其特征在于,包括:
    获取单元,用于从区块链上获取各第一节点发送的各n类密文;第一节点是从N个区 块链节点中选取的用于参与第i+1轮联邦学习训练的节点;所述聚合节点是所述N个区块链节点中除所述各第一节点以外的其它节点中的任一个;
    第二处理单元,用于对所述各第一节点的各n类密文中同类的密文进行聚合处理,从而得到第i+1轮全局模型梯度密文,并将所述第i+1轮全局模型梯度密文发送给所述区块链;其中,所述n类密文是所述第一节点对n类第三子梯度信息分别进行同态加密得到的;所述n类第三子梯度信息是所述第一节点按照梯度合并规则对各第二子梯度信息中每m个第二子梯度信息进行合并确定的;所述各第二子梯度信息是所述第一节点基于梯度裁剪量化规则对所述第i+1轮本地模型梯度信息中的各第一子梯度信息分别进行裁剪量化得到的;所述第i+1轮本地模型梯度信息是所述第一节点基于本地训练数据对第i轮本地模型进行训练确定的;所述第i轮本地模型是基于所述第一节点从区块链上获取的第i轮全局模型梯度密文得到的。
  11. 一种计算设备,其特征在于,包括至少一个处理器以及至少一个存储器,其中,所述存储器存储有计算机程序,当所述程序被所述处理器执行时,使得所述处理器执行权利要求1至8任一权利要求所述的方法。
  12. 一种计算机可读存储介质,其特征在于,其存储有可由计算设备执行的计算机程序,当所述程序在所述计算设备上运行时,使得所述计算设备执行权利要求1至8任一权利要求所述的方法。
PCT/CN2021/131317 2021-04-14 2021-11-17 一种基于区块链的联邦学习方法及装置 WO2022217914A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202110398076.4A CN113095510B (zh) 2021-04-14 2021-04-14 一种基于区块链的联邦学习方法及装置
CN202110398076.4 2021-04-14

Publications (1)

Publication Number Publication Date
WO2022217914A1 true WO2022217914A1 (zh) 2022-10-20

Family

ID=76677087

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/131317 WO2022217914A1 (zh) 2021-04-14 2021-11-17 一种基于区块链的联邦学习方法及装置

Country Status (2)

Country Link
CN (1) CN113095510B (zh)
WO (1) WO2022217914A1 (zh)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115580496A (zh) * 2022-12-09 2023-01-06 北京融数联智科技有限公司 无需第三方的隐私计算下逻辑回归训练方法、系统及装置
CN115660114A (zh) * 2022-11-11 2023-01-31 湖北文理学院 基于区块链的异步联邦学习架构系统及方法
CN117938355A (zh) * 2024-03-21 2024-04-26 中国信息通信研究院 一种基于区块链的联合预测方法、介质及设备
CN118282610A (zh) * 2024-05-31 2024-07-02 南京邮电大学 一种算力网络隐私保护联邦学习方法、装置及存储介质
CN118368053A (zh) * 2024-06-17 2024-07-19 山东大学 一种基于分片区块链的链上链下协同安全计算方法及系统

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113095510B (zh) * 2021-04-14 2024-03-01 深圳前海微众银行股份有限公司 一种基于区块链的联邦学习方法及装置
CN113762528A (zh) * 2021-09-10 2021-12-07 北京航空航天大学 一种基于区块链的联邦信用评估方法
CN113543120B (zh) * 2021-09-17 2021-11-23 百融云创科技股份有限公司 一种基于联邦学习的移动终端信用反欺诈预估方法及系统
CN114143311B (zh) * 2021-11-03 2023-04-07 深圳前海微众银行股份有限公司 一种基于区块链的隐私保护方案聚合方法及装置
CN114338045B (zh) * 2022-01-14 2023-06-23 中国人民解放军战略支援部队信息工程大学 基于区块链和联邦学习的情报数据安全共享方法及系统
WO2024036615A1 (en) * 2022-08-19 2024-02-22 Qualcomm Incorporated Methods for discovery and signaling procedure for network-assisted clustered federated learning
CN115766295A (zh) * 2023-01-05 2023-03-07 成都墨甲信息科技有限公司 工业互联网数据安全传输方法、装置、设备及介质
CN116502732B (zh) * 2023-06-29 2023-10-20 杭州金智塔科技有限公司 基于可信执行环境的联邦学习方法以及系统
CN118468344A (zh) * 2024-07-10 2024-08-09 中电科大数据研究院有限公司 提升联邦学习隐私安全的方法及系统

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109951438A (zh) * 2019-01-15 2019-06-28 中国科学院信息工程研究所 一种分布式深度学习的通信优化方法及系统
CN111401552A (zh) * 2020-03-11 2020-07-10 浙江大学 一种基于调整批量大小与梯度压缩率的联邦学习方法和系统
US20200380356A1 (en) * 2017-02-23 2020-12-03 Sony Corporation Information processing apparatus, information processing method, and program
CN112235384A (zh) * 2020-10-09 2021-01-15 腾讯科技(深圳)有限公司 分布式系统中的数据传输方法、装置、设备及存储介质
CN112288097A (zh) * 2020-10-29 2021-01-29 平安科技(深圳)有限公司 联邦学习数据处理方法、装置、计算机设备及存储介质
CN113095510A (zh) * 2021-04-14 2021-07-09 深圳前海微众银行股份有限公司 一种基于区块链的联邦学习方法及装置

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109740755B (zh) * 2019-01-08 2023-07-18 深圳市网心科技有限公司 一种基于梯度下降法的数据处理方法及相关装置
CN111552986B (zh) * 2020-07-10 2020-11-13 鹏城实验室 基于区块链的联邦建模方法、装置、设备及存储介质
CN112446040A (zh) * 2020-11-24 2021-03-05 平安科技(深圳)有限公司 基于选择性梯度更新的联邦建模方法及相关设备

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200380356A1 (en) * 2017-02-23 2020-12-03 Sony Corporation Information processing apparatus, information processing method, and program
CN109951438A (zh) * 2019-01-15 2019-06-28 中国科学院信息工程研究所 一种分布式深度学习的通信优化方法及系统
CN111401552A (zh) * 2020-03-11 2020-07-10 浙江大学 一种基于调整批量大小与梯度压缩率的联邦学习方法和系统
CN112235384A (zh) * 2020-10-09 2021-01-15 腾讯科技(深圳)有限公司 分布式系统中的数据传输方法、装置、设备及存储介质
CN112288097A (zh) * 2020-10-29 2021-01-29 平安科技(深圳)有限公司 联邦学习数据处理方法、装置、计算机设备及存储介质
CN113095510A (zh) * 2021-04-14 2021-07-09 深圳前海微众银行股份有限公司 一种基于区块链的联邦学习方法及装置

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115660114A (zh) * 2022-11-11 2023-01-31 湖北文理学院 基于区块链的异步联邦学习架构系统及方法
CN115580496A (zh) * 2022-12-09 2023-01-06 北京融数联智科技有限公司 无需第三方的隐私计算下逻辑回归训练方法、系统及装置
CN117938355A (zh) * 2024-03-21 2024-04-26 中国信息通信研究院 一种基于区块链的联合预测方法、介质及设备
CN118282610A (zh) * 2024-05-31 2024-07-02 南京邮电大学 一种算力网络隐私保护联邦学习方法、装置及存储介质
CN118368053A (zh) * 2024-06-17 2024-07-19 山东大学 一种基于分片区块链的链上链下协同安全计算方法及系统

Also Published As

Publication number Publication date
CN113095510B (zh) 2024-03-01
CN113095510A (zh) 2021-07-09

Similar Documents

Publication Publication Date Title
WO2022217914A1 (zh) 一种基于区块链的联邦学习方法及装置
Xu et al. VerifyNet: Secure and verifiable federated learning
Yun et al. DQN-based optimization framework for secure sharded blockchain systems
CN114521319B (zh) 具有均匀秘密的基于格的签名
CN112580821A (zh) 一种联邦学习方法、装置、设备及存储介质
CN112182644A (zh) 一种数据处理方法、装置和电子设备
Au et al. PERM: Practical reputation-based blacklisting without TTPs
CN114143311B (zh) 一种基于区块链的隐私保护方案聚合方法及装置
CN111080296B (zh) 一种基于区块链系统的验证方法及装置
US12003650B2 (en) Data communication between a group of users
Tran et al. An efficient privacy-enhancing cross-silo federated learning and applications for false data injection attack detection in smart grids
JP2023547156A (ja) サービス拒否攻撃の識別
CN116049897A (zh) 基于线性同态哈希和签密的可验证隐私保护联邦学习方法
Hadian Dehkordi et al. A lightweight public verifiable multi secret sharing scheme using short integer solution
US9735963B2 (en) Decryption service providing device, processing device, safety evaluation device, program, and recording medium
CN114760023A (zh) 基于联邦学习的模型训练方法、装置及存储介质
Dolev et al. SodsBC: a post-quantum by design asynchronous blockchain framework
US20240121109A1 (en) Digital signatures
US20230163977A1 (en) Digital signatures
Borse et al. A review of blockchain consensus algorithm
Hsueh et al. EPoW: Solving blockchain problems economically
US11811866B2 (en) Computer-implemented system and method for controlling processing steps of a distributed system
Shayan Biscotti-a ledger for private and secure peer to peer machine learning
Rane et al. Privacy, efficiency & fault tolerance in aggregate computations on massive star networks
GB2577383A (en) Method and device for obtaining a proof of work in a computer network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21936780

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

32PN Ep: public notification in the ep bulletin as address of the adressee cannot be established

Free format text: NOTING OF LOSS OF RIGHTS PURSUANT TO RULE 112(1) EPC (EPO FORM 1205A DATED 140224)

122 Ep: pct application non-entry in european phase

Ref document number: 21936780

Country of ref document: EP

Kind code of ref document: A1