Private Tensor Freezing for an Efficient Federated Learning with Homomorphic Encryption

Federated Learning (FL) is a privacy-preserving machine learning strategy where distributed clients share updates of locally trained models with a central server. The server aggregates those updates to refine a global version of the model without accessing the clients' data. Even if the raw data never leaves clients, adversarial attacks on the server side can still extract sensitive information from the transmitted model updates. Homomorphic Encryption (HE) offers a robust solution to this privacy concern: clients send encrypted model updates to the server; the server operates the aggregation of the received updates without having to decrypt. Unfortunately, HE leads to a substantial computational and communication overhead on both the client and the server side, preventing the adoption in practical, real-life applications. In this work, we introduce a training option to mitigate this problem by promoting Private Tensor Freezing (PTF), a progressive and secure gating scheme by which the number of model tensors involved in the training and synchronization stages gradually reduces over time, alleviating (i) the pressure of HE encryption/decryption on the client side, (ii) the communication volumes from/to the server, and (iii) the computing complexity of the aggregation stage on the server side. Experiments on four image classification benchmarks trained within a state-of-the-art FL framework secured with CKKS encryption reveal the effectiveness of PTF: up to 37.4% in data volume reduction, 35.5% less compute time on the client side, and 36.4% less compute time on the server side.