LOADING

VFEFL : Privacy-preserving federated learning against malicious clients via verifiable functional encryption

Cai, Nina and Han, Jinguang and Meng, Weizhi (2026) VFEFL : Privacy-preserving federated learning against malicious clients via verifiable functional encryption. Journal of Information Security and Applications, 98: 104415. ISSN 2214-2126

[thumbnail of JISAS-D-25-03845_R1]
Text (JISAS-D-25-03845_R1)
JISAS-D-25-03845_R1.pdf - Accepted Version
Available under License Creative Commons Attribution.
Download (1MB)

Abstract

Federated learning is a promising distributed learning paradigm that enables collaborative model training without exposing local client data, thereby protecting data privacy. However, it also brings new threats and challenges. The advancement of model inversion attacks has rendered the plaintext transmission of local models insecure, while the distributed nature of federated learning makes it particularly vulnerable to attacks raised by malicious clients. To protect data privacy and prevent malicious client attacks, this paper proposes a privacy-preserving Federated Learning framework based on Verifiable Functional Encryption (VFEFL), without a non-colluding dual-server assumption or additional trusted third-party. Specifically, we propose a novel Cross-Ciphertext Decentralized Verifiable Functional Encryption (CC-DVFE) scheme that enables the verification of specific relationships over multi-dimensional ciphertexts. This scheme is formally treated, in terms of definition, security model and security proof. Furthermore, based on the proposed CC-DVFE scheme, we design a privacy-preserving federated learning framework that incorporates a novel robust aggregation rule to detect malicious clients, enabling the effective training of high-accuracy models under adversarial settings. Finally, we provide the formal analysis and empirical evaluation of VFEFL. The results demonstrate that our approach achieves the desired privacy protection, robustness, verifiability and fidelity, while eliminating the reliance on non-colluding dual-server assumption or trusted third parties required by most existing methods.

Item Type:
Journal Article
Journal or Publication Title:
Journal of Information Security and Applications
Uncontrolled Keywords:
Research Output Funding/no_not_funded
Subjects:
?? no - not funded ??
Departments:
Faculty of Science and Technology > School of Computing & Communications
ID Code:
236147
Deposited By:
ep_importer_pure
Deposited On:
20 Mar 2026 14:35
Refereed?:
Yes
Published?:
Published
Last Modified:
20 Mar 2026 23:20
URI:
https://eprints.lancs.ac.uk/id/eprint/236147