-
Topology-Based Reconstruction Prevention for Decentralised Learning
Authors:
Florine W. Dekker,
Zekeriya Erkin,
Mauro Conti
Abstract:
Decentralised learning has recently gained traction as an alternative to federated learning in which both data and coordination are distributed over its users. To preserve data confidentiality, decentralised learning relies on differential privacy, multi-party computation, or a combination thereof. However, running multiple privacy-preserving summations in sequence may allow adversaries to perform…
▽ More
Decentralised learning has recently gained traction as an alternative to federated learning in which both data and coordination are distributed over its users. To preserve data confidentiality, decentralised learning relies on differential privacy, multi-party computation, or a combination thereof. However, running multiple privacy-preserving summations in sequence may allow adversaries to perform reconstruction attacks. Unfortunately, current reconstruction countermeasures either cannot trivially be adapted to the distributed setting, or add excessive amounts of noise.
In this work, we first show that passive honest-but-curious adversaries can infer other users' private data after several privacy-preserving summations. For example, in subgraphs with 18 users, we show that only three passive honest-but-curious adversaries succeed at reconstructing private data 11.0% of the time, requiring an average of 8.8 summations per adversary. The success rate depends only on the adversaries' direct neighbourhood, independent of the size of the full network. We consider weak adversaries, who do not control the graph topology and can exploit neither the inner workings of the summation protocol nor the specifics of users' data.
We develop a mathematical understanding of how reconstruction relates to topology and propose the first topology-based decentralised defence against reconstruction attacks. Specifically, we show that reconstruction requires a number of adversaries linear in the length of the network's shortest cycle. Consequently, reconstructing private data from privacy-preserving summations is impossible in acyclic networks.
Our work is a step** stone for a formal theory of topology-based reconstruction defences. Such a theory would generalise our countermeasure beyond summation, define confidentiality in terms of entropy, and describe the effects of differential privacy.
△ Less
Submitted 29 February, 2024; v1 submitted 8 December, 2023;
originally announced December 2023.
-
Differentially-Private Decision Trees and Provable Robustness to Data Poisoning
Authors:
Daniël Vos,
Jelle Vos,
Tianyu Li,
Zekeriya Erkin,
Sicco Verwer
Abstract:
Decision trees are interpretable models that are well-suited to non-linear learning problems. Much work has been done on extending decision tree learning algorithms with differential privacy, a system that guarantees the privacy of samples within the training data. However, current state-of-the-art algorithms for this purpose sacrifice much utility for a small privacy benefit. These solutions crea…
▽ More
Decision trees are interpretable models that are well-suited to non-linear learning problems. Much work has been done on extending decision tree learning algorithms with differential privacy, a system that guarantees the privacy of samples within the training data. However, current state-of-the-art algorithms for this purpose sacrifice much utility for a small privacy benefit. These solutions create random decision nodes that reduce decision tree accuracy or spend an excessive share of the privacy budget on labeling leaves. Moreover, many works do not support continuous features or leak information about them. We propose a new method called PrivaTree based on private histograms that chooses good splits while consuming a small privacy budget. The resulting trees provide a significantly better privacy-utility trade-off and accept mixed numerical and categorical data without leaking information about numerical features. Finally, while it is notoriously hard to give robustness guarantees against data poisoning attacks, we demonstrate bounds for the expected accuracy and success rates of backdoor attacks against differentially-private learners. By leveraging the better privacy-utility trade-off of PrivaTree we are able to train decision trees with significantly better robustness against backdoor attacks compared to regular decision trees and with meaningful theoretical guarantees.
△ Less
Submitted 12 October, 2023; v1 submitted 24 May, 2023;
originally announced May 2023.
-
How to profit from payments channels
Authors:
Oguzhan Ersoy,
Stefanie Roos,
Zekeriya Erkin
Abstract:
Payment channel networks like Bitcoin's Lightning network are an auspicious approach for realizing high transaction throughput and almost-instant confirmations in blockchain networks. However, the ability to successfully make payments in such networks relies on the willingness of participants to lock collateral in the network. In Lightning, the key financial incentive is to lock collateral are sma…
▽ More
Payment channel networks like Bitcoin's Lightning network are an auspicious approach for realizing high transaction throughput and almost-instant confirmations in blockchain networks. However, the ability to successfully make payments in such networks relies on the willingness of participants to lock collateral in the network. In Lightning, the key financial incentive is to lock collateral are small fees for routing payments for other participants. While users can choose these fees, currently, they mainly stick to the default fees. By providing insights on beneficial choices for fees, we aim to incentivize users to lock more collateral and improve the effectiveness of the network.
In this paper, we consider a node $\mathbf{A}$ that given the network topology and the channel details selects where to establish channels and how much fee to charge such that its financial gain is maximized. We formalize the optimization problem and show that it is NP-hard. We design a greedy algorithm to approximate the optimal solution. In each step, our greedy algorithm selects a node which maximizes the total reward concerning the number of shortest paths passing through $\mathbf{A}$ and channel fees. Our simulation study leverages real-world data set to quantify the impact of our gain optimization and indicates that our strategy is at least a factor two better than other strategies.
△ Less
Submitted 25 November, 2019; v1 submitted 20 November, 2019;
originally announced November 2019.
-
VAPOR: a Value-Centric Blockchain that is Scale-out, Decentralized, and Flexible by Design
Authors:
Zhijie Ren,
Zekeriya Erkin
Abstract:
Blockchains is a special type of distributed systems that operates in unsafe networks. In most blockchains, all nodes should reach consensus on all state transitions with Byzantine fault tolerant algorithms, which creates bottlenecks in performance. In this paper, we propose a new type of blockchains, namely Value-Centric Blockchains (VCBs), in which the states are specified as values (or more com…
▽ More
Blockchains is a special type of distributed systems that operates in unsafe networks. In most blockchains, all nodes should reach consensus on all state transitions with Byzantine fault tolerant algorithms, which creates bottlenecks in performance. In this paper, we propose a new type of blockchains, namely Value-Centric Blockchains (VCBs), in which the states are specified as values (or more comprehensively, coins) with owners and the state transition records are then specified as proofs of the ownerships of individual values. We then formalize the "rational" assumptions that have been used in most blockchains. We further propose a VCB, VAPOR, that guarantees secure value transfers if all nodes are rational and keep the proofs of the values they owned, which is merely parts of the whole state transition record. As a result, we show that VAPOR enjoys significant benefits in throughput, decentralization, and flexibility without compromising security.
△ Less
Submitted 14 December, 2018; v1 submitted 30 October, 2018;
originally announced October 2018.
-
DEFenD: A Secure and Privacy-Preserving Decentralized System for Freight Declaration
Authors:
Daniël Vos,
Leon Overweel,
Wouter Raateland,
Jelle Vos,
Matthijs Bijman,
Max Pigmans,
Zekeriya Erkin
Abstract:
Millions of ship** containers filled with goods move around the world every day. Before such a container may enter a trade bloc, the customs agency of the goods' destination country must ensure that it does not contain illegal or mislabeled goods. Due to the high volume of containers, customs agencies make a selection of containers to audit through a risk analysis procedure. Customs agencies per…
▽ More
Millions of ship** containers filled with goods move around the world every day. Before such a container may enter a trade bloc, the customs agency of the goods' destination country must ensure that it does not contain illegal or mislabeled goods. Due to the high volume of containers, customs agencies make a selection of containers to audit through a risk analysis procedure. Customs agencies perform risk analysis using data sourced from a centralized system that is potentially vulnerable to manipulation and malpractice. Therefore we propose an alternative: DEFenD, a decentralized system that stores data about goods and containers in a secure and privacy-preserving manner. In our system, economic operators make claims to the network about goods they insert into or remove from containers, and encrypt these claims so that they can only be read by the destination country's customs agency. Economic operators also make unencrypted claims about containers with which they interact. Unencrypted claims can be validated by the entire network of customs agencies. Our key contribution is a data partitioning scheme and several protocols that enable such a system to utilize blockchain and its powerful validation principle, while also preserving the privacy of the involved economic operators. Using our protocol, customs agencies can improve their risk analysis and economic operators can get through customs with less delay. We also present a reference implementation built with Hyperledger Fabric and analyze to what extent our implementation meets the requirements in terms of privacy-preservation, security, scalability, and decentralization.
△ Less
Submitted 25 March, 2018;
originally announced March 2018.
-
A Scale-out Blockchain for Value Transfer with Spontaneous Sharding
Authors:
Zhijie Ren,
Kelong Cong,
Taico V. Aerts,
Bart A. P. de Jonge,
Alejandro F. Morais,
Zekeriya Erkin
Abstract:
Bitcoin, as well as many of its successors, require the whole transaction record to be reliably acquired by all nodes to prevent double-spending. Recently, many blockchains have been proposed to achieve scale-out throughput by letting nodes only acquire a fraction of the whole transaction set. However, these schemes, e.g., sharding and off-chain techniques, suffer from a degradation in decentraliz…
▽ More
Bitcoin, as well as many of its successors, require the whole transaction record to be reliably acquired by all nodes to prevent double-spending. Recently, many blockchains have been proposed to achieve scale-out throughput by letting nodes only acquire a fraction of the whole transaction set. However, these schemes, e.g., sharding and off-chain techniques, suffer from a degradation in decentralization or the capacity of fault tolerance.
In this paper, we show that the complete set of transactions is not a necessity for the prevention of double-spending if the properties of value transfers is fully explored. In other words, we show that a value-transfer ledger like Bitcoin has the potential to scale-out by its nature without sacrificing security or decentralization. Firstly, we give a formal definition for the value-transfer ledger and its distinct features from a generic database. Then, we introduce an off-chain based scheme with a shared main chain for consensus and an individual chain for each node for recording transactions. A locally executable validation scheme is proposed with uncompromising validity and consistency. A beneficial consequence of our design is that nodes will spontaneously try to reduce their transmission cost by only providing the transactions needed to show that their transactions are double-spending-proof. As a result, the network is sharded as each node only acquires part of the transaction record and a scale-out throughput could be achieved, which we call "spontaneous sharding".
△ Less
Submitted 17 May, 2018; v1 submitted 8 January, 2018;
originally announced January 2018.
-
Transaction Propagation on Permissionless Blockchains: Incentive and Routing Mechanisms
Authors:
Oguzhan Ersoy,
Zhijie Ren,
Zekeriya Erkin,
Reginald L. Lagendijk
Abstract:
Existing permissionless blockchain solutions rely on peer-to-peer propagation mechanisms, where nodes in a network transfer transaction they received to their neighbors. Unfortunately, there is no explicit incentive for such transaction propagation. Therefore, existing propagation mechanisms will not be sustainable in a fully decentralized blockchain with rational nodes. In this work, we formally…
▽ More
Existing permissionless blockchain solutions rely on peer-to-peer propagation mechanisms, where nodes in a network transfer transaction they received to their neighbors. Unfortunately, there is no explicit incentive for such transaction propagation. Therefore, existing propagation mechanisms will not be sustainable in a fully decentralized blockchain with rational nodes. In this work, we formally define the problem of incentivizing nodes for transaction propagation. We propose an incentive mechanism where each node involved in the propagation of a transaction receives a share of the transaction fee. We also show that our proposal is Sybil-proof. Furthermore, we combine the incentive mechanism with smart routing to reduce the communication and storage costs at the same time. The proposed routing mechanism reduces the redundant transaction propagation from the size of the network to a factor of average shortest path length. The routing mechanism is built upon a specific type of consensus protocol where the round leader who creates the transaction block is known in advance. Note that our routing mechanism is a generic one and can be adopted independently from the incentive mechanism.
△ Less
Submitted 14 June, 2018; v1 submitted 20 December, 2017;
originally announced December 2017.
-
Implicit Consensus: Blockchain with Unbounded Throughput
Authors:
Zhijie Ren,
Kelong Cong,
Johan Pouwelse,
Zekeriya Erkin
Abstract:
Recently, the blockchain technique was put in the spotlight as it introduced a systematic approach for multiple parties to reach consensus without needing trust. However, the application of this technique in practice is severely restricted due to its limitations in throughput. In this paper, we propose a novel consensus model, namely the implicit consensus, with a distinctive blockchain-based dist…
▽ More
Recently, the blockchain technique was put in the spotlight as it introduced a systematic approach for multiple parties to reach consensus without needing trust. However, the application of this technique in practice is severely restricted due to its limitations in throughput. In this paper, we propose a novel consensus model, namely the implicit consensus, with a distinctive blockchain-based distributed ledger in which each node holds its individual blockchain. In our system, the consensus is not on the transactions, but on a special type of blocks called Check Points that are used to validate individual transactions. Our system exploits the ideas of self-interest and spontaneous sharding and achieves unbounded throughput with the transaction reliability that equivalent to traditional Byzantine fault tolerance schemes.
△ Less
Submitted 14 July, 2017; v1 submitted 31 May, 2017;
originally announced May 2017.