Abstract
With the exponential growth of data at edge environments, federated learning has emerged. Nevertheless, it encounters persistent challenges in defending against malicious attacks, such as inference attacks and reconstruction attacks. In this paper, we enhance the security of federated learning by integrating cryptographic primitives, including Elliptic Curve Cryptography (ECC) and homomorphic encryption, with cloud federation to protect private user data from being inferred by adversaries using localized models. Specifically, we employ two cloud service providers (CSPs) to manage encrypted model aggregation and global model decryption services separately, which ensures robust privacy protection and provides a strong solution for safeguarding sensitive information. ECC is utilized to encrypt the private key used in homomorphic encryption. Additionally, we partition the ECC private key into multiple sub-secrets and distribute them among the clients to defend against collusion attacks during the decryption process of the global model. Furthermore, we harness the gradient offset between local and global models to design an optimized objective function tailored for clients handling non-Independent and Identically Distributed (non-IID) and unbalanced distributed datasets. Our experimental results show that our method improves accuracy by 1.5% over the baseline, while also ensuring robust privacy protection.