Sanitizer: Blazing-fast, private, and robust federated learning
Publication Type
Journal Article
Publication Date
1-2026
Abstract
Recently, private and robust federated learning (FL) schemes have been proposed to address privacy inference and Byzantine attacks simultaneously. However, existing schemes are inefficient in private and robust aggregation protocols due to the employment of heavy cryptographic techniques. To approach the above problem, we propose Sanitizer, an efficient, private, and robust FL framework. Specifically, we first design a Byzantine-robust defense for communication-efficient sign-based FL. We further propose a customized private and robust aggregation scheme built on our Byzantine-robust defense for FL. The core of our construction is two new efficient protocols, i.e., high-dimensional boolean summation and weighted boolean majority vote, which serve as the main building blocks of Sanitizer. Extensive evaluations on real-world datasets demonstrate that Sanitizer is blazing fast, achieving 19 ∼ 23× less runtime compared to the state-of-the-art. Meanwhile, Sanitizer achieves the same accuracy as the plaintext and superior Byzantine robustness against various classic attacks.
Keywords
Byzantine robustness, Federated learning, privacy protection, secure multi-party computation
Discipline
Information Security
Publication
IEEE Transactions on Information Forensics and Security
Volume
21
First Page
4755
Last Page
4768
ISSN
1556-6013
Identifier
10.1109/TIFS.2026.3688131
Publisher
Institute of Electrical and Electronics Engineers
Citation
Chen, Hanxiao; Li, Hongwei; HAO, Meng; Hu, Jia; Ren, Hao; Yang, Haomiao; Zhang, Tianwei; and Xu, Guowen.
Sanitizer: Blazing-fast, private, and robust federated learning. (2026). IEEE Transactions on Information Forensics and Security. 21, 4755-4768.
Available at: https://ink.library.smu.edu.sg/sis_research/11111
Additional URL
https://doi.org/10.1109/TIFS.2026.3688131