Federated learning (FL) for distributed network intrusion detection systems (NIDS) faces significant privacy risks, particularly from reconstruction attacks that can recover raw training data from model updates. Method: This work introduces multi-input functional encryption (MIFE) into FL-NIDS for the first time, enabling end-to-end privacy protection of edge-node raw data. We design a privacy-enhancing training mechanism integrating MIFE with FL and systematically compare the impact of classical cryptographic schemes versus post-quantum alternatives—specifically CRYSTALS-Kyber—on model convergence. Additionally, we propose a three-dimensional evaluation framework jointly optimizing memory, computation, and privacy. Contribution/Results: Experiments demonstrate that MIFE effectively thwarts reconstruction attacks. While post-quantum encryption incurs ~37% additional communication overhead, convergence delay remains manageable. This study establishes the first practical MIFE-based FL-NIDS paradigm and provides principled cryptographic selection guidelines for privacy-critical, deployable NIDS.

Federated Learning (FL) is a collaborative method for training machine learning models while preserving the confidentiality of the participants' training data. Nevertheless, FL is vulnerable to reconstruction attacks that exploit shared parameters to reveal private training data. In this paper, we address this issue in the cybersecurity domain by applying Multi-Input Functional Encryption (MIFE) to a recent FL implementation for training ML-based network intrusion detection systems. We assess both classical and post-quantum solutions in terms of memory cost and computational overhead in the FL process, highlighting their impact on convergence time.