Giskard : Byzantine Robust and Confidential Aggregation for Large-Scale Decentralized Learning

📅 2026-06-17
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the challenge of simultaneously ensuring parameter confidentiality and Byzantine robustness in large-scale decentralized learning. The authors propose Giskard, a novel protocol that, for the first time, achieves Byzantine-robust aggregation with sublinear communication complexity while preserving the privacy of model parameters. Giskard organizes participants into a logarithmic-depth committee tree and, within each committee, combines BGW-style secure multiparty computation with distributed binary search to perform coordinate-wise approximate median aggregation. Theoretical analysis establishes the protocol’s security and correctness, and empirical evaluation demonstrates that, at scales involving millions of participants, Giskard tolerates up to $n/4$ Byzantine nodes, substantially reduces communication overhead, and maintains high model utility.
📝 Abstract
Dealing simultaneously with confidentiality and Byzantine behaviors in decentralized learning is a challenging problem. Indeed, in decentralized learning, clients train a machine learning model while keeping their data locally and share their model parameters or gradients with a set of neighbors. While enforcing confidentiality calls for hiding the exchanged model parameters/gradients (e.g., by using cryptographic techniques), dealing with Byzantine contributions often requires inspecting the latter. Hence, most research works address these objectives separately. A recent line of work proposes to employ secure multi-party computation (MPC) to implement robust aggregators against model poisoning, thereby enforcing both confidentiality and Byzantine resilience. However, these solutions scale badly: they either require all-to-all communication between participants or delegate the entire computation to a small subset, whose computational and communication load grows proportionally with the size of the network. In this paper, we present Giskard, a protocol for confidential and Byzantine-robust decentralized aggregation. Giskard organizes $n$ parties into a tree of committees of size $O(\log n)$ and evaluates a coordinate-wise approximate median via a committee-adapted distributed binary search over the value domain, using BGW-style MPC within each committee. We assess Giskard both theoretically by proving its security and confidentiality properties and experimentally through extensive experiments involving up to one million participants. Compared to its closest competitors, Giskard reduces per-party communication complexity asymptotically while exhibiting comparable model utility under up to $n/4$ Byzantine parties.
Problem

Research questions and friction points this paper is trying to address.

Byzantine robustness
confidential aggregation
decentralized learning
secure multi-party computation
large-scale
Innovation

Methods, ideas, or system contributions that make the work stand out.

Byzantine robustness
confidential aggregation
secure multi-party computation
decentralized learning
approximate median
🔎 Similar Papers
No similar papers found.