Federated Learning: Exact Batch Reconstruction in Honest-but-Curious Setting

Exact batch reconstruction is possible in federated learning, challenging prior assumptions and highlighting privacy risks.

Federated learning allows collaborative training without sharing sensitive data. Gradient inversion attacks can reconstruct client data from shared gradients. Existing methods only enable exact reconstruction for batch size b = 1. Proposed algorithm, SPEAR, reconstructs batches with b > 1 exactly. Leveraging low-rank structure and ReLU-induced sparsity for efficient reconstruction. Highly parallelized GPU implementation for effective reconstruction. Results show successful reconstruction for batch sizes up to b ≲ 25. Importance of protecting client privacy in federated learning highlighted.

"Exact batch reconstruction is possible in federated learning." "Reconstructs batches with b > 1 exactly." "Efficient GPU implementation for fully connected networks."

"Exact reconstruction is possible for batch sizes b > 1." "SPEAR leverages low-rank structure and ReLU-induced sparsity for efficient reconstruction."