Privacy Protection Authentication Protocol for Consumer Internet of Things in Horizontal Federated Learning Environment

With the widespread application of Consumer Internet of Things (CIoT) devices, especially in the fields of smart wearable and health devices, the generation and transmission for a large amount of personal health data has raised concerns about user privacy and data security. In this context, federated learning technology provides a new approach to privacy protection by enabling model training without directly accessing raw data. However, the semi-honest CIoT devices participating in federated learning may lead to the risk of indirect privacy leakage. Therefore, this paper proposes a privacy protection authentication protocol for CIoT in horizontal federated learning environments. This protocol adopts elliptic curve cryptosystem to implement mutual authentication and data transmission between a set of CIoT devices and server, avoiding signaling overload. Then AVISPA and informal security analysis prove that the protocol is secure and can resist known attacks. The experimental results show that the protocol has increased signal overhead and computational overhead by at least 33% and 50%. And the protocol exhibits a variety of security attributes and achieves a balance of security and overhead in performance, which is suitable for horizontal federated learning training environment.