CHRONOS: A Hardware-Assisted Phase-Decoupled Framework for Secure Federated Learning in IoT

We propose CHRONOS, a hardware-assisted framework that decouples the cryptographic setup required for private gradient aggregation from the active training phase. CHRONOS executes a once-per-epoch server-relayed Diffie-Hellman key exchange during a device's idle window. It generates ephemeral keypairs and derives PRG keys entirely within an ARM TrustZone enclave, ensuring private keys never exist in Normal World memory. Pairwise secrets are sealed in the enclave, and Shamir secret shares of the ephemeral private key are distributed to peers. During training, clients mask gradients with a single stream-cipher evaluation and transmit them in one communication round. A hardware-backed round counter enforces single-use freshness. If clients drop out mid-round, the server reconstructs their masks from peer-held Shamir shares, preserving correct aggregation without repeating the round. Evaluation on Rock Pi 4 devices using OP-TEE demonstrates that CHRONOS achieves OS-level compromise resistance and thwarts state-of-the-art gradient inversion attacks. It reduces active-phase aggregation latency by up to 74% compared to synchronous secure aggregation for 20 clients. The system maintains a persistent Secure World storage footprint of fewer than 700 bytes per device, scaling independently of model dimension.

Key Contributions

• Phase-decoupled secure aggregation: executes cryptographic setup during idle windows, reducing active training latency by up to 74%
• Hardware-backed gradient masking using ARM TrustZone enclaves to prevent OS-level compromise and gradient leakage
• Shamir secret sharing for dropout robustness: server reconstructs masks from peer-held shares without repeating rounds

🛡️ Threat Analysis

Details

Similar Papers