{"id":"https://openalex.org/W7135026026","doi":"https://doi.org/10.48550/arxiv.2603.10692","title":"Repurposing Backdoors for Good: Ephemeral Intrinsic Proofs for Verifiable Aggregation in Cross-silo Federated Learning","display_name":"Repurposing Backdoors for Good: Ephemeral Intrinsic Proofs for Verifiable Aggregation in Cross-silo Federated Learning","publication_year":2026,"publication_date":"2026-03-11","ids":{"openalex":"https://openalex.org/W7135026026","doi":"https://doi.org/10.48550/arxiv.2603.10692"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.10692","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.10692","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.10692","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5111384822","display_name":"Xian Rong Qin","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Qin, Xian","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5128856901","display_name":"Xue Yang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Yang, Xue","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5128803744","display_name":"Xiaohu Tang","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Tang, Xiaohu","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":3,"corresponding_author_ids":["https://openalex.org/A5111384822"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.38839998841285706,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10764","display_name":"Privacy-Preserving Technologies in Data","score":0.38839998841285706,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.30730000138282776,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11689","display_name":"Adversarial Robustness in Machine Learning","score":0.15860000252723694,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/mathematical-proof","display_name":"Mathematical proof","score":0.70660001039505},{"id":"https://openalex.org/keywords/backdoor","display_name":"Backdoor","score":0.6337000131607056},{"id":"https://openalex.org/keywords/verifiable-secret-sharing","display_name":"Verifiable secret sharing","score":0.5777000188827515},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.5533000230789185},{"id":"https://openalex.org/keywords/cryptography","display_name":"Cryptography","score":0.5385000109672546},{"id":"https://openalex.org/keywords/anonymity","display_name":"Anonymity","score":0.4932999908924103},{"id":"https://openalex.org/keywords/cryptographic-primitive","display_name":"Cryptographic primitive","score":0.4674000144004822},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.412200003862381}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8230000138282776},{"id":"https://openalex.org/C108710211","wikidata":"https://www.wikidata.org/wiki/Q11538","display_name":"Mathematical proof","level":2,"score":0.70660001039505},{"id":"https://openalex.org/C2781045450","wikidata":"https://www.wikidata.org/wiki/Q254569","display_name":"Backdoor","level":2,"score":0.6337000131607056},{"id":"https://openalex.org/C85847156","wikidata":"https://www.wikidata.org/wiki/Q59015987","display_name":"Verifiable secret sharing","level":3,"score":0.5777000188827515},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.5533000230789185},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.5385000109672546},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.52920001745224},{"id":"https://openalex.org/C178005623","wikidata":"https://www.wikidata.org/wiki/Q308859","display_name":"Anonymity","level":2,"score":0.4932999908924103},{"id":"https://openalex.org/C15927051","wikidata":"https://www.wikidata.org/wiki/Q246593","display_name":"Cryptographic primitive","level":4,"score":0.4674000144004822},{"id":"https://openalex.org/C120314980","wikidata":"https://www.wikidata.org/wiki/Q180634","display_name":"Distributed computing","level":1,"score":0.41280001401901245},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.412200003862381},{"id":"https://openalex.org/C80444323","wikidata":"https://www.wikidata.org/wiki/Q2878974","display_name":"Theoretical computer science","level":1,"score":0.37119999527931213},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.36820000410079956},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.3596999943256378},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.3458999991416931},{"id":"https://openalex.org/C118463975","wikidata":"https://www.wikidata.org/wiki/Q220849","display_name":"Digital signature","level":3,"score":0.3375000059604645},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.3057999908924103},{"id":"https://openalex.org/C68339613","wikidata":"https://www.wikidata.org/wiki/Q1549489","display_name":"Speedup","level":2,"score":0.29840001463890076},{"id":"https://openalex.org/C159718280","wikidata":"https://www.wikidata.org/wiki/Q5526353","display_name":"Gas meter prover","level":3,"score":0.28690001368522644},{"id":"https://openalex.org/C40305131","wikidata":"https://www.wikidata.org/wiki/Q2616305","display_name":"Obfuscation","level":2,"score":0.2728999853134155},{"id":"https://openalex.org/C2779696439","wikidata":"https://www.wikidata.org/wiki/Q7512811","display_name":"Signature (topology)","level":2,"score":0.26660001277923584},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.2662999927997589},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.259799987077713},{"id":"https://openalex.org/C111498074","wikidata":"https://www.wikidata.org/wiki/Q173326","display_name":"Formal verification","level":2,"score":0.2590999901294708}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.10692","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.10692","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.10692","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.10692","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","score":0.7882668375968933,"display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"While":[0],"Secure":[1],"Aggregation":[2],"(SA)":[3],"protects":[4],"update":[5],"confidentiality":[6],"in":[7],"Cross-silo":[8],"Federated":[9],"Learning,":[10],"it":[11],"fails":[12],"to":[13,20,61,68,91,140,145],"guarantee":[14],"aggregation":[15,29],"integrity,":[16],"allowing":[17],"malicious":[18,128],"servers":[19],"silently":[21],"omit":[22],"or":[23],"tamper":[24],"with":[25,44,104],"updates.":[26],"Existing":[27],"verifiable":[28],"schemes":[30],"rely":[31],"on":[32,118,137],"heavyweight":[33],"cryptography":[34],"(e.g.,":[35],"ZKPs,":[36],"HE),":[37],"incurring":[38],"computational":[39],"costs":[40],"that":[41,55],"scale":[42],"poorly":[43],"model":[45,74,94],"size.":[46],"In":[47],"this":[48],"paper,":[49],"we":[50],"propose":[51],"a":[52,98],"lightweight":[53],"architecture":[54],"shifts":[56],"from":[57],"extrinsic":[58],"cryptographic":[59,141],"proofs":[60],"\\textit{Intrinsic":[62],"Proofs}.":[63],"We":[64,96],"repurpose":[65],"backdoor":[66],"injection":[67],"embed":[69],"verification":[70,86],"signals":[71,81],"directly":[72],"into":[73],"parameters.":[75],"By":[76],"harnessing":[77],"Catastrophic":[78],"Forgetting,":[79],"these":[80],"are":[82],"robust":[83],"for":[84],"immediate":[85],"yet":[87],"ephemeral,":[88],"naturally":[89],"decaying":[90],"preserve":[92],"final":[93],"utility.":[95],"design":[97],"randomized,":[99],"single-verifier":[100],"auditing":[101],"framework":[102],"compatible":[103],"SA,":[105],"ensuring":[106],"client":[107],"anonymity":[108],"and":[109,121],"preventing":[110],"signal":[111],"collision":[112],"without":[113],"trusted":[114],"third":[115],"parties.":[116],"Experiments":[117],"SVHN,":[119],"CIFAR-10,":[120],"CIFAR-100":[122],"demonstrate":[123],"high":[124],"detection":[125],"probabilities":[126],"against":[127],"servers.":[129],"Notably,":[130],"our":[131],"approach":[132],"achieves":[133],"over":[134],"$1000\\times$":[135],"speedup":[136],"ResNet-18":[138],"compared":[139],"baselines,":[142],"effectively":[143],"scaling":[144],"large":[146],"models.":[147]},"counts_by_year":[],"updated_date":"2026-03-13T14:25:03.468858","created_date":"2026-03-13T00:00:00"}