VFFG: Verifiable Privacy-Enhanced Federated Fine-Tuning for GPT Service

Nowadays, the generative pre-trained transformer (GPT) models with intrinsic traits have been widely employed in tackling a variety of natural language process tasks. Federated learning facilitates collaborative learning across isolated data silos, entailing risks to sensitive data and proprietary models. Prior works on secure GPT-2 services focused on protect confidential data at the cost of utility degradation, leaving fine-tuned models and feedback results vulnerable to malicious server. To accomplish a higher level of security preservation while maintaining model utility, we design the first verifiable privacy-enhanced federated GPT-2 fine-tuning system (VFFG) with dropout-resilience. VFFG leverages homomorphic encryption and pseudorandom techniques to ensure the privacy of local sensitive data and fine-tuned model parameters while also guaranteeing the reliability of feedback results to resist the tampering attacks. Security analysis theoretically proves that VFFG obtains a higher privacy level compared to previous works and a constant complexity of verification. Extensive evaluations on three types of large language models and four public datasets indicate that VFFG quantitatively outperforms the related work under multiple evaluation criteria.