Workshops Artificial Intelligence Quantum Threats to Federated Learning
Artificial Intelligence Full Day or Half Day Workshop

Quantum Threats to Federated Learning and Privacy-Preserving AI

This workshop maps the quantum cryptographic exposure in federated learning pipelines and provides actionable migration paths for AI researchers, privacy engineers, and FL platform architects.

Full day (6 hours) or half day
In person or online
Max 30 delegates
Commission This Workshop View Agenda

Proud to recommend our expert members

Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside
Qrypto Cyber
Eclypses
Arqit
QuantBond
Krown
Applied Quantum
Quantum Bitcoin
Venari Security
QuStream
BHO Legal
Census
QSP
IDQ
Patero
Entopya
Belden
Atlant3D
Zenith Studio
Qudef
Aries Partners
GQI
Upperside Conferences
Austrade
Arrise Innovations
CyberRST
Triarii Research
QSysteme
WizzWang
DeepTech DAO
Xyberteq
Viavi
Entrust
Qsentinel
Nokia
Gopher Security
Quside

Workshop Description

For AI researchers, privacy engineers, and FL platform architects. Covers secure aggregation protocol vulnerabilities under quantum attack, HE scheme quantum resistance assessment, differential privacy channel exposure, PQC migration for TFF, PySyft, and FATE, and framework-specific migration paths.

Federated learning relies on a layered stack of cryptographic primitives to keep individual participant data private while enabling collective model improvement. Secure aggregation protocols use Diffie-Hellman key agreement and secret sharing to mask individual gradient updates. Homomorphic encryption (CKKS, BFV, BGV) enables computation on encrypted model parameters. Differential privacy adds calibrated noise, but the channels delivering those guarantees depend on classical key exchange. A cryptographically relevant quantum computer running Shor's algorithm would break the ECDH key exchange underpinning secure aggregation, exposing individual model updates to an adversary who captured the encrypted traffic. The harvest-now-decrypt-later threat means this data is already at risk. This workshop maps each cryptographic dependency in production FL frameworks, assesses which primitives are quantum-vulnerable and which (particularly lattice-based HE) already provide quantum resistance, and builds a migration plan that replaces vulnerable components with FIPS 203/204/205 post-quantum algorithms without breaking existing FL workflows.

What participants cover

  • Secure aggregation protocol cryptographic dependencies: where ECDH, secret sharing, and threshold encryption create quantum-vulnerable attack surfaces in FL pipelines
  • Homomorphic encryption quantum resistance: why lattice-based HE schemes (CKKS, BFV, BGV) provide inherent resistance while their key management and transport layers may not
  • Differential privacy channel exposure: the distinction between DP noise mechanisms (quantum-safe) and the cryptographic channels delivering DP guarantees (often quantum-vulnerable)
  • Framework-specific analysis: cryptographic dependency maps for TensorFlow Federated, PySyft, and FATE with migration entry points for each
  • PQC migration for FL: replacing ECDH with ML-KEM (FIPS 203), ECDSA with ML-DSA (FIPS 204), and planning hybrid transition strategies that avoid doubling communication overhead
  • Compliance and regulatory context: EU AI Act, NIST AI RMF, and sector-specific data protection requirements intersecting with post-quantum migration timelines

Preliminary Agenda

Full-day session structure with scheduled breaks. Content is configurable to your FL framework, privacy requirements, and deployment architecture.

# Session Topics
1 Federated Learning Architecture and Its Cryptographic Surface Where cryptography lives in FL pipelines
2 Secure Aggregation Protocols Under Quantum Attack How Shor and Grover threaten FL trust assumptions
  • Secure aggregation in TensorFlow Federated, PySyft, and FATE: protocol-level cryptographic dependencies (Diffie-Hellman key agreement, secret sharing, threshold encryption)
  • Shor's algorithm impact: ECDH-based key exchange in aggregation collapses under a cryptographically relevant quantum computer, exposing individual model updates
  • Grover's algorithm impact: reduced effective key strength for symmetric ciphers protecting aggregated gradients in transit and at rest
Break, after 50 min
3 Homomorphic Encryption and Differential Privacy in a Quantum Context Assessing quantum resistance of privacy-preserving primitives
  • Lattice-based HE schemes (CKKS, BFV, BGV): inherent quantum resistance from lattice hardness assumptions versus known quantum attacks on ideal lattice structures
  • Differential privacy mechanisms: noise calibration assumptions hold under quantum adversaries, but the cryptographic channels delivering DP guarantees may not
  • Secure multi-party computation (SMPC): identifying which sub-protocols rely on quantum-vulnerable key exchange and which use quantum-resistant primitives
4 Interactive Demonstration: FL Cryptographic Dependency Audit Full-day format only
  • Mapping cryptographic dependencies in a representative FL pipeline (TensorFlow Federated or PySyft)
  • Classifying each dependency as quantum-vulnerable (ECDH, RSA), quantum-resistant (lattice-based HE), or uncertain (hybrid constructions)
  • Producing a prioritised migration inventory with risk scores and migration sequencing
Break, after 60 min
5 PQC Migration for Federated Learning Infrastructure Replacing vulnerable primitives without breaking FL workflows
  • Replacing ECDH key agreement in secure aggregation with ML-KEM (FIPS 203): performance implications for aggregation latency across 100+ FL participants
  • Migrating digital signatures on model updates and attestation from ECDSA to ML-DSA (FIPS 204) or SLH-DSA (FIPS 205)
  • Hybrid migration strategies: running classical and post-quantum key exchange in parallel during transition without doubling communication overhead
6 Framework-Specific Migration Paths and Compliance Practical guidance for TFF, PySyft, and FATE deployments
  • TensorFlow Federated: gRPC channel encryption, aggregation server TLS configuration, and PQC library integration points
  • PySyft: Duet protocol cryptographic dependencies, migration path for private tensor operations
  • FATE: federated transfer learning encryption layer, CKKS parameter selection for post-quantum security margins
7 Q&A and Migration Planning

Designed and Delivered By

Workshops are designed and delivered by QSECDEF in collaboration with sector specialists. All facilitators have direct experience in both quantum technologies and AI privacy systems.

QD

Quantum Security Defence

Workshop design and delivery

QSECDEF brings world-leading expertise in post-quantum cryptography, quantum computing strategy, and defence-grade security assessment. Our advisory membership spans 600+ organisations and 1,200+ professionals working at the intersection of quantum technologies and critical infrastructure security.

AI

AI Privacy Sector Partners

Domain expertise and operational validation

AI workshops are co-delivered with sector specialists who bring direct operational experience in federated learning deployments and privacy-preserving AI systems. This ensures workshop content is grounded in the practical realities of FL framework configuration, privacy engineering, and data protection compliance.

Commission This Workshop

Sessions are configured around your FL framework, privacy architecture, participant count, and regulatory requirements. Get in touch to discuss requirements and schedule a date.

Contact Us
Artificial Intelligence Workshops All Consulting Services All Workshops