Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Information-Theoretic Decentralized Secure Aggregation with Collusion Resilience

Xiang Zhang, Zhou Li, Shuangyang Li, Kai Wan, Derrick Wing Kwan Ng, Giuseppe Caire

TL;DR

This work studies decentralized secure aggregation (DSA) in a fully connected $K$-user network from an information-theoretic viewpoint, where each user holds a private input $W_k$ and a secret key $Z_k$ derived from a source key $Z_{\Sigma}$. The goal is to compute the sum $\sum_k W_k$ securely under collusion up to $T$ users, with per-user communication rate $R_X$, individual key rate $R_Z$, and source key rate $R_{Z_{\Sigma}}$. The authors establish a complete rate region: it is empty for $T\ge K-2$, and for feasible cases ($T\le K-3$) the optimal region is $R_X\ge1$, $R_Z\ge1$, and $R_{Z_{\Sigma}}\ge K-1$, achievable by a linear scheme using a zero-sum, linearly dependent key structure. The results reveal fundamental limits and show that dual roles of the keys (encryption and decryption aid) enable minimal communication and key usage, with potential extensions to non-fully-connected topologies and groupwise-key designs. The analysis provides a foundation for designing provably secure and communication-efficient distributed learning protocols in decentralized settings.

Abstract

In decentralized federated learning (FL), multiple clients collaboratively learn a shared machine learning (ML) model by leveraging their privately held datasets distributed across the network, through interactive exchange of the intermediate model updates. To ensure data security, cryptographic techniques are commonly employed to protect model updates during aggregation. Despite growing interest in secure aggregation, existing works predominantly focus on protocol design and computational guarantees, with limited understanding of the fundamental information-theoretic limits of such systems. Moreover, optimal bounds on communication and key usage remain unknown in decentralized settings, where no central aggregator is available. Motivated by these gaps, we study the problem of decentralized secure aggregation (DSA) from an information-theoretic perspective. Specifically, we consider a network of $K$ fully-connected users, each holding a private input -- an abstraction of local training data -- who aim to securely compute the sum of all inputs. The security constraint requires that no user learns anything beyond the input sum, even when colluding with up to $T$ other users. We characterize the optimal rate region, which specifies the minimum achievable communication and secret key rates for DSA. In particular, we show that to securely compute one symbol of the desired input sum, each user must (i) transmit at least one symbol to others, (ii) hold at least one symbol of secret key, and (iii) all users must collectively hold no fewer than $K - 1$ independent key symbols. Our results establish the fundamental performance limits of DSA, providing insights for the design of provably secure and communication-efficient protocols in distributed learning systems.

Information-Theoretic Decentralized Secure Aggregation with Collusion Resilience

TL;DR

This work studies decentralized secure aggregation (DSA) in a fully connected -user network from an information-theoretic viewpoint, where each user holds a private input and a secret key derived from a source key . The goal is to compute the sum securely under collusion up to users, with per-user communication rate , individual key rate , and source key rate . The authors establish a complete rate region: it is empty for , and for feasible cases () the optimal region is , , and , achievable by a linear scheme using a zero-sum, linearly dependent key structure. The results reveal fundamental limits and show that dual roles of the keys (encryption and decryption aid) enable minimal communication and key usage, with potential extensions to non-fully-connected topologies and groupwise-key designs. The analysis provides a foundation for designing provably secure and communication-efficient distributed learning protocols in decentralized settings.

Abstract

In decentralized federated learning (FL), multiple clients collaboratively learn a shared machine learning (ML) model by leveraging their privately held datasets distributed across the network, through interactive exchange of the intermediate model updates. To ensure data security, cryptographic techniques are commonly employed to protect model updates during aggregation. Despite growing interest in secure aggregation, existing works predominantly focus on protocol design and computational guarantees, with limited understanding of the fundamental information-theoretic limits of such systems. Moreover, optimal bounds on communication and key usage remain unknown in decentralized settings, where no central aggregator is available. Motivated by these gaps, we study the problem of decentralized secure aggregation (DSA) from an information-theoretic perspective. Specifically, we consider a network of fully-connected users, each holding a private input -- an abstraction of local training data -- who aim to securely compute the sum of all inputs. The security constraint requires that no user learns anything beyond the input sum, even when colluding with up to other users. We characterize the optimal rate region, which specifies the minimum achievable communication and secret key rates for DSA. In particular, we show that to securely compute one symbol of the desired input sum, each user must (i) transmit at least one symbol to others, (ii) hold at least one symbol of secret key, and (iii) all users must collectively hold no fewer than independent key symbols. Our results establish the fundamental performance limits of DSA, providing insights for the design of provably secure and communication-efficient protocols in distributed learning systems.

Paper Structure

This paper contains 16 sections, 6 theorems, 60 equations, 4 figures, 1 table.

Table of Contents

  1. Introduction
  2. Summary of Contributions
  3. Problem Statement
  4. Main Result
  5. Achievable Scheme
  6. Motivating Examples
  7. General Scheme
  8. Converse: Lower Bounds on Communication and Key Rates
  9. Infeasible Regime: $K=2$ or $T\ge K-2$
  10. Key Lemmas and Corollaries
  11. Lower Bounds on Communication and Key Rates
  12. Proof of Communication Rate ${R_X} \ge 1$
  13. Proof of Individual Key Rate ${R_Z} \ge 1$
  14. Proof of Source Key Rate ${R_{Z_{\Sigma}}} \ge K-1$
  15. Conclusion and Future Directions
  16. ...and 1 more sections

Key Result

Theorem 1

For the decentralized secure aggregation problem with $K\ge 3$ users, when $T \ge K-2$, it is infeasible; when $T \le K- 3$, the optimal rate region is given by

Figures (4)

  • Figure 1: Decentralized secure aggregation with 3 users. User 1 aims to recover the sum $W_2 + W_3$ from the received messages $X_2$ and $X_3$, while being prevented from learning any additional information about the pair of inputs $(W_2, W_3)$ beyond their sum. The same security requirement is imposed on the other two users as well.
  • Figure 2: Optimal rate region ${\cal R}^*=\{({R_X},{R_Z},{R_{Z_{\Sigma}}}):{R_X} \ge 1, {R_Z}\ge 1, {R_{Z_{\Sigma}}}\ge 2\}$ for Example \ref{['example: ach scheme']} with $K=3$ users.
  • Figure 3: Aggregation of User $k$'s input $W_k$ at User $k^\prime$.
  • Figure 4: Aggregation at User $k$ with colluding user set ${\cal T}_{(k)}$ and its complement $\overline{{\cal T}}_{(k)}$. Since the inputs $\{W_i\}_{i\in{\cal T}_{(k)}}$ are already known to User $k$, it only needs to recover the sum of inputs in $\sum_{i\in \overline{{\cal T}}_{(k)}}W_i$ (shown in blue), while ensuring their security.

Theorems & Definitions (10)

  • Remark 1: Communication Overhead of Key Distribution
  • Theorem 1
  • Example 1
  • Remark 2: ${\cal R}^*$ as a Box Region
  • Remark 3: Dual Role of Individual Keys
  • Lemma 1
  • Corollary 1
  • Lemma 2
  • Lemma 3
  • Lemma 4