On hierarchical secure aggregation against relay and user collusion
Min Xu, Xuejiao Han, Kai Wan, Gennian Ge
TL;DR
This work studies hierarchical secure aggregation (HSA) over a homogeneous three-layer network with relay-user collusion, formulating security as $(0,T_h,T_u)$-privacy and linking HSA to network function computation (NFC). It derives fundamental load lower bounds ($R_X, R_Y\ge1/n$) and proposes NFC-based schemes to achieve optimal communication load under regime constraints, along with information-theoretic bounds on per-user key rate $R_Z$ and total key rate $R_{Z_{\Sigma}}$. The authors present two main constructions: one with optimal load but larger key sizes, and another with both optimal load and optimal key-size in cyclic networks, achieving $(R_X,R_Y)=(1/n,1/n)$ and $(R_Z,R_{Z_{\Sigma}})=(1/n,(m+T_u)/n)$. For special cyclic networks with $n=m=2$, they obtain tight bounds and explicit schemes (e.g., $(0,1,N-3)$-secure) achieving minimal key resources; a concrete example demonstrates the limits of the lower bounds and the tightness of certain constructions. The results advance the theoretical limits of secure distributed aggregation by bridging HSA with NFC and clarifying the trade-offs between communication efficiency and information-theoretic security.
Abstract
Secure aggregation (SA) is fundamental to privacy preservation in federated learning (FL), enabling model aggregation while preventing disclosure of individual user updates. This paper addresses hierarchical secure aggregation (HSA) against relay and user collusion in homogeneous networks, where each user connects to $n$ relays and each relay serves $m$ users. In the two-phase communication framework, users transmit masked data to relays, which then process and forward compiled messages to the server for exact sum recovery. The primary objective is to devise a transmission scheme such that the server can finish the aggregation task, while any group of $T_h$ colluding relays and $T_u$ colluding users cannot reveal any information about the data owned by the non-colluding users. In this study, we establish fundamental limits on the communication load, defined as the ratio of transmitted information size to original data size, for each user-relay link and each relay-server link. Achievable thresholds for collusion resilience are also derived. When the number of colluding relays and users falls below certain critical thresholds, we construct communication-optimal schemes using methods from network function computation. A limitation of these schemes is their reliance on large random keys. To address this, we derive a lower bound on the required key size and prove its achievability in cyclic networks, where users are connected to relays in a cyclic wrap-around manner. By establishing a connection between HSA and network function computation, this work advances the theoretical limits of communication efficiency and information-theoretic security in secure aggregation.