Secure Over-the-Air Computation Against Multiple Eavesdroppers using Correlated Artificial Noise

TL;DR

This work examines secure over-the-air computation in the presence of multiple cooperative eavesdroppers and proposes a correlated zero-forcing artificial-noise design to protect the aggregation function without sacrificing accuracy at the legitimate server. It derives bounds and optimal strategies for eavesdroppers under perfect CSI and statistical-noise scenarios, demonstrating inherent security due to channel misalignment and showing that cooperation erodes this security unless deliberate measures are employed. The proposed zero-forcing AN design, coupled with an efficient linear-programming solution and extensions to distributed zero-forcing, achieves strong security-accuracy tradeoffs, with simulations confirming substantial protection while preserving aggregation performance. Overall, the approach provides a practical physical-layer security mechanism for OtA computation in federated/edge settings with multiple potential eavesdroppers.

Abstract

In the era of the Internet of Things and massive connectivity, many engineering applications, such as sensor fusion and federated edge learning, rely on efficient data aggregation from geographically distributed users over wireless networks. Over-the-air computation shows promising potential for enhancing resource efficiency and scalability in such scenarios by leveraging the superposition property of wireless channels. However, due to the use of uncoded transmission with linear mapping, it also suffers from security vulnerabilities that must be dealt with to allow widespread adoption. In this work, we consider a scenario where multiple cooperating eavesdroppers attempt to infer information about the aggregation result. We derive the optimal joint estimator for the eavesdroppers and provide bounds on the achievable estimation accuracy for both the eavesdroppers and the intended receiver. We show that significant inherent security exists against individual eavesdroppers due to channel misalignment. However, the security level is greatly compromised when the eavesdroppers can cooperate, motivating the need for deliberate security measures. A common measure is to add carefully calibrated perturbation signals (artificial noise) prior to data transmission to improve the security level. To this end, we propose a zero-forced artificial noise design that achieves a high level of security against cooperative eavesdroppers without compromising the aggregation accuracy.

Figures (9)

• Figure 1: Overview of the system. Wireless transmissions (dashed arrows), intended for the server, are overheard by $L$ eavesdroppers that jointly process their received signals at a virtual eavesdropper. The solid lines represent an error-free channel.
• Figure 2: The shaded area represents the design space for the amplitude scaling factor $\eta$ under different approximation error constraints. The bounding curves are derived from the upper and lower bounds in Corollary \ref{['co:eta']}.
• Figure 3: Estimation accuracy of the server, cooperative eavesdroppers and non-cooperative eavesdroppers, in a scenario with no added artificial noise.
• Figure 4: Performance comparison between the server and eavesdroppers, for different noise designs.
• Figure 5: Security gap between cooperative and non-cooperative eavesdroppers. Each curve is the difference between the non-cooperative and cooperative security level for that given noise scheme.

Theorems & Definitions (11)

• Definition 1
• Remark 1
• Remark 2
• Theorem 1
• proof
• Corollary 1
• Theorem 2
• proof
• Remark 3
• Theorem 3