Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Optimal Key Rates for Decentralized Secure Aggregation with Arbitrary Collusion and Heterogeneous Security Constraints

Zhou Li, Xiang Zhang, Giuseppe Caire

TL;DR

This work analyzes decentralized secure aggregation under arbitrary collusion and heterogeneous security constraints. It derives a complete rate region where the per-link communication must be at least 1 symbol, and the total key rate consists of an integral part plus a fractional part obtained from a linear program that captures worst-case security-collusion interactions. The converse and achievable schemes are tightly matched, establishing that the optimal randomness splits into an LP-determined fractional component and an integral component, with the LP explicitly determining when key-splitting is necessary. The results illuminate how heterogeneous privacy requirements influence key distribution and provide practical LP-based tools for designing efficient, information-theoretically secure decentralized aggregation protocols.

Abstract

Decentralized secure aggregation (DSA) considers a fully-connected network of $K$ users, where each pair of users can communicate bidirectionally over an error-free channel. Each user holds a private input, and the goal is for each user to compute the sum of all inputs without revealing any additional information, even in the presence of collusion among up to $T$ users. Traditional DSA typically requires large key sizes to protect all information except for the input sum and the information of colluding users. To mitigate the source keys overhead, we study decentralized secure aggregation with arbitrary collusion and heterogeneous security constraints. In this setting, the inputs of a predefined collection of user subsets, called the \emph{security set} $\bm{\mathcal{S}}$, must be protected from another predefined collection, the \emph{collusion set} $\bm{\mathcal{T}}$. For an arbitrary security set $\mathcal{S}\in \bm{\mathcal{S}}$ and an arbitrary collusion set $\mathcal{T}\in \bm{\mathcal{T}}$, we characterize the optimal communication and source key rates. A key contribution of this work is the characterization of the optimal source key rate, i.e., the minimum number of key bits per input bit that must be shared among users for decentralized secure aggregation with arbitrary collusion and heterogeneous security constraints to be feasible. In general, this characterization reduces to solving a linear program.

Optimal Key Rates for Decentralized Secure Aggregation with Arbitrary Collusion and Heterogeneous Security Constraints

TL;DR

This work analyzes decentralized secure aggregation under arbitrary collusion and heterogeneous security constraints. It derives a complete rate region where the per-link communication must be at least 1 symbol, and the total key rate consists of an integral part plus a fractional part obtained from a linear program that captures worst-case security-collusion interactions. The converse and achievable schemes are tightly matched, establishing that the optimal randomness splits into an LP-determined fractional component and an integral component, with the LP explicitly determining when key-splitting is necessary. The results illuminate how heterogeneous privacy requirements influence key distribution and provide practical LP-based tools for designing efficient, information-theoretically secure decentralized aggregation protocols.

Abstract

Decentralized secure aggregation (DSA) considers a fully-connected network of users, where each pair of users can communicate bidirectionally over an error-free channel. Each user holds a private input, and the goal is for each user to compute the sum of all inputs without revealing any additional information, even in the presence of collusion among up to users. Traditional DSA typically requires large key sizes to protect all information except for the input sum and the information of colluding users. To mitigate the source keys overhead, we study decentralized secure aggregation with arbitrary collusion and heterogeneous security constraints. In this setting, the inputs of a predefined collection of user subsets, called the \emph{security set} , must be protected from another predefined collection, the \emph{collusion set} . For an arbitrary security set and an arbitrary collusion set , we characterize the optimal communication and source key rates. A key contribution of this work is the characterization of the optimal source key rate, i.e., the minimum number of key bits per input bit that must be shared among users for decentralized secure aggregation with arbitrary collusion and heterogeneous security constraints to be feasible. In general, this characterization reduces to solving a linear program.

Paper Structure

This paper contains 17 sections, 8 theorems, 76 equations, 1 figure.

Table of Contents

  1. Introduction
  2. Problem Statement and Definitions
  3. Auxiliary Definitions
  4. Result
  5. Converse Proof of Theorem \ref{['thm:d1']}
  6. Converse Proof of Example \ref{['ex1']}
  7. Key Lemmas and Corollaries
  8. Converse Proof of Example \ref{['ex2']}
  9. Converse Proof of $R_{Z_\Sigma} \geq a^* + b^*$
  10. Achievability Proof of Theorem \ref{['thm:d1']}
  11. Achievable Scheme for 'If' Case where $a^* = K$
  12. Achievable Scheme for Subcase 1 of the 'Else if' Case where $a^* < |\overline{\mathcal{S}}|$
  13. Achievable Scheme for Subcase 2 of the 'Else if' Case where $a^* = |\overline{\mathcal{S}}|$, $|\mathcal{Q}| < K$
  14. Achievable Scheme of Example \ref{['ex2']}
  15. Achievable Scheme of for 'Otherwise' Case where $a^* = |\overline{\mathcal{S}}|$, $|\mathcal{Q}| = K$
  16. ...and 2 more sections

Key Result

Theorem 1

For decentralized secure aggregation with $K \geq 3$ users, security input sets $\{\mathcal{S}_m\}_{m\in[M]}$, and colluding user sets $\{\mathcal{T}_n\}_{n\in[N]}$, the optimal rate region $\mathcal{R}^*$ is where $R^*_{Z_{\Sigma}}$ is given by where $b^*$ is the optimal value of the following linear programNote that for the 'If' case, $|\mathcal{S}_m \cup \mathcal{T}_n\cup \{u\}| \leq K-1$ bec

Figures (1)

  • Figure 1: Decentralized secure aggregation with five users: key assignment and encoding scheme for Example \ref{['ex1']}

Theorems & Definitions (14)

  • Definition 1: Implicit Security Input Set $\mathcal{S}_I$
  • Example 1
  • Definition 2: Total Security Input Set $\overline{\mathcal{S}}$
  • Definition 3: Intersection of $\mathcal{S}_m \cup \mathcal{T}_n \cup \{u\}$ and $\overline{\mathcal{S}}$
  • Definition 4: Union of Maximum $\mathcal{A}_{m,n,u}$
  • Theorem 1
  • Lemma 1
  • Lemma 2
  • Corollary 1
  • Lemma 3
  • ...and 4 more