Hi-SAFE: Hierarchical Secure Aggregation for Lightweight Federated Learning
Hyeong-Gun Joo, Songnam Hong, Seunghwan Lee, and Dong-Joon Shin
TL;DR
Hi-SAFE introduces a lightweight, cryptographically secure aggregation method for sign-based federated learning, enhancing privacy and efficiency in resource-constrained environments by leveraging polynomial representations and hierarchical subgrouping.
Contribution
It develops a novel polynomial-based secure aggregation framework for sign-based FL, enabling privacy-preserving majority voting with constant complexity and low overhead.
Findings
Achieves secure aggregation with constant multiplicative depth.
Reduces communication overhead compared to existing methods.
Ensures privacy of intermediate gradient signs.
Abstract
Federated learning (FL) faces challenges in ensuring both privacy and communication efficiency, particularly in resource-constrained environments such as Internet of Things (IoT) and edge networks. While sign-based methods, such as sign stochastic gradient descent with majority voting (SIGNSGD-MV), offer substantial bandwidth savings, they remain vulnerable to inference attacks due to exposure of gradient signs. Existing secure aggregation techniques are either incompatible with sign-based methods or incur prohibitive overhead. To address these limitations, we propose Hi-SAFE, a lightweight and cryptographically secure aggregation framework for sign-based FL. Our core contribution is the construction of efficient majority vote polynomials for SIGNSGD-MV, derived from Fermat's Little Theorem. This formulation represents the majority vote as a low-degree polynomial over a finite field,…
Peer Reviews
Decision·ICLR 2026 Conference Withdrawn Submission
- Using FLT-based indicator for secure aggregation of sign-sgd is smart and the construction is well stated. - The subgrouping design keeps multiplicative depth constant, independent of the number of users, $n$. - Protocol descriptions are concrete and well presented. - Theoretical convergence analysis and security proof are included.
- This paper has no clear experimental or analytical comparison against existing approaches that approximate or compute the sign function using polynomial representations combined with secure computation techniques (e.g., homomorphic encryption, MPC-based sign-SGD). There is no baseline MPC-based sign-SGD in - While experiment section provides communication reduction from the sub-group strategy (compared to the original version of the proposed scheme), asymptotic communcation and computation ana
The paper targets a timely and important gap: combining 1-bit communication efficiency with end-to-end cryptographic privacy for sign-based FL.
Key technical claims require clarification or stronger evidence. (i) “majority of subgroup majorities” is not generally equivalent to the global majority unless nontrivial conditions hold (balanced subgroup sizes, odd sizes, consistent tie-breaking, no near-ties); (ii) With (p!>!n), the indicator term (1-(x-m)^{p-1}) implies (\deg(F)=p-1=\Theta(n)); it is unclear how the protocol attains constant multiplicative depth and ≤6 secure multiplications per user. The recurrence with (v_k) suggests
1. A novel approach involves constructing polynomial functions based on Fermat's Little Theorem to evaluate the secure aggregation results of SIGNSGD. 2. The formal analysis of the problem and the description of the algorithm are well-structured and clear at a glance. 3. The appendix provides a wealth of examples to help readers better understand the paper.
1.Limited novelty in applying SignSGD to PPFL. The paper positions the integration of SignSGD and secure aggregation as novel. However, there already exists a substantial body of work that leverages quantization techniques similar to SignSGD for communication-efficient or privacy-preserving federated learning, including but not limited to [1], [2] and [3]. The manuscript does not sufficiently differentiate Hi-SAFE from these prior efforts. 2.Misleading claim of communication efficiency. The pro
* Distributed machine learning is always concerned with communication efficiency and privacy leakage; * The idea of using secure aggregation to enhance the privacy guarantees of signsgd is innovative.
* The abstract can be polished up. For example, the authors talk about constant multiplicative depth and bounded per-user complexity in lines 22- 24. Yet, neither are these standard, nor the definitions are given. * Does $Enc(\mathbf{x}_i)$ remain to be sign bits after using Eq.(3) in line 223? Since the operation is concluded by a $\mod p$, it is temptive to think the produced result is a quantized level. * Theorem 1 requires clarification. * First, the assumptions are not included in the th
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsPrivacy-Preserving Technologies in Data · Cryptography and Data Security · Stochastic Gradient Optimization Techniques