When Is Distributed Nonlinear Aggregation Private? Optimality and Information-Theoretical Bounds

TL;DR

This paper develops an information-theoretic framework to analyze privacy leakage in distributed nonlinear aggregation, deriving fundamental bounds and proposing algorithms that approach these limits, with validation through extensive experiments.

Contribution

It introduces a unified framework for understanding privacy in nonlinear aggregation, deriving optimal leakage bounds, and proposing algorithms that nearly achieve these bounds.

Findings

Fundamental lower bounds on privacy leakage are established.

Proposed algorithms can approach the optimal bounds with proper parameters.

Network topology and algorithm parameters significantly influence privacy leakage.

Abstract

Nonlinear aggregation is central to modern distributed systems, yet its privacy behavior is far less understood than that of linear aggregation. Unlike linear aggregation where mature mechanisms can often suppress information leakage, nonlinear operators impose inherent structural limits on what privacy guarantees are theoretically achievable when the aggregate must be computed exactly. This paper develops a unified information-theoretic framework to characterize privacy leakage in distributed nonlinear aggregation under a joint adversary that combines passive (honest-but-curious) corruption and eavesdropping over communication channels. We cover two broad classes of nonlinear aggregates: order-based operators (maximum/minimum and top-$K$) and robust aggregation (median/quantiles and trimmed mean). We first derive fundamental lower bounds on leakage that hold without sacrificing accuracy, thereby identifying the minimum unavoidable information revealed by the computation and the transcript. We then propose simple yet effective privacy-preserving distributed algorithms, and show that with appropriate randomized initialization and parameter choices, our proposed approaches can attach the derived optimal bounds for the considered operators. Extensive experiments validate the tightness of the bounds and demonstrate that network topology and key algorithmic parameters (including the stepsize) govern the observed leakage in line with the theoretical analysis, yielding actionable guidelines for privacy-preserving nonlinear aggregation.