On the Optimality of Hierarchical Secure Aggregation with Arbitrary Heterogeneous Data Assignment

TL;DR

This paper investigates secure gradient aggregation in hierarchical networks with heterogeneous data, proposing an optimal scheme that guarantees information-theoretic security despite user dropouts and collusions.

Contribution

It introduces a novel secure aggregation scheme for three-layer hierarchical networks with arbitrary data assignment, achieving optimal communication loads under security constraints.

Findings

Achieves information-theoretic security for gradient aggregation.

Guarantees optimal two-layer communication loads.

Handles user dropouts and collusions effectively.

Abstract

This paper studies the information theoretic secure aggregation problem in a three-layer hierarchical network with arbitrary heterogeneous data assignment, where clustered users communicate with an aggregation server through an intermediate layer of relays. We consider a more general setting with arbitrary heterogeneous data assignment across users, where `arbitrary' means that the data assignment is given in advance and `heterogeneous' means that the users may hold different numbers of datasets. Each user locally computes the partially aggregated gradients as its input based on the assigned datasets and transmits masked input to its associated relay. The relays then forward the aggregated messages to the server, which aims to recover the sum of the gradients. In this process, while some users may drop out unpredictably, the server needs to correctly recover the desired aggregation from the surviving users. Moreover, the server or any relay may collude with a subset of users. We impose the following security constraints: (i) server security, requiring the server to learn only the sum of gradients without gaining any additional information about individual inputs; and (ii) relay security, ensuring that each relay learns nothing about users' inputs. Under these constraints, we propose an aggregation scheme that guarantees information theoretic security and achieves the optimal two-layer communication loads.