Paper 2023/1936
LERNA: Secure Single-Server Aggregation via Key-Homomorphic Masking
Abstract
This paper introduces LERNA, a new framework for single-server secure aggregation. Our protocols are tailored to the setting where multiple consecutive aggregation phases are performed with the same set of clients, a fraction of which can drop out in some of the phases. We rely on an initial secret sharing setup among the clients which is generated once-and-for-all, and reused in all following aggregation phases. Compared to prior works [Bonawitz et al. CCS’17, Bell et al. CCS’20], the reusable setup eliminates one round of communication between the server and clients per aggregation—i.e., we need two rounds for semi-honest security (instead of three), and three rounds (instead of four) in the malicious model. Our approach also significantly reduces the server’s computational costs by only requiring the reconstruction of a single secret-shared value (per aggregation). Prior work required reconstructing a secret-shared value for each client involved in the computation. We provide instantiations of LERNA based on both the Decisional Composite Residuosity (DCR) and (Ring) Learning with Rounding ((R)LWR) assumptions respectively and evaluate a version based on the latter assumption. In addition to savings in round-complexity (which result in reduced latency), our experiments show that the server computational costs are reduced by two orders of magnitude in comparison to the state-of-the-art. In settings with a large number of clients, we also reduce the computational costs up to twenty-fold for most clients, while a small set of “heavy clients” is subject to a workload that is still smaller than that of prior work.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- A major revision of an IACR publication in ASIACRYPT 2023
- Keywords
- Secure AggregationReusable SetupPrivacy Preserving Machine Learning
- Contact author(s)
-
hanjul @ cs washington edu
rachel @ cs washington edu
antigoni polychroniadou @ jpmorgan com
tessaro @ cs washington edu - History
- 2023-12-21: approved
- 2023-12-21: received
- See all versions
- Short URL
- https://ia.cr/2023/1936
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1936, author = {Hanjun Li and Huijia Lin and Antigoni Polychroniadou and Stefano Tessaro}, title = {{LERNA}: Secure Single-Server Aggregation via Key-Homomorphic Masking}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1936}, year = {2023}, url = {https://eprint.iacr.org/2023/1936} }