Willow: Secure Aggregation with One-Shot Clients

James Bell-Clark; Adrià Gascón; Baiyu Li; Mariana Raykova; Phillipp Schoppmann

Paper 2024/936

Willow: Secure Aggregation with One-Shot Clients

James Bell-Clark

, Google (United Kingdom)

Adrià Gascón, Google (United States)

Baiyu Li, Google (United States)

Mariana Raykova, Google (United States)

Phillipp Schoppmann

, Google (United States)

Abstract

A common drawback of secure vector summation protocols in the single-server model is that they impose at least one synchronization point between all clients contributing to the aggregation. This results in clients waiting on each other to advance through the rounds of the protocol, leading to large latency even if the protocol is computationally efficient. In this paper we propose protocols in the single-server model where clients contributing data to the aggregation send a single message to the server in an asynchronous fashion, i.e., without the need for synchronizing their reporting time with any other clients. Our approach is based on a committee of parties, called decryptors, that aid in the computation. Decryptors run a setup phase before data collection starts, and a decryption phase once it ends. Unlike existing committee-based protocols such as Flamingo (S&P 2023), the cost for committee members can be made sub-linear in the number of clients, and does not depend on the size of the input data. Our experimental evaluation shows that our protocol, even while enabling asynchronous client contributions,is competitive with the state of the art protocols that do not have that feature in both computation and communication.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint.
Keywords: Secure aggregation One-shot Homomorphic PRF Additive homomorphic encryption committee based
Contact author(s): jhbell @ google com
adriag @ google com
baiyuli @ google com
marianar @ google com
schoppmann @ google com
History: 2024-06-12: approved; 2024-06-11: received; See all versions
Short URL: https://ia.cr/2024/936
License: CC BY

BibTeX

@misc{cryptoeprint:2024/936,
      author = {James Bell-Clark and Adrià Gascón and Baiyu Li and Mariana Raykova and Phillipp Schoppmann},
      title = {Willow: Secure Aggregation with One-Shot Clients},
      howpublished = {Cryptology ePrint Archive, Paper 2024/936},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/936}},
      url = {https://eprint.iacr.org/2024/936}
}