Practical Secure Aggregation by Combining Cryptography and Trusted Execution Environments
- URL: http://arxiv.org/abs/2504.08325v1
- Date: Fri, 11 Apr 2025 07:49:09 GMT
- Title: Practical Secure Aggregation by Combining Cryptography and Trusted Execution Environments
- Authors: Romain de Laage, Peterson Yuhala, François-Xavier Wicht, Pascal Felber, Christian Cachin, Valerio Schiavoni,
- Abstract summary: Secure aggregation enables a group of mutually distrustful parties, each holding private inputs, to collaboratively compute an aggregate value.<n>A major challenge in adopting secure aggregation approaches for practical applications is the significant computational overhead of the underlying cryptographic protocols.<n> Hardware-based security techniques such as trusted execution environments (TEEs) enable computation at near-native speeds.<n>In this work, we introduce several secure aggregation architectures that integrate both cryptographic and TEE-based techniques.
- Score: 1.3068730884406587
- License: http://creativecommons.org/licenses/by-nc-nd/4.0/
- Abstract: Secure aggregation enables a group of mutually distrustful parties, each holding private inputs, to collaboratively compute an aggregate value while preserving the privacy of their individual inputs. However, a major challenge in adopting secure aggregation approaches for practical applications is the significant computational overhead of the underlying cryptographic protocols, e.g. fully homomorphic encryption. This overhead makes secure aggregation protocols impractical, especially for large datasets. In contrast, hardware-based security techniques such as trusted execution environments (TEEs) enable computation at near-native speeds, making them a promising alternative for reducing the computational burden typically associated with purely cryptographic techniques. Yet, in many scenarios, parties may opt for either cryptographic or hardware-based security mechanisms, highlighting the need for hybrid approaches. In this work, we introduce several secure aggregation architectures that integrate both cryptographic and TEE-based techniques, analyzing the trade-offs between security and performance.
Related papers
- Secure Aggregation in Federated Learning using Multiparty Homomorphic Encryption [17.98928470989766]
A key operation in federated learning is the aggregation of gradient vectors generated by individual client nodes.<n>We develop a method based on multiparty homomorphic encryption (MPHE) that enables the central node to compute this aggregate.<n>We extend classical MPHE methods so that the decryption of the aggregate vector can be successful even when only a subset of client nodes are available.
arXiv Detail & Related papers (2025-03-01T18:19:25Z) - Encrypted Computation of Collision Probability for Secure Satellite Conjunction Analysis [0.5497663232622965]
The accuracy and precision of $mathcalP_c$ computations is often compromised by limitations in computational resources and data availability.<n>Our proposed protocol, Encrypted $mathcalP_c$, integrates the Monte Carlo estimation algorithm with cryptographic solutions.<n>This research advances secure conjunction analysis by developing a secure MPC protocol for $mathcalP_c$ computation.
arXiv Detail & Related papers (2025-01-13T16:48:22Z) - The Communication-Friendly Privacy-Preserving Machine Learning against Malicious Adversaries [14.232901861974819]
Privacy-preserving machine learning (PPML) is an innovative approach that allows for secure data analysis while safeguarding sensitive information.
We introduce efficient protocol for secure linear function evaluation.
We extend the protocol to handle linear and non-linear layers, ensuring compatibility with a wide range of machine-learning models.
arXiv Detail & Related papers (2024-11-14T08:55:14Z) - Coding-Based Hybrid Post-Quantum Cryptosystem for Non-Uniform Information [53.85237314348328]
We introduce for non-uniform messages a novel hybrid universal network coding cryptosystem (NU-HUNCC)
We show that NU-HUNCC is information-theoretic individually secured against an eavesdropper with access to any subset of the links.
arXiv Detail & Related papers (2024-02-13T12:12:39Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - HasTEE+ : Confidential Cloud Computing and Analytics with Haskell [50.994023665559496]
Confidential computing enables the protection of confidential code and data in a co-tenanted cloud deployment using specialized hardware isolation units called Trusted Execution Environments (TEEs)
TEEs offer low-level C/C++-based toolchains that are susceptible to inherent memory safety vulnerabilities and lack language constructs to monitor explicit and implicit information-flow leaks.
We address the above with HasTEE+, a domain-specific language (cla) embedded in Haskell that enables programming TEEs in a high-level language with strong type-safety.
arXiv Detail & Related papers (2024-01-17T00:56:23Z) - Secure Synthesis of Distributed Cryptographic Applications (Technical Report) [1.9707603524984119]
We advocate using secure program partitioning to synthesize cryptographic applications.
This approach is promising, but formal results for the security of such compilers are limited in scope.
We develop a compiler security proof that handles subtleties essential for robust, efficient applications.
arXiv Detail & Related papers (2024-01-06T02:57:44Z) - AHSecAgg and TSKG: Lightweight Secure Aggregation for Federated Learning Without Compromise [7.908496863030483]
AHSecAgg is a lightweight secure aggregation protocol using additive homomorphic masks.
TSKG is a lightweight Threshold Signature based masking key generation method.
arXiv Detail & Related papers (2023-12-08T10:06:17Z) - SOCI^+: An Enhanced Toolkit for Secure OutsourcedComputation on Integers [50.608828039206365]
We propose SOCI+ which significantly improves the performance of SOCI.
SOCI+ employs a novel (2, 2)-threshold Paillier cryptosystem with fast encryption and decryption as its cryptographic primitive.
Compared with SOCI, our experimental evaluation shows that SOCI+ is up to 5.4 times more efficient in computation and 40% less in communication overhead.
arXiv Detail & Related papers (2023-09-27T05:19:32Z) - A Survey of Secure Computation Using Trusted Execution Environments [80.58996305474842]
This article provides a systematic review and comparison of TEE-based secure computation protocols.
We first propose a taxonomy that classifies secure computation protocols into three major categories, namely secure outsourced computation, secure distributed computation and secure multi-party computation.
Based on these criteria, we review, discuss and compare the state-of-the-art TEE-based secure computation protocols for both general-purpose computation functions and special-purpose ones.
arXiv Detail & Related papers (2023-02-23T16:33:56Z) - ByzSecAgg: A Byzantine-Resistant Secure Aggregation Scheme for Federated
Learning Based on Coded Computing and Vector Commitment [90.60126724503662]
ByzSecAgg is an efficient secure aggregation scheme for federated learning.
ByzSecAgg is protected against Byzantine attacks and privacy leakages.
arXiv Detail & Related papers (2023-02-20T11:15:18Z) - Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive
Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient.
We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.