79,237 research outputs found
Secure aggregation of distributed information: How a team of agents can safely share secrets in front of a spy
We consider the generic problem of Secure Aggregation of Distributed
Information (SADI), where several agents acting as a team have information
distributed among them, modeled by means of a publicly known deck of cards
distributed among the agents, so that each of them knows only her cards. The
agents have to exchange and aggregate the information about how the cards are
distributed among them by means of public announcements over insecure
communication channels, intercepted by an adversary "eavesdropper", in such a
way that the adversary does not learn who holds any of the cards. We present a
combinatorial construction of protocols that provides a direct solution of a
class of SADI problems and develop a technique of iterated reduction of SADI
problems to smaller ones which are eventually solvable directly. We show that
our methods provide a solution to a large class of SADI problems, including all
SADI problems with sufficiently large size and sufficiently balanced card
distributions
The Capacity Region of Information Theoretic Secure Aggregation with Uncoded Groupwise Keys
This paper considers the secure aggregation problem for federated learning
under an information theoretic cryptographic formulation, where distributed
training nodes (referred to as users) train models based on their own local
data and a curious-but-honest server aggregates the trained models without
retrieving other information about users' local data. Secure aggregation
generally contains two phases, namely key sharing phase and model aggregation
phase. Due to the common effect of user dropouts in federated learning, the
model aggregation phase should contain two rounds, where in the first round the
users transmit masked models and, in the second round, according to the
identity of surviving users after the first round, these surviving users
transmit some further messages to help the server decrypt the sum of users'
trained models. The objective of the considered information theoretic
formulation is to characterize the capacity region of the communication rates
in the two rounds from the users to the server in the model aggregation phase,
assuming that key sharing has already been performed offline in prior. In this
context, Zhao and Sun completely characterized the capacity region under the
assumption that the keys can be arbitrary random variables. More recently, an
additional constraint, known as "uncoded groupwise keys," has been introduced.
This constraint entails the presence of multiple independent keys within the
system, with each key being shared by precisely S users. The capacity region
for the information-theoretic secure aggregation problem with uncoded groupwise
keys was established in our recent work subject to the condition S > K - U,
where K is the number of total users and U is the designed minimum number of
surviving users. In this paper we fully characterize of the the capacity region
for this problem by proposing a new converse bound and an achievable scheme.Comment: 37 pages, 3 figure
Perfectly secure data aggregation via shifted projections
We study a general scenario where confidential information is distributed
among a group of agents who wish to share it in such a way that the data
becomes common knowledge among them but an eavesdropper intercepting their
communications would be unable to obtain any of said data. The information is
modelled as a deck of cards dealt among the agents, so that after the
information is exchanged, all of the communicating agents must know the entire
deal, but the eavesdropper must remain ignorant about who holds each card.
Valentin Goranko and the author previously set up this scenario as the secure
aggregation of distributed information problem and constructed weakly safe
protocols, where given any card , the eavesdropper does not know with
certainty which agent holds . Here we present a perfectly safe protocol,
which does not alter the eavesdropper's perceived probability that any given
agent holds . In our protocol, one of the communicating agents holds a
larger portion of the cards than the rest, but we show how for infinitely many
values of , the number of cards may be chosen so that each of the agents
holds more than cards and less than
Secure Distributed Network Optimization Against Eavesdroppers
We present a new algorithmic framework for distributed network optimization in the presence of eavesdropper adversaries, also known as passive wiretappers. In this setting, the adversary is listening to the traffic exchanged over a fixed set of edges in the graph, trying to extract information on the private input and output of the vertices. A distributed algorithm is denoted as f-secure, if it guarantees that the adversary learns nothing on the input and output for the vertices, provided that it controls at most f graph edges.
Recent work has presented general simulation results for f-secure algorithms, with a round overhead of D^?(f), where D is the diameter of the graph. In this paper, we present a completely different white-box, and yet quite general, approach for obtaining f-secure algorithms for fundamental network optimization tasks. Specifically, for n-vertex D-diameter graphs with (unweighted) edge-connectivity ?(f), there are f-secure congest algorithms for computing MST, partwise aggregation, and (1+?) (weighted) minimum cut approximation, within O?(D+f ?n) congest rounds, hence nearly tight for f = O?(1).
Our algorithms are based on designing a secure algorithmic-toolkit that leverages the special structure of congest algorithms for global optimization graph problems. One of these tools is a general secure compiler that simulates light-weight distributed algorithms in a congestion-sensitive manner. We believe that these tools set the ground for designing additional secure solutions in the congest model and beyond
Secure and Privacy-Preserving Data Aggregation Protocols for Wireless Sensor Networks
This chapter discusses the need of security and privacy protection mechanisms
in aggregation protocols used in wireless sensor networks (WSN). It presents a
comprehensive state of the art discussion on the various privacy protection
mechanisms used in WSNs and particularly focuses on the CPDA protocols proposed
by He et al. (INFOCOM 2007). It identifies a security vulnerability in the CPDA
protocol and proposes a mechanism to plug that vulnerability. To demonstrate
the need of security in aggregation process, the chapter further presents
various threats in WSN aggregation mechanisms. A large number of existing
protocols for secure aggregation in WSN are discussed briefly and a protocol is
proposed for secure aggregation which can detect false data injected by
malicious nodes in a WSN. The performance of the protocol is also presented.
The chapter concludes while highlighting some future directions of research in
secure data aggregation in WSNs.Comment: 32 pages, 7 figures, 3 table
Scalable and Secure Aggregation in Distributed Networks
We consider the problem of computing an aggregation function in a
\emph{secure} and \emph{scalable} way. Whereas previous distributed solutions
with similar security guarantees have a communication cost of , we
present a distributed protocol that requires only a communication complexity of
, which we prove is near-optimal. Our protocol ensures perfect
security against a computationally-bounded adversary, tolerates
malicious nodes for any constant (not
depending on ), and outputs the exact value of the aggregated function with
high probability
Turbo-Aggregate: Breaking the Quadratic Aggregation Barrier in Secure Federated Learning
Federated learning is a distributed framework for training machine learning
models over the data residing at mobile devices, while protecting the privacy
of individual users. A major bottleneck in scaling federated learning to a
large number of users is the overhead of secure model aggregation across many
users. In particular, the overhead of the state-of-the-art protocols for secure
model aggregation grows quadratically with the number of users. In this paper,
we propose the first secure aggregation framework, named Turbo-Aggregate, that
in a network with users achieves a secure aggregation overhead of
, as opposed to , while tolerating up to a user dropout
rate of . Turbo-Aggregate employs a multi-group circular strategy for
efficient model aggregation, and leverages additive secret sharing and novel
coding techniques for injecting aggregation redundancy in order to handle user
dropouts while guaranteeing user privacy. We experimentally demonstrate that
Turbo-Aggregate achieves a total running time that grows almost linear in the
number of users, and provides up to speedup over the
state-of-the-art protocols with up to users. Our experiments also
demonstrate the impact of model size and bandwidth on the performance of
Turbo-Aggregate
A Survey on Wireless Sensor Network Security
Wireless sensor networks (WSNs) have recently attracted a lot of interest in
the research community due their wide range of applications. Due to distributed
nature of these networks and their deployment in remote areas, these networks
are vulnerable to numerous security threats that can adversely affect their
proper functioning. This problem is more critical if the network is deployed
for some mission-critical applications such as in a tactical battlefield.
Random failure of nodes is also very likely in real-life deployment scenarios.
Due to resource constraints in the sensor nodes, traditional security
mechanisms with large overhead of computation and communication are infeasible
in WSNs. Security in sensor networks is, therefore, a particularly challenging
task. This paper discusses the current state of the art in security mechanisms
for WSNs. Various types of attacks are discussed and their countermeasures
presented. A brief discussion on the future direction of research in WSN
security is also included.Comment: 24 pages, 4 figures, 2 table
- âŠ