We study the hierarchical secure aggregation problem with groupwise keys. The problem consists of an aggregation server, $U$ relays, and $UV$ users, where each relay serves $V$ disjoint users, and each subset of $G$ users shares an independent groupwise key. Two security requirements are imposed: relay security and server security. Specifically, each relay must not learn any information about the users' inputs, and the server must not learn any additional information beyond the recovered sum of all inputs. We first show that the problem is infeasible when $G = 1$. For the feasible regime $1 < G \le UV$, we fully characterize the optimal rate region. In particular, we prove that both each user and each relay must transmit at least one symbol per input symbol. Furthermore, we characterize the minimum required groupwise key rate as $\max\left\{\frac{V}{\binom{UV}{G} - \binom{(U-1)V}{G}},\; \frac{U - 1}{\binom{UV}{G} - U \binom{V}{G}}\right\},$ where the two terms correspond to the constraints imposed by relay security and server security, respectively. For achievability, we propose an explicit linear coding scheme based on structured precoding matrices, and show that it satisfies both correctness and security requirements. The construction avoids permutation-based symmetrization by leveraging sufficiently generic matrix designs over large fields. Finally, we establish a matching converse, thereby characterizing the optimal rate region.

翻译：暂无翻译