Federated learning (FL) facilitates collaborative training of machine learning models among a large number of clients while safeguarding the privacy of their local datasets. However, FL remains susceptible to vulnerabilities such as privacy inference and inversion attacks. Single-server secure aggregation schemes were proposed to address these threats. Nonetheless, they encounter practical constraints due to their round and communication complexities. This work introduces Fluent, a round and communication-efficient secure aggregation scheme for private FL. Fluent has several improvements compared to state-of-the-art solutions like Bell et al. (CCS 2020) and Ma et al. (SP 2023): (1) it eliminates frequent handshakes and secret sharing operations by efficiently reusing the shares across multiple training iterations without leaking any private information; (2) it accomplishes both the consistency check and gradient unmasking in one logical step, thereby reducing another round of communication. With these innovations, Fluent achieves the fewest communication rounds (i.e., two in the collection phase) in the malicious server setting, in contrast to at least three rounds in existing schemes. This significantly minimizes the latency for geographically distributed clients; (3) Fluent also introduces Fluent-Dynamic with a participant selection algorithm and an alternative secret sharing scheme. This can facilitate dynamic client joining and enhance the system flexibility and scalability. We implemented Fluent and compared it with existing solutions. Experimental results show that Fluent improves the computational cost by at least 75% and communication overhead by at least 25% for normal clients. Fluent also reduces the communication overhead for the server at the expense of a marginal increase in computational cost.

翻译：联邦学习（FL）支持大量客户端在保护本地数据集隐私的前提下协同训练机器学习模型。然而，联邦学习仍然面临隐私推断和反转攻击等安全威胁。单服务器安全聚合方案被提出用于应对这些风险，但受限于轮次复杂度和通信开销等实际约束。本文提出Fluent——一种面向隐私联邦学习的高轮次与通信效率安全聚合方案。与Bell等（CCS 2020）和Ma等（SP 2023）的最新方案相比，Fluent实现以下改进：（1）通过跨多个训练迭代高效复用份额而不泄露任何隐私信息，消除频繁握手机制与秘密共享操作；（2）将一致性校验与梯度去掩码合并为单一逻辑步骤，从而减少一轮通信。借助这些创新，Fluent在恶意服务器设置下实现最少通信轮次（采集阶段仅需两轮），而现有方案至少需要三轮。这显著降低了地理分布式客户端的通信延迟；（3）Fluent还引入包含参与者选择算法和替代秘密共享方案的Fluent-Dynamic，可支持动态客户端加入并提升系统灵活性与可扩展性。我们实现了Fluent并与现有方案对比，实验结果表明：Fluent使普通客户端的计算开销至少降低75%、通信开销至少减少25%，同时服务器端通信开销虽略有增加但计算成本边际上升。