Threshold Homomorphic Encryption (Threshold HE) is a good fit for implementing private federated average aggregation, a key operation in Federated Learning (FL). Despite its potential, recent studies have shown that threshold schemes available in mainstream HE libraries can introduce unexpected security vulnerabilities if an adversary has access to a restricted decryption oracle. This oracle reflects the FL clients' capacity to collaboratively decrypt the aggregated result without knowing the secret key. This work surveys the use of threshold RLWE-based HE for federated average aggregation and examines the performance impact of using smudging noise with a large variance as a countermeasure. We provide a detailed comparison of threshold variants of BFV and CKKS, finding that CKKS-based aggregations perform comparably to BFV-based solutions.

翻译：门限同态加密（Threshold HE）是实现私有联邦平均聚合的理想方案，该操作是联邦学习（FL）中的关键环节。尽管具备潜力，近期研究表明，若攻击者能够访问受限解密预言机，主流同态加密库中提供的门限方案可能引入意料之外的安全漏洞。该预言机反映了FL客户端在不知晓密钥的情况下协同解密聚合结果的能力。本文系统考察了基于RLWE的门限同态加密在联邦平均聚合中的应用，并分析了采用大方差模糊噪声作为防御措施对性能的影响。我们对BFV与CKKS的门限变体进行了详细对比，发现基于CKKS的聚合方案在性能上与基于BFV的解决方案相当。