Secure Aggregation (SA) is a key component of privacy-friendly federated learning applications, where the server learns the sum of many user-supplied gradients, while individual gradients are kept private. State-of-the-art SA protocols protect individual inputs with zero-sum random shares that are distributed across users, have a per-user overhead that is logarithmic in the number of users, and take more than 5 rounds of interaction. In this paper, we introduce LISA, an SA protocol that leverages a source of public randomness to minimize per-user overhead and the number of rounds. In particular, LISA requires only two rounds and has a communication overhead that is asymptotically equal to that of a non-private protocol -- one where inputs are provided to the server in the clear -- for most of the users. In a nutshell, LISA uses public randomness to select a subset of the users -- a committee -- that aid the server to recover the aggregated input. Users blind their individual contributions with randomness shared with each of the committee members; each committee member provides the server with an aggregate of the randomness shared with each user. Hence, as long as one committee member is honest, the server cannot learn individual inputs but only the sum of threshold-many inputs. We compare LISA with state-of-the-art SA protocols both theoretically and by means of simulations and present results of our experiments. We also integrate LISA in a Federated Learning pipeline and compare its performance with a non-private protocol.

翻译：安全聚合（Secure Aggregation, SA）是注重隐私的联邦学习应用中的关键组件，服务器可学习多个用户提供梯度的总和，同时个体梯度保持私有。现有最优SA协议通过分布在用户间的零和随机份额保护个体输入，每个用户的开销与用户数量呈对数关系，且需要超过5轮交互。本文提出LISA协议，利用公共随机源最小化单个用户开销及交互轮数。具体而言，LISA仅需两轮通信，且对多数用户而言，其通信开销渐近等于非隐私协议（即服务器直接获取明文输入）。核心思想是：LISA通过公共随机性选取用户子集（委员会）协助服务器恢复聚合输入。用户使用与每位委员会成员共享的随机数掩盖个体贡献；每位委员会成员向服务器提供其与各用户共享随机数的聚合值。因此，只要有一名委员会成员诚实，服务器便无法获取个体输入，仅能获得超过阈值的输入总和。我们从理论及仿真实验两方面比较LISA与现有最优SA协议，并展示实验结果。同时，我们将LISA集成至联邦学习流水线，并与非隐私协议进行性能对比。