Perfectly-Private Analog Secure Aggregation in Federated Learning

In federated learning, multiple parties train models locally and share their parameters with a central server, which aggregates them to update a global model. To address the risk of exposing sensitive data through local models, secure aggregation via secure multiparty computation has been proposed to enhance privacy. At the same time, perfect privacy can only be achieved by a uniform distribution of the masked local models to be aggregated. This raises a problem when working with real valued data, as there is no measure on the reals that is invariant under the masking operation, and hence information leakage is bound to occur. Shifting the data to a finite field circumvents this problem, but as a downside runs into an inherent accuracy complexity tradeoff issue due to fixed point modular arithmetic as opposed to floating point numbers that can simultaneously handle numbers of varying magnitudes. In this paper, a novel secure parameter aggregation method is proposed that employs the torus rather than a finite field. This approach guarantees perfect privacy for each party's data by utilizing the uniform distribution on the torus, while avoiding accuracy losses. Experimental results show that the new protocol performs similarly to the model without secure aggregation while maintaining perfect privacy. Compared to the finite field secure aggregation, the torus-based protocol can in some cases significantly outperform it in terms of model accuracy and cosine similarity, hence making it a safer choice.

Single-Server Pliable Private Information Retrieval with Identifiable Side Information

In Pliable Private Information Retrieval (PPIR) with a single server, messages are partitioned into $\Gamma$ non-overlapping classes \cite{ref5}. The user wants to retrieve a message from its desired class without revealing the identity of the desired class to the server. In \cite{ref6}, Obead et al. consider the problem of PPIR with Side Information (PPIR-SI), where the user now has side information. The user wants to retrieve any new message (not included in the side information) from its desired class without revealing the identity of the desired class and its side information. A scheme for the PPIR-SI is given in \cite{ref6} for the case when the users side information is unidentified, and this case is referred to as PPIR with Unidentifiable SI (PPIR-USI). In this paper, we study the problem of PPIR for the single server case when the side information is partially identifiable, and we term this case as PPIR with Identifiable Side Information (PPIR-ISI). The user is well aware of the identity of the side information belonging to $\eta$ number of classes, where $1\leq \eta \leq \Gamma$. We give a scheme for PPIR-ISI, and we prove that having identifiable side information is advantageous by comparing the rate of the proposed scheme to the rate of the PPIR-USI scheme given in \cite{ref6} for some cases. Further, we extend the problem of PPIR-ISI for multi-user case, where users can collaboratively generate the query sets, and we give a scheme for this problem.

On Cache-Aided Multi-User Private Information Retrieval with Small Caches

In this paper, we propose a scheme for the problem of cache-aided multi-user private information retrieval with small caches, in which $K$ users are connected to $S$ non-colluding databases via shared links. Each database contains a set of $N$ files, and each user has a dedicated cache of size equivalent to the size of $M$ files. All the users want to retrieve a file without revealing their demands to the databases. During off-peak hours, all the users will fill their caches, and when required, users will demand their desired files by cooperatively generating query sets for each database. After receiving the transmissions from databases, all the users should get their desired files using transmitted data and their cache contents. This problem has been studied in [X. Zhang, K. Wan, H. Sun, M. Ji and G. Caire, \tqt{Fundamental limits of cache-aided multiuser private information retrieval}, IEEE Trans. Commun., 2021], in which authors proposed a product design scheme. In this paper, we propose a scheme that gives a better rate for a particular value of $M$ than the product design scheme. We consider a slightly different approach for the placement phase. Instead of a database filling the caches of all users directly, a database will broadcast cache content for all users on a shared link, and then the users will decide unitedly which part of the broadcasted content will be stored in the cache of each user. This variation facilitates maintaining the privacy constraint at a reduced rate.