Private aggregation at scale with decentralized trust

Large-scale online services increasingly rely on aggregating sensitive user data, for example to support analytics or federated learning. Private aggregation enables such computation without revealing any individual client’s input, but many established designs typically rely on distributing trust among a small set of non-colluding servers or auxiliary infrastructure, which complicates deployment. In this talk, I present a line of work that rethinks private aggregation through client-decentralized trust. The key insight is that, the large population of participating clients can be leveraged as a resource to decentralize trust, and enables aggregation with a single untrusted server. This design choice, however, introduces a central challenge: how to keep the clients lightweight enough for practical deployment on resource-constrained devices. I will describe two systems that embody this approach and address this challenge. Flamingo is a fast multi-round private aggregation system tailored to federated learning setting. Armadillo extends this line of work with robustness against disruptive clients in the system.