Algorithm-Level Confidentiality for Average Consensus on Time-Varying Directed Graphs

We represent a network of $N$ agents as a sequence of time-varying directed graphs $\{\mathcal{G}(k)=(\mathcal{V},\,\mathcal{E}(k))\}$ where $\mathcal{V}=\{1,2,\ldots,N\}$ is the set of agents and $k=0,1,\ldots$ is the time index. $\mathcal{E}(k)\subset\mathcal{V}\times\mathcal{V}$ is the edge set at time $k$, whose elements are such that $(i,\,j)\in\mathcal{E}(k)$ holds if and only if there exists a directed edge from agent $j$ to agent $i$ at time $k$, i.e., agent $j$ can send messages to agent $i$ at time $k$. For notational convenience, we assume that there are no self edges, i.e., $(i,\,i)\notin\mathcal{E}(k)$ for all $k$ and $i\in\mathcal{V}$. At time $k$, each edge $(i,\,j)\in\mathcal{E}(k)$ has an associated weight, $p_{ij}(k)>0$. The out-neighbor set of agent $i$ at time $k$, which represents the set of agents that can receive messages from agent $i$ at time $k$, is denoted as $\mathcal{N}_{i}^{out}(k)=\{j\in\mathcal{V}\,|\,(j,\,i)\in\mathcal{E}(k)\}$. Similarly, at time $k$, the in-neighbor set of agent $i$, which represents the set of agents that can send messages to agent $i$ at time $k$, is denoted as $\mathcal{N}_{i}^{in}(k)=\{j\in\mathcal{V}\,|\,(i,\,j)\in\mathcal{E}(k)\}$. From the above definitions, it can be obtained that $i\in\mathcal{N}_{j}^{out}(k)$ and $j\in\mathcal{N}_{i}^{in}(k)$ are equivalent. Agent $i$’s out-degree at time instant $k$ is represented by $D_{i}^{out}(k)=|\mathcal{N}_{i}^{out}(k)|$ and its in-degree is represented by $D_{i}^{in}(k)=|\mathcal{N}_{i}^{in}(k)|$, where $|\mathcal{S}|$ is the cardinality of the set $\mathcal{S}$.

At iteration $k$, the incidence matrix $\mathbf{C}(k)=[c_{il}(k)]_{N\times E(k)}$ for graph $\mathcal{G}(k)=(\mathcal{V},\mathcal{E}(k))$ is defined as

where $E(k)=|\mathcal{E}(k)|$ represents the number of edges in $\mathcal{E}(k)$. Note that the $l$-th column of $\mathbf{C}(k)$ is corresponding to the $l$-th edge in $\mathcal{E}(k)$, and the sum of each column of $\mathbf{C}(k)$ is $0$, i.e., $\mathbf{1}^{T}\mathbf{C}(k)=\mathbf{0}^{T}$.

For a sequence of time-varying directed graphs $\{\mathcal{G}(k)=(\mathcal{V},\,\mathcal{E}(k))\}$, we define $\mathcal{E}_{\infty}$ as the set of directed edges $(i,\,j)$ that exist for infinitely many time instants, i.e.,

We focus on time-varying directed graphs which satisfy the following assumptions:

The conventional push-sum considers $N$ agents interacting on a constant directed graph $\mathcal{G}=(\mathcal{V},\,\mathcal{E})$, with each agent having an initial state $x_{i}^{0}$ ($i=1,2,\ldots,N$) [46, 47]. Represent the average value of all initial states as $\bar{x}^{0}={\sum_{j=1}^{N}x_{j}^{0}}/N$. The conventional push-sum algorithm conducts two iterative computations simultaneously, and allows each agent to obtain the exact average of the initial values $\bar{x}^{0}$ in an asymptotic way. This mechanism is summarized in Algorithm 0 below:

For the sake of notational simplicity, we rewrite (3) in the following more compact form:

where $\mathbf{s}(k)=[s_{1}(k),s_{2}(k),\ldots,s_{N}(k)]^{T}$ and $\mathbf{w}(k)=[w_{1}(k),w_{2}(k),\ldots,w_{N}(k)]^{T}$, and $\mathbf{P}=[p_{ij}]$. From Algorithm 0, we have $\mathbf{s}(0)=[x_{1}^{0},x_{2}^{0},\ldots,x_{N}^{0}]^{T}$ and $\mathbf{w}(0)=\mathbf{1}$. We can also obtain that the matrix $\mathbf{P}$ is column-stochastic, i.e., $\sum_{i=1}^{N}p_{ij}=1$ holds for $j=1,2,\ldots,N$.

At iteration step $k$, each agent computes the ratio $\pi_{i}(k+1)=s_{i}(k+1)/w_{i}(k+1)$ to estimate the average value $\bar{x}^{0}={\sum_{j=1}^{N}x_{j}^{0}}/N$. Since $\mathcal{G}$ is assumed to be a strongly connected directed graph, $\mathbf{P}^{k}$ will converge to a rank-$1$ matrix exponentially fast [48, 49]. Defining $\mathbf{P}^{\infty}$ as the limit of $\mathbf{P}^{k}$ as $k\rightarrow\infty$, we can obtain the form of $\mathbf{P}^{\infty}$ as $\mathbf{P}^{\infty}=\mathbf{v}\mathbf{1}^{T}$ where $\mathbf{v}=[v_{1},v_{2},\ldots,v_{N}]^{T}$. Using the facts $\mathbf{s}(k)=\mathbf{P}^{k}\mathbf{s}(0)$ and $\mathbf{w}(k)=\mathbf{P}^{k}\mathbf{w}(0)$, we can further have [50]:

where $[\mathbf{P}^{\infty}\mathbf{s}(0)]_{i}$ and $[\mathbf{P}^{\infty}\mathbf{w}(0)]_{i}$ represent the $i$-th element of vector $\mathbf{P}^{\infty}\mathbf{s}(0)$ and vector $\mathbf{P}^{\infty}\mathbf{w}(0)$, respectively. Hence, all estimates $\pi_{1}(k),\pi_{2}(k),\ldots,\pi_{N}(k)$ will asymptotically converge to the average $\bar{x}^{0}={\sum_{j=1}^{N}x_{j}^{0}}/N$.

In this paper, we will address average consensus under time-varying directed graphs while protecting the confidentiality of participating agents against adversaries. To this end, we first present some assumptions and definitions.

Our definition of confidentiality requires perfect indistinguishability of a target agent’s different initial states from the viewpoint of honest-but-curious adversaries $\mathcal{A}$, and, therefore, is more stringent than the confidentiality definition in [31, 32, 51, 52, 53] which defines confidentiality as the inability of an adversary to uniquely determine the sensitive value.

We next show that the conventional push-sum is not confidential. From (3) and (4), an honest-but-curious agent $i$ can receive $p_{ij}s_{j}(0)$ and $p_{ij}w_{j}(0)$ from its in-neighbor agent $j$ after the first iteration step $k=0$. Then agent $i$ is able to uniquely determine $x_{j}^{0}$ by $x_{j}^{0}=s_{j}(0)=\frac{p_{ij}s_{j}(0)}{p_{ij}w_{j}(0)}$ using the fact $w_{j}(0)=1$. Therefore, an honest-but-curious agent can always infer the initial values of all its in-neighbors, and hence the conventional push-sum algorithm cannot provide confidentiality against honest-but-curious adversaries. It is worth noting that using a similar argument, we can also obtain that the conventional push-sum is not confidential even when the weight is allowed to be time-varying (e.g., [47].)

The analysis above reveals that using the same weight $p_{ij}$ for both $p_{ij}s_{j}(0)$ and $p_{ij}w_{j}(0)$ discloses the initial state value. Motivated by this observation and the work in [29], here we introduce a novel confidential average consensus algorithm which injects randomness in the dynamics of interactions in iterations $k=0,\ldots,K$. Note that here $K$ is a non-negative integer and is known to every agent. Its influence will be discussed in detail in Remark 11 and Remark 12.

Setting $\Delta s_{ji}(k)$, $\Delta w_{ji}(k)$, and $p_{ji}(k)$ to $0$ for $j\notin\mathcal{N}_{i}^{out}(k)\cup\{i\}$, we can rewrite the update rules of $\mathbf{s}(k)$ for $k\geq K+1$ and $\mathbf{w}(k)$ for $k\geq 0$ as

Denoting $\mathbf{s}(k)$, $\mathbf{w}(k)$, and $\mathbf{P}(k)$ as $\mathbf{s}(k)=[s_{1}(k)\,\cdots\,s_{N}(k)]^{T}$, $\mathbf{w}(k)=[w_{1}(k)\,\cdots\,w_{N}(k)]^{T}$, and $\mathbf{P}(k)=[p_{ij}(k)]_{N\times N}$, we can further rewrite (8) into a matrix form

For iteration $k=0$, we have $\mathbf{s}(0)=[x_{1}^{0},x_{2}^{0},\ldots,x_{N}^{0}]^{T}$ and $\mathbf{w}(0)=\mathbf{1}$. From Algorithm 1, we know that $\mathbf{P}(k)$ in (9) is time-varying and column-stochastic for $k\geq 0$.

Defining the transition matrix as follows

for all $k$ and $t$ with $k\geq t$, where $\mathbf{\Phi}(k:k)=\mathbf{P}(k)$, we can rewrite (9) as

Next we prove that Algorithm 1 can guarantee that the estimates of all agents converge to the exact average value of initial values. We will also analyze the rate of convergence of Algorithm 1. Using the convergence definition in [43] and [54], we define the rate of convergence to be at least $\gamma\in(0,\,1)$ if there exists a positive constant value $C$ such that $\big{\|}\boldsymbol{\pi}(k)-\bar{x}^{0}\mathbf{1}\big{\|}\leq C\gamma^{k}$ is true for all $k$, where $\boldsymbol{\pi}(k)=[\pi_{1}(k),\ldots,\pi_{N}(k)]^{T}$ and $\bar{x}^{0}={\sum_{j=1}^{N}x_{j}^{0}}/N$ is the average value. Note that this definition means a smaller $\gamma$ corresponding to a faster convergence. To analyze the convergence rate of Algorithm 1, we first introduce Lemma 1 below:

Proof: For $k\geq 1$, from (11) we have

Represent $\delta(k)$ as

for $k\geq 1$. To prove $w_{i}(k)\geq\varepsilon^{T(N-1)}$ for $k\geq 1$, it is sufficient to prove $\delta(k)\geq\varepsilon^{T(N-1)}$ for $k\geq 1$. We divide our proof into two parts: $1\leq k\leq T(N-1)$ and $k\geq T(N-1)+1$.

Part 1: $\delta(k)\geq\varepsilon^{T(N-1)}$ for $1\leq k\leq T(N-1)$. One can verify that the following relationship holds

Given $[\mathbf{\Phi}(0:0)]_{ii}=[\mathbf{P}(0)]_{ii}\geq\varepsilon$, one can obtain $[\mathbf{\Phi}(k-1:0)]_{ii}\geq\varepsilon^{k}$. Therefore, it follows that

is true for $i=1,\ldots,N$ and $1\leq k\leq T(N-1)$, implying $\delta(k)\geq\varepsilon^{T(N-1)}$ for $1\leq k\leq T(N-1)$.

Part 2: $\delta(k)\geq\varepsilon^{T(N-1)}$ for $k\geq T(N-1)+1$. Under Assumptions 1 and 2, and the requirements on weights $p_{ij}(k)$ in Algorithm 1, and following the arguments in Lemma 2 in [55], we can obtain

for $1\leq i,\,j\leq N$. Since $k\geq T(N-1)+1$ holds and $\mathbf{P}(k)$ is a column-stochastic matrix,

should also be a column-stochastic matrix. Further using the fact $\mathbf{\Phi}(k-1:0)=\mathbf{\Phi}(k-1:k-T(N-1))\mathbf{\Phi}(k-T(N-1)-1:0)$ leads to $[\mathbf{\Phi}(k-1:0)]_{ij}\geq\varepsilon^{T(N-1)}$ for $1\leq i,\,j\leq N$. Therefore, we have

for $i=1,\ldots,N$, meaning $\delta(k)\geq\varepsilon^{T(N-1)}$ for $k\geq T(N-1)+1$.

Based on $\delta(k)\geq\varepsilon^{T(N-1)}$ for $k\geq 1$, we can obtain $w_{i}(k)\geq\varepsilon^{T(N-1)}$ for $k\geq 1$. In summary, we always have $w_{i}(k)\geq\varepsilon^{T(N-1)}$ for $k\geq 1$. $\blacksquare$

Proof: From (6), we have

for $k\leq K$ where in the derivation we used the property ${\rm frac}(x+y)={\rm frac}(x+{\rm frac}(y))={\rm frac}({\rm frac}(x)+y)={\rm frac}({\rm frac}(x)+{\rm frac}(y))$ for any $x,\,y\in\mathbb{R}$. According to Assumption 4, $x_{i}^{0}\in[a,\,b]$ holds for each agent $i$. Given $s_{i}(0)=\frac{1}{N^{2}}+\frac{(N-2)(x_{i}^{0}-a)}{(b-a)N^{2}}$, one can obtain $s_{i}(0)\in[\frac{1}{N^{2}},\,\frac{N-1}{N^{2}}]$, leading to

Further combining (19) and (20) yields

Since $\mathbf{P}(k)$ is column stochastic, from (9) we have

for $k\geq 0$. Then we rewrite (11) as

for $l\geq 1$. Under Assumptions 1 and 2, and the requirements on weights $p_{ij}(k)$ in Algorithm 1, following Proposition 1(b) in [56], we know that the transition matrix $\mathbf{\Phi}(K+l:K+1)$ will converge to a stochastic vector $\boldsymbol{\varphi}(K+l)$ with a geometric rate for all $i$ and $j$, i.e., for all $i,j=1,\ldots,N$ and $l\geq 1$, we have

with $C_{0}=2({1+\varepsilon^{-T(N-1)}})/({1-\varepsilon^{T(N-1)}})$ and $\gamma=(1-\varepsilon^{T(N-1)})^{\frac{1}{T(N-1)}}$. Defining $\mathbf{M}(K+l:K+1)$ as

we have

for all $i,j=1,\ldots,N$ and $l\geq 1$. Further combining (25) with (23) leads to

where in the derivation we used $\mathbf{1}^{T}\mathbf{w}(K+1)=N$ from (22). Then from (27), we have