On the Privacy-Robustness Trade-Off in Distributed Average Consensus

None, None; None, None; None, None

On the Privacy-Robustness Trade-Off in Distributed Average Consensus

Conference Paper (2025)

Author(s)

Z. Palanciyan (Student TU Delft)

Q. Li (Aalborg University)

R. Heusdens (Netherlands Defence Academy, TU Delft - Signal Processing Systems)

Research Group

Signal Processing Systems

DOI related publication

https://doi.org/10.23919/EUSIPCO63237.2025.11226637

Detection Privacy Subspace perturbation Primal-dual method of multipliers (PDMM) Adversary Median absolute deviation (MAD) Privacy-robustness trade-off

To reference this document use:

https://resolver.tudelft.nl/uuid:8915fa99-d1c2-451a-ba8b-27df92302524

More Info

expand_more

Publication Year

2025

Language

English

Research Group

Signal Processing Systems

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository as part of the Taverne amendment. More information about this copyright law amendment can be found at https://www.openaccess.nl. Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.@en

Pages (from-to)

830-834

Publisher

IEEE

ISBN (print)

979-8-3503-9183-1

ISBN (electronic)

978-9-4645-9362-4

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Distributed consensus algorithms face a dual challenge in modern networked systems: safeguarding sensitive data through privacy-preserving mechanisms while maintaining robustness against adversarial nodes (e.g., Byzantine faults). While prior work addresses these goals separately, their interplay remains poorly understood, particularly in scenarios where output accuracy must be preserved. In this work, we reconcile these objectives by integrating a subspace perturbation framework, which guarantees privacy by confining noise to redundant network subspaces, with a median absolute deviation (MAD)-based thresholding mechanism to detect active adversarial nodes transmitting corrupted data. Through in-depth analysis, we demonstrate that enhancing privacy via subspace perturbation inherently limits the discriminative power of MAD-based detection, as adversarial updates become statistically indistinguishable from privacy-preserving perturbations. Numerical simulations quantify this tension, demonstrating that as privacy guarantees strengthen, the ability to detect active adversaries diminishes. These findings highlight a core challenge in distributed consensus—achieving both strong privacy and Byzantine robustness simultaneously is inherently difficult.

Files

On_the_Privacy-Robustness_Trad... (pdf)

(pdf | 0.852 Mb)

License info not available

File under embargo until 17-05-2026