Privacy-Preserving Average Consensus via State Decomposition

Average consensus underpins key functionalities of distributed systems ranging from distributed information fusion, decision-making, distributed optimization, to load balancing and decentralized control. Existing distributed average consensus algorithms require each node to exchange and disclose state information to its neighbors, which is undesirable in cases where the state is private or contains sensitive information. In this paper, we propose a novel approach that avoids disclosing individual state information in average consensus by letting each node decompose its state into two sub-states. For each node, one of the two sub-states involves in computation and inter-node interactions as if it were the original state, while the other sub-state interacts only with the first sub-state of the same node, being completely invisible to other nodes. The initial values of the two sub-states are chosen randomly but with their mean fixed to the initial value of the original state, which is key to guarantee convergence to the desired consensus value. In direct contrast to differential-privacy based privacy-preserving average-consensus approaches which enable privacy by compromising accuracy in the consensus value, the proposed approach can guarantee convergence to the \emph{exact} desired value without any error. Not only is the proposed approach able to prevent the disclosure of a node's initial state to honest-but-curious neighbors, it can also provide protection against inference by external eavesdroppers able to wiretap communication links. Numerical simulations demonstrate the effectiveness of the approach and its advantages over state-of-the-art counterparts.