BZPEERReading, trust and collaboration for research
Menu

Discover

GraphFollow connections around a paper, topic or saved view.

Workspaces

HomePick up where your research flow left off.InboxHandle requests, replies and notifications from one place.CollectionsCurate reading lists, evidence sets and shareable dossiers.ResearchSee your private provenance graph, trail and imports.CollaborationMove from discovery into focused discussion rooms.PublishDraft, preview and publish full-text research articles.

Network

ExpertsFind specialists worth following or asking for help.CommunitiesJoin research circles organized around shared work.PartnersSee external organizations active around the same topics.

Opportunities

ListingsBrowse roles, calls and collaborations with clearer fit signals.

Account

Log inReturn to your reading and collaboration workspace.Create accountStart saving work, following people and joining teams.
Log inCreate account

Researcher profile

Zhou Li

Zhou Li contributes to research discovery and scholarly infrastructure.

ResearcherAffiliation not importedOpen to collaborate
Information Theorymath.ITCryptography and Securitycond-mat.str-elcond-mat.mes-hallcs.CYDistributed, Parallel, and Cluster ComputingMachine LearningNetworking and Internet ArchitecturePerformance

Trust snapshot

Quick read

Trust 21 - EmergingVerification L1Unclaimed author
12works
0followers
10topics
4close collaborators

Actions

Decide how to stay connected

Follow researcher0

Identity and collaboration

How to connect with this researcher

Claiming links this public author record to a researcher profile and unlocks direct collaboration workflows.

Log in to claim

Direct collaboration

Open a focused conversation when the fit is right

Claim this author entity first to unlock direct invitations.

Research graph

See the researcher in context

Open full explorer

Inspect adjacent work, topics, institutions and collaborators without jumping out to a separate graph page.

Building this graph slice

BZPEER is loading the nearby papers, people, topics and institutions for this page.

Published work

12 published item(s)

preprint2026arXiv

Convergent Privacy Framework for Multi-layer GNNs through Contractive Message Passing

Differential privacy (DP) has been integrated into graph neural networks (GNNs) to protect sensitive structural information, e.g., edges, nodes, and associated features across various applications. A prominent approach is to perturb the message-passing process, which forms the core of most GNN architectures. However, existing methods typically incur a privacy cost that grows linearly with the number of layers (e.g., GAP published in Usenix Security'23), ultimately requiring excessive noise to maintain a reasonable privacy level. This limitation becomes particularly problematic when multi-layer GNNs, which have shown better performance than one-layer GNN, are used to process graph data with sensitive information. In this paper, we theoretically establish that the privacy budget converges with respect to the number of layers by applying privacy amplification techniques to the message-passing process, exploiting the contractive properties inherent to standard GNN operations. Motivated by this analysis, we propose a simple yet effective Contractive Graph Layer (CGL) that ensures the contractiveness required for theoretical guarantees while preserving model utility. Our framework, CARIBOU, supports both training and inference, equipped with a contractive aggregation module, a privacy allocation module, and a privacy auditing module. Experimental evaluations demonstrate that CARIBOU significantly improves the privacy-utility trade-off and achieves superior performance in privacy auditing tasks.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

Hierarchical Secure Aggregation with Heterogeneous Security Constraints and Arbitrary User Collusion

In hierarchical secure aggregation (HSA), a server communicates with clustered users through an intermediate layer of relays to compute the sum of users' inputs under two security requirements -- server security and relay security. Server security requires that the server learns nothing beyond the desired sum even when colluding with a subset of users, while relay security requires that each relay remains oblivious to the users' inputs under collusion. Existing work on HSA enforces homogeneous security where \tit{all} inputs must be protected against \tit{any} subset of potential colluding users with sizes up to a predefined threshold. Such a \homo formulation cannot capture scenarios with \tit{\het} \secty \reqs where \diff users may demand various levels of protection. In this paper, we study hierarchical secure aggregation (HSA) with heterogeneous security requirements and arbitrary user collusion. Specifically, we consider scenarios where the inputs of certain groups of users must remain information-theoretically secure against inference by the server or any relay, even if the server or any relay colludes with an arbitrary subset of other users. Under server security, the server learns nothing about these protected inputs beyond the prescribed aggregate sum, despite any such collusion. Under relay security, each relay similarly obtains no information about the protected inputs under the same collusion model. We characterize the optimal communication rates achievable across all layers for all parameter regimes. Furthermore, we study the minimum source keys required at the users to ensure security. For this source key requirement, we provide tight characterizations in two broad regimes determined by the security and collusion constraints, and establish a general information-theoretic lower bound together with a bounded-gap achievable scheme for the remaining regime.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

On the Extremal Source Key Rates for Secure Storage over Graphs

This paper investigates secure storage codes over graphs, where multiple independent source symbols are encoded and stored at graph nodes subject to edge-wise correctness and security constraints. For each edge, a specified subset of source symbols must be recoverable from its two incident nodes, while no information about the remaining sources is revealed. To meet the security requirement, a shared source key may be employed. The ratio between the source symbol size and the source key size defines the source key rate, and the supremum of all achievable rates is referred to as the source key capacity. We study extremal values of the source key capacity in secure storage systems and provide complete graph characterizations for several fundamental settings. For the case where each edge is associated with a single source symbol, we characterize all graphs whose source key capacity equals one. We then generalize this result to the case where each edge is associated with multiple source symbols and identify a broad class of graphs that achieve the corresponding extremal capacity under a mild structural condition. In addition, we characterize all graphs for which secure storage can be achieved without using any source key.

0 citations0 reviewsNo code linkedOpen access
preprint2026arXiv

Optimal Rate Region for Multi-server Secure Aggregation with User Collusion

Secure aggregation is a fundamental primitive in privacy-preserving distributed learning systems, where an aggregator aims to compute the sum of users' inputs without revealing individual data. In this paper, we study a multi-server secure aggregation problem in a two-hop network consisting of multiple aggregation servers and multiple users per server, under the presence of user collusion. Each user communicates only with its associated server, while the servers exchange messages to jointly recover the global sum. We adopt an information-theoretic security framework, allowing up to $T$ users to collude with any server. We characterize the complete optimal rate region in terms of user-to-server communication rate, server-to-server communication rate, individual key rate, and source key rate. Our main result shows that the minimum communication and individual key rates are all one symbol per input symbol, while the optimal source key rate is given by $\min\{U+V+T-2,\, UV-1\}$, where $U$ denotes the number of servers and $V$ the number of users per server. The achievability is established via a linear key construction that ensures correctness and security against colluding users, while the converse proof relies on tight entropy bounds derived from correctness and security constraints. The results reveal a fundamental tradeoff between security and key efficiency and demonstrate that the multi-server architecture can significantly reduce the required key randomness compared to single-server secure aggregation. Our findings provide a complete information-theoretic characterization of secure aggregation in multi-server systems with user collusion.

0 citations0 reviewsNo code linkedOpen access
preprint2022arXiv

On Extremal Rates of Secure Storage over Graphs

A secure storage code maps $K$ source symbols, each of $L_w$ bits, to $N$ coded symbols, each of $L_v$ bits, such that each coded symbol is stored in a node of a graph. Each edge of the graph is either associated with $D$ of the $K$ source symbols such that from the pair of nodes connected by the edge, we can decode the $D$ source symbols and learn no information about the remaining $K-D$ source symbols; or the edge is associated with no source symbols such that from the pair of nodes connected by the edge, nothing about the $K$ source symbols is revealed. The ratio $L_w/L_v$ is called the symbol rate of a secure storage code and the highest possible symbol rate is called the capacity. We characterize all graphs over which the capacity of a secure storage code is equal to $1$, when $D = 1$. This result is generalized to $D> 1$, i.e., we characterize all graphs over which the capacity of a secure storage code is equal to $1/D$ under a mild condition that for any node, the source symbols associated with each of its connected edges do not include a common element. Further, we characterize all graphs over which the capacity of a secure storage code is equal to $2/D$.

0 citations0 reviewsNo code linkedOpen access
preprint2021arXiv

Volcano: Stateless Cache Side-channel Attack by Exploiting Mesh Interconnect

Cache side-channel attacks lead to severe security threats to the settings that a CPU is shared across users, e.g., in the cloud. The existing attacks rely on sensing the micro-architectural state changes made by victims, and this assumption can be invalidated by combining spatial (\eg, Intel CAT) and temporal isolation (\eg, time protection). In this work, we advance the state of cache side-channel attacks by showing stateless cache side-channel attacks that cannot be defeated by both spatial and temporal isolation. This side-channel exploits the timing difference resulted from interconnect congestion. Specifically, to complete cache transactions, for Intel CPUs, cache lines would travel across cores via the CPU mesh interconnect. Nonetheless, the mesh links are shared by all cores, and cache isolation does not segregate the traffic. An attacker can generate interconnect traffic to contend with the victim's on a mesh link, hoping that extra delay will be measured. With the variant delays, the attacker can deduce the memory access pattern of a victim program, and infer its sensitive data. Based on this idea, we implement Volcano and test it against the existing RSA implementations of JDK. We found the RSA private key used by a victim process can be partially recovered. In the end, we propose a few directions for defense and call for the attention of the security community.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

adPerf: Characterizing the Performance of Third-party Ads

Monetizing websites and web apps through online advertising is widespread in the web ecosystem. The online advertising ecosystem nowadays forces publishers to integrate ads from these third-party domains. On the one hand, this raises several privacy and security concerns that are actively studied in recent years. On the other hand, given the ability of today's browsers to load dynamic web pages with complex animations and Javascript, online advertising has also transformed and can have a significant impact on webpage performance. The performance cost of online ads is critical since it eventually impacts user satisfaction as well as their Internet bill and device energy consumption. In this paper, we apply an in-depth and first-of-a-kind performance evaluation of web ads. Unlike prior efforts that rely primarily on adblockers, we perform a fine-grained analysis on the web browser's page loading process to demystify the performance cost of web ads. We aim to characterize the cost by every component of an ad, so the publisher, ad syndicate, and advertiser can improve the ad's performance with detailed guidance. For this purpose, we develop an infrastructure, adPerf, for the Chrome browser that classifies page loading workloads into ad-related and main-content at the granularity of browser activities (such as Javascript and Layout). Our evaluations show that online advertising entails more than 15% of browser page loading workload and approximately 88% of that is spent on JavaScript. We also track the sources and delivery chain of web ads and analyze performance considering the origin of the ad contents. We observe that 2 of the well-known third-party ad domains contribute to 35% of the ads performance cost and surprisingly, top news websites implicitly include unknown third-party ads which in some cases build up to more than 37% of the ads performance cost.

0 citations0 reviewsNo code linkedOpen access
preprint2020arXiv

Conditional Disclosure of Secrets: A Noise and Signal Alignment Approach

In the conditional disclosure of secrets (CDS) problem, Alice and Bob (each holds an input and a common secret) wish to disclose, as efficiently as possible, the secret to Carol if and only if their inputs satisfy some function. The capacity of CDS is the maximum number of bits of the secret that can be securely disclosed per bit of total communication. We characterize the necessary and sufficient condition for the extreme case where the capacity of CDS is the highest and is equal to 1/2. For the simplest instance where the capacity is smaller than 1/2, we show that the linear capacity is 2/5.

0 citations0 reviewsNo code linkedOpen access
preprint2011arXiv

Impact of spin-orbit coupling on the Holstein polaron

We utilize an exact variational numerical procedure to calculate the ground state properties of a polaron in the presence of a Rashba-like spin orbit interaction. Our results corroborate with previous work performed with the Momentum Average approximation and with weak coupling perturbation theory. We find that spin orbit coupling increases the effective mass in the regime with weak electron phonon coupling, and decreases the effective mass in the intermediate and strong electron phonon coupling regime. Analytical strong coupling perturbation theory results confirm our numerical results in the small polaron regime. A large amount of spin orbit coupling can lead to a significant lowering of the polaron effective mass.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Absence of a supercritical regime induced by short-range impurity scattering in gapped graphene

We show that the changes in the electronic density of states (DOS) in graphene induced by impurity scattering with short-range potentials are completely different from those caused by the long-range Coulomb potential. The spectral weight of the state that eventually disappears into the valence band (as the strength of scattering increases) does not transform into a resonance state. Therefore no unusual screening effects related to a redistribution of the density of states in the valence band are observed. The states induced by the short-range impurities in graphene, therefore, have distinctively different properties compared with the long-range potential case. These properties, in fact, closely resemble the case of a short-range single impurity in other bipartite lattices, such as the square, body centered cubic, and simple cubic lattices.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Ground state properties of the Holstein model near the adiabatic limit

We adapt a variational procedure to calculate ground state properties of the Holstein model in the adiabatic limit. At strong coupling, this adaption leads to rapid convergence of results. The intermediate coupling regime is further handled with an adaptive algorithm. We also use semi-classically derived results for the adiabatic end-point, along with weak coupling perturbation theory. These establish weak and strong coupling (or large and small polaron, respectively) regimes in two dimensions or higher. As is well known, these are connected smoothly, but the cross-over becomes increasingly abrupt as the phonon frequency decreases.

0 citations0 reviewsNo code linkedOpen access
preprint2010arXiv

Perturbation theory of the mass enhancement for a polaron coupled to acoustic phonons

We use both a perturbative Green's function analysis and standard perturbative quantum mechanics to calculate the decrease in energy and the effective mass for an electron interacting with acoustic phonons. The interaction is between the difference in lattice displacements for neighbouring ions, and the hopping amplitude for an electron between those two sites. The calculations are performed in one, two, and three dimensions, and comparisons are made with results from other electron-phonon models. We also compute the spectral function and quasiparticle residue, as a function of characteristic phonon frequency. There are strong indications that this model is always polaronic on one dimension, where an unusual relation between the effective mass and the quasiparticle residue is also found.

0 citations0 reviewsNo code linkedOpen access