Federated learning (FL) typically relies on synchronous training, which is
slow due to stragglers. While asynchronous training handles stragglers
efficiently, it does not ensure privacy due to the incompatibility with the
secure aggregation protocols. A buffered asynchronous training protocol known
as FedBuff has been proposed recently which bridges the gap between synchronous
and asynchronous training to mitigate stragglers and to also ensure privacy
simultaneously. FedBuff allows the users to send their updates asynchronously
while ensuring privacy by storing the updates in a trusted execution
environment (TEE) enabled private buffer. TEEs, however, have limited memory
which limits the buffer size. Motivated by this limitation, we develop a
buffered asynchronous secure aggregation (BASecAgg) protocol that does not rely
on TEEs. The conventional secure aggregation protocols cannot be applied in the
buffered asynchronous setting since the buffer may have local models
corresponding to different rounds and hence the masks that the users use to
protect their models may not cancel out. BASecAgg addresses this challenge by
carefully designing the masks such that they cancel out even if they correspond
to different rounds. Our convergence analysis and experiments show that
BASecAgg almost has the same convergence guarantees as FedBuff without relying
on TEEs.

