AirComp in IoT is vulnerable to coordinated eavesdropping by multiple adversaries, compromising both privacy and aggregation integrity. Method: This paper proposes a channel-misalignment–based anti-coordinated-eavesdropping mechanism. Under zero-forcing constraints, it injects artificial noise such that the legitimate fusion center perfectly recovers the aggregated signal, while eavesdroppers suffer severe estimation degradation due to imperfect channel state information (CSI). Contribution/Results: We derive tight MMSE estimation bounds for both legitimate and eavesdropping receivers, and jointly optimize channel alignment and noise covariance to decouple security and accuracy control. Experiments demonstrate that the method maintains sub-millimeter aggregation error while reducing eavesdroppers’ estimation accuracy by over one order of magnitude—significantly enhancing practical security for AirComp-enabled federated edge learning.

In the era of the Internet of Things and massive connectivity, many engineering applications, such as sensor fusion and federated edge learning, rely on efficient data aggregation from geographically distributed users over wireless networks. Over-the-air computation shows promising potential for enhancing resource efficiency and scalability in such scenarios by leveraging the superposition property of wireless channels. However, due to the use of uncoded transmission with linear mapping, it also suffers from security vulnerabilities that must be dealt with to allow widespread adoption. In this work, we consider a scenario where multiple cooperating eavesdroppers attempt to infer information about the aggregation result. We derive the optimal joint estimator for the eavesdroppers and provide bounds on the achievable estimation accuracy for both the eavesdroppers and the intended receiver. We show that significant inherent security exists against individual eavesdroppers due to channel misalignment. However, the security level is greatly compromised when the eavesdroppers can cooperate, motivating the need for deliberate security measures. A common measure is to add carefully calibrated perturbation signals (artificial noise) prior to data transmission to improve the security level. To this end, we propose a zero-forced artificial noise design that achieves a high level of security against cooperative eavesdroppers without compromising the aggregation accuracy.