This work addresses the challenge of achieving communication-efficient and information-theoretically secure aggregation in decentralized networks with limited local connectivity. The authors propose the Topology-aware Secure Aggregation (TSA) framework, which generalizes information-theoretic secure aggregation to arbitrary graph topologies for the first time. By leveraging spectral graph theory and linear coding design, the protocol constructs secure aggregation schemes using the null space of the adjacency matrix. A key contribution is the insight that the total secret key requirement depends solely on the size of each node’s neighborhood rather than the global network scale. On d-regular graphs, the framework achieves optimal communication and key rates: each user stores and broadcasts only a single symbol, and the entire network requires just d independent secret key symbols to securely compute neighborhood sums.

Large-scale decentralized learning frameworks such as federated learning (FL), require both communication efficiency and strong data security, motivating the study of secure aggregation (SA). While information-theoretic SA is well understood in centralized and fully connected networks, its extension to decentralized networks with limited local connectivity remains largely unexplored. This paper introduces \emph{topological secure aggregation} (TSA), which studies one-shot, information-theoretically secure aggregation of neighboring users'inputs over arbitrary network topologies. We develop a unified linear design framework that characterizes TSA achievability through the spectral properties of the communication graph, specifically the kernel of a diagonally modulated adjacency matrix. For several representative classes of $d$-regular graphs including ring, prism and complete topologies, we establish the optimal communication and secret key rate region. In particular, to securely compute one symbol of the neighborhood sum, each user must (i) store at least one key symbol, (ii) broadcast at least one message symbol, and (iii) collectively, all users must hold at least $d$ i.i.d. key symbols. Notably, this total key requirement depends only on the \emph{neighborhood size} $d$, independent of the network size, revealing a fundamental limit of SA in decentralized networks with limited local connectivity.