This work addresses security risks in threshold homomorphic encryption when applied to average aggregation in federated learning, particularly under a restricted decryption oracle. It presents the first systematic evaluation and comparison of RLWE-based BFV and CKKS threshold schemes in the context of private averaging, demonstrating that both achieve comparable aggregation efficiency. The study further proposes the use of high-variance blinding noise as a mitigation strategy and quantifies its impact on performance. By identifying vulnerabilities of existing threshold schemes under a specific attack model, this research not only clarifies their security limitations but also offers practical guidance for designing efficient and secure federated aggregation protocols.

Threshold Homomorphic Encryption (Threshold HE) is a good fit for implementing private federated average aggregation, a key operation in Federated Learning (FL). Despite its potential, recent studies have shown that threshold schemes available in mainstream HE libraries can introduce unexpected security vulnerabilities if an adversary has access to a restricted decryption oracle. This oracle reflects the FL clients' capacity to collaboratively decrypt the aggregated result without knowing the secret key. This work surveys the use of threshold RLWE-based HE for federated average aggregation and examines the performance impact of using smudging noise with a large variance as a countermeasure. We provide a detailed comparison of threshold variants of BFV and CKKS, finding that CKKS-based aggregations perform comparably to BFV-based solutions.