This work addresses the high communication and computational overhead, as well as vulnerability to gradient inversion attacks, inherent in synchronous secure aggregation for federated learning in IoT settings. The authors propose a hardware root-of-trust–based phase-decoupled secure aggregation mechanism that separates cryptographic setup from the training phase. During device idle periods, ephemeral keys are generated via server-relayed Diffie-Hellman key exchange within ARM TrustZone secure enclaves. In the training phase, each client performs only a single stream-cipher masking operation per round, enabling one-round communication. Fault tolerance is achieved through a hardware-based round counter combined with Shamir’s secret sharing. The scheme uniquely achieves single-round communication, supports client dropout resilience, and ensures private keys never leave secure memory. Evaluated with 20 clients, it reduces active-phase latency by 74%, resists state-of-the-art gradient inversion attacks, and incurs less than 700 bytes of secure-world storage per device—agnostic to model dimensionality.

We propose CHRONOS, a hardware-assisted framework that decouples the cryptographic setup required for private gradient aggregation from the active training phase. CHRONOS executes a once-per-epoch server-relayed Diffie-Hellman key exchange during a device's idle window. It generates ephemeral keypairs and derives PRG keys entirely within an ARM TrustZone enclave, ensuring private keys never exist in Normal World memory. Pairwise secrets are sealed in the enclave, and Shamir secret shares of the ephemeral private key are distributed to peers. During training, clients mask gradients with a single stream-cipher evaluation and transmit them in one communication round. A hardware-backed round counter enforces single-use freshness. If clients drop out mid-round, the server reconstructs their masks from peer-held Shamir shares, preserving correct aggregation without repeating the round. Evaluation on Rock Pi 4 devices using OP-TEE demonstrates that CHRONOS achieves OS-level compromise resistance and thwarts state-of-the-art gradient inversion attacks. It reduces active-phase aggregation latency by up to 74% compared to synchronous secure aggregation for 20 clients. The system maintains a persistent Secure World storage footprint of fewer than 700 bytes per device, scaling independently of model dimension.