This work investigates the fundamental communication limits of information-theoretically secure aggregation in a two-round, two-hop hierarchical network, where users and relays may drop out randomly, and up to $T$ users may collude with the server or any relay. The goal is to enable the server to learn only the sum of the inputs from surviving users while ensuring that relays gain no information about non-colluding users’ private data. By introducing a four-dimensional rate tuple to characterize communication costs across phases, the study establishes a sharp feasibility threshold under the delayed-message-availability model: secure aggregation is achievable if and only if the total number of surviving users covered by surviving relays exceeds the collusion threshold. The authors propose a construction based on MDS-like vector linear codes and structured correlated randomness, fully characterizing the optimal user-to-relay rates in both rounds and providing tight upper and lower bounds on the relay-to-server rate, which match in several parameter regimes. Correctness and information-theoretic security are rigorously guaranteed under arbitrary dropout patterns.

We study the fundamental communication limits of information-theoretic secure aggregation in a hierarchical network consisting of a server, multiple relays, and multiple users per relay. Communication proceeds over two rounds and two hops, and the system is subject to arbitrary user and relay dropouts. Up to $T$ users may collude with either the server or any single relay. The server aims to recover the sum of the inputs of all users that survive the first round, while learning no additional information beyond the aggregate sum and the inputs of the colluding users. Each relay, however, must learn nothing about the users' inputs except for the information revealed by the inputs of the colluding users under the same collusion model. We introduce a four-dimensional rate tuple that captures the communication cost across rounds and hops. Under a delayed message availability model, we establish necessary and sufficient conditions for feasibility and fully characterize the optimal first-round communication rates. For the second round, we characterize the optimal user-to-relay rate and derive lower and upper bounds on the relay-to-server rate. While these bounds do not coincide in general, they are tight in certain regimes of interest. Our results reveal a sharp threshold phenomenon: secure aggregation is feasible if and only if the total number of surviving users across surviving relays exceeds the collusion threshold. Achievability is established via a vector linear coding scheme with carefully structured correlated randomness exhibiting MDS-like properties, ensuring correctness and information-theoretic security under all possible dropout patterns. Entropic converse bounds are also derived.