This work addresses secure aggregation of high-dimensional sparse gradients in a two-server architecture. Methodologically, it introduces the first efficient privacy-preserving aggregation scheme tailored to block-sparse vectors—where non-zero entries form locally contiguous clusters. The approach extends distributed point functions (DPFs) to accommodate block-sparse structures and integrates block-sparse encoding, randomized sampling, and privacy amplification. Crucially, both communication and computational complexity are independent of vector dimensionality, without compromising security. Compared to baselines such as Prio, the scheme achieves substantial communication savings, negligible increase in noise variance, and near-optimal privacy budget utilization—approaching the theoretical lower bound of the Gaussian mechanism. It enables efficient federated learning aggregation for million-dimensional block-sparse gradients, achieving asymptotically optimal privacy-utility trade-offs.

We revisit the problem of secure aggregation of high-dimensional vectors in a two-server system such as Prio. These systems are typically used to aggregate vectors such as gradients in private federated learning, where the aggregate itself is protected via noise addition to ensure differential privacy. Existing approaches require communication scaling with the dimensionality, and thus limit the dimensionality of vectors one can efficiently process in this setup. We propose PREAMBLE: Private Efficient Aggregation Mechanism for BLock-sparse Euclidean Vectors. PREAMBLE is a novel extension of distributed point functions that enables communication- and computation-efficient aggregation of block-sparse vectors, which are sparse vectors where the non-zero entries occur in a small number of clusters of consecutive coordinates. We then show that PREAMBLE can be combined with random sampling and privacy amplification by sampling results, to allow asymptotically optimal privacy-utility trade-offs for vector aggregation, at a fraction of the communication cost. When coupled with recent advances in numerical privacy accounting, our approach incurs a negligible overhead in noise variance, compared to the Gaussian mechanism used with Prio.