In federated learning, integrating multi-step local optimization with differential privacy (DP) and secure aggregation (SecAgg) remains challenging: conventional approaches enforce DP compliance per communication round, severely restricting the number of local updates and degrading model utility. This paper introduces the first end-to-end analytical framework jointly guaranteeing DP and SecAgg for multi-step local SGD. Leveraging a novel noise scaling mechanism, it dynamically allocates the privacy budget across local iterations without compromising SecAgg’s cryptographic security, thereby achieving strict global ε-DP. Theoretically, the framework improves privacy budget utilization efficiency. Empirically, on CIFAR-10, it achieves up to a 3.2% accuracy gain under identical communication rounds—simultaneously enhancing communication efficiency, model utility, and formal privacy guarantees.

Federated learning is a distributed learning setting where the main aim is to train machine learning models without having to share raw data but only what is required for learning. To guarantee training data privacy and high-utility models, differential privacy and secure aggregation techniques are often combined with federated learning. However, with fine-grained protection granularities the currently existing techniques require the parties to communicate for each local optimisation step, if they want to fully benefit from the secure aggregation in terms of the resulting formal privacy guarantees. In this paper, we show how a simple new analysis allows the parties to perform multiple local optimisation steps while still benefiting from joint noise scaling when using secure aggregation. We show that our analysis enables higher utility models with guaranteed privacy protection under limited number of communication rounds.