Federated Learning (FL) enables multiple users to collaboratively train a machine learning model without sharing raw data, making it suitable for privacy-sensitive applications. However, local model or weight updates can still leak sensitive information. Secure aggregation protocols mitigate this risk by ensuring that only the aggregated updates are revealed. Among these, single-setup protocols, where key generation and exchange occur only once, are the most efficient due to reduced communication and computation overhead. However, existing single-setup protocols often lack support for dynamic user participation and do not provide strong privacy guarantees such as forward and backward secrecy. In this paper, we propose a new secure aggregation protocol that requires only one setup operation for the entire FL training and allows new users to join or leave at any round. It employs lightweight symmetric homomorphic encryption with a key negation technique to efficiently mask updates, without user-to-user communication -- unlike the existing protocols. To defend against model inconsistency attacks, we introduce a simple verification mechanism using message authentication codes (MACs). Our protocol is the first to combine forward/backward secrecy, dropout resilience, and model integrity verification in a single-setup design. We provide formal security proofs and implement an end-to-end prototype, which source code has been released. Our experimental results show that our protocol reduces user-side computation by approximately 99% compared to state-of-the-art protocols like e-SeaFL (ACSAC'24), making it highly practical for real-world FL deployments, especially on resource-constrained devices.