General constructions for information-theoretic private information retrieval
نویسندگان
چکیده
A Private Information Retrieval (PIR) protocol enables a user to retrieve a data item from a database while hiding the identity of the item being retrieved; specifically, in a t-private, k-server PIR protocol the database is replicated among k servers, and the user’s privacy is protected from any collusion of up to t servers. The main cost-measure of such protocols is the communication complexity of retrieving a single bit of data. This work addresses the information-theoretic setting for PIR, where the user’s privacy should be unconditionally protected against computationally unbounded servers. We present a general construction, whose abstract components can be instantiated to yield both old and new families of PIR protocols. A main ingredient in the new protocols is a generalization of a solution by Babai, Kimmel, and Lokam for a communication complexity problem in the multiparty simultaneous messages model. Our protocols simplify and improve upon previous ones, and resolve some previous anomalies. In particular, we get: (1) 1-private k-server PIR protocols with O(k3n1=(2k 1)) communication bits, where n is the database size; (2) t-private k-server protocols with O(n1=b(2k 1)=tc) communication bits, for any constant integers k > t 1; and (3) t-private k-server protocols in which the user sends O(logn) bits to each server and receives O(nt=k+ ) bits in return, for any constant integers k > t 1 and constant > 0. The latter protocols have applications to the construction of efficient families of locally decodable codes over large alphabets and to PIR protocols with reduced work by the servers.
منابع مشابه
Information-Theoretic Private Information Retrieval: A Unified Construction
A Private Information Retrieval (PIR) protocol enables a user to retrieve a data item from a database while hiding the identity of the item being retrieved. In a t-private, k-server PIR protocol the database is replicated among k servers, and the user’s privacy is protected from any collusion of up to t servers. The main cost-measure of such protocols is the communication complexity of retrievi...
متن کاملSufficient Conditions for Collision-Resistant Hashing
We present several new constructions of collision-resistant hash-functions (CRHFs) from general assumptions. We start with a simple construction of CRHF from any homomorphic encryption. Then, we strengthen this result by presenting constructions of CRHF from two other primitives that are implied by homomorphic-encryption: one-round private information retrieval (PIR) protocols and homomorphic o...
متن کاملLossy Encryption: Constructions from General Assumptions and Efficient Selective Opening Chosen Ciphertext Security
Lossy encryption was originally studied as a means of achieving efficient and composable oblivious transfer. Bellare, Hofheinz and Yilek showed that lossy encryption is also selective opening secure. We present new and general constructions of lossy encryption schemes and of cryptosystems secure against selective opening adversaries. We show that every re-randomizable encryption scheme gives ri...
متن کاملDRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT DRAFT An Improved Upper Bound for Information Theoretic Private Information Retrieval
The private information retrieval (PIR) primitive has received a significant amount of attention from the scientific community since it was first proposed by Chor et al. with other cryptographic primitives [6, 12] and improved upper bounds [3, 16] have been obtained. In this paper, we continue along this path and give an improved upper bound for information theoretic PIR. Our protocol and proof...
متن کاملBreaking the O(n1/(2k-1)) Barrier for Information-Theoretic Private Information Retrieval
Private Information Retrieval (PIR) protocols allow a user to retrieve a data item from a database while hiding the identity of the item being retrieved. Specifically, in information-theoretic, k-server PIR protocols the database is replicated among k servers, and each server learns nothing about the item the user retrieves. The cost of such protocols is measured by the communication complexity...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- J. Comput. Syst. Sci.
دوره 71 شماره
صفحات -
تاریخ انتشار 2005