Do Distributed Differentially-Private Protocols Require Oblivious Transfer?
نویسندگان
چکیده
We study the cryptographic complexity of two-party differentially-private protocols for a large natural class of boolean functionalities. Information theoretically, McGregor et al. [FOCS 2010] and Goyal et al. [Crypto 2013] demonstrated several functionalities for which the maximal possible accuracy in the distributed setting is significantly lower than that in the client-server setting. Goyal et al. [Crypto 2013] further showed that “highly accurate” protocols in the distributed setting for any non-trivial functionality in fact imply the existence of one-way functions. However, it has remained an open problem to characterize the exact cryptographic complexity of this class. In particular, we know that semi-honest oblivious transfer helps obtain optimally accurate distributed differential privacy. But we do not know whether the reverse is true. We study the following question: Does the existence of optimally accurate distributed differentially private protocols for any class of functionalities imply the existence of oblivious transfer? We resolve this question in the affirmative for the class of boolean functionalities that contain an XOR embedded on adjacent inputs. ◦ We construct a protocol implementing oblivious transfer from any optimally accurate, distributed differentially private protocol for any functionality with a boolean XOR embedded on adjacent inputs. ◦ While the previous result holds for optimally accurate protocols for any privacy parameter > 0, we also give a reduction from oblivious transfer to distributed differentially private protocols computing XOR, for a constant small range of non-optimal accuracies and a constant small range of values of privacy parameter . At the heart of our techniques is an interesting connection between optimally-accurate twoparty protocols for the XOR functionality and noisy channels, which were shown by Crépeau and Kilian [FOCS 1988] to be sufficient for oblivious transfer. ∗Microsoft Research India, Bangalore. Email: [email protected]. †UCLA and Center for Encrypted Functionalities. Email: [email protected]. ‡Email: [email protected]. Work done while at Microsoft Research. §University of California, Berkeley. Email: [email protected]. ¶UCLA and Center for Encrypted Functionalities. Email: [email protected].
منابع مشابه
Distributed Oblivious Transfer
This work describes distributed protocols for oblivious transfer, in which the role of the sender is divided between several servers, and a chooser (receiver) must contact a threshold of these servers in order to run the oblivious transfer protocol. These distributed oblivious transfer protocols provide information theoretic security, and do not require the parties to compute exponentiations or...
متن کاملPrivacy Preserving Techniques for Speech Processing
Speech is perhaps the most private form of personal communication but current speech processing techniques are not designed to preserve the privacy of the speaker and require complete access to the speech recording. We propose to develop techniques for speech processing which do preserve privacy. While our proposed methods can be applied to a variety of speech processing problems and also gener...
متن کاملBlack-Box Separations for Differentially Private Protocols
We study the maximal achievable accuracy of distributed differentially private protocols for a large natural class of boolean functions, in the computational setting. In the information theoretic model, McGregor et al. [FOCS 2010] and Goyal et al. [CRYPTO 2013] have demonstrated several functionalities whose differentially private computation results in much lower accuracies in the distributed ...
متن کاملNew Communication-Efficient Oblivious Transfer Protocols Based on Pairings
We construct two simple families of two-message (n, 1)-oblivious transfer protocols based on degree-t homomorphic cryptosystems with the communication of respectively 1 + dn/te and 3 + dn/(t + 1)e ciphertexts. The construction of both families relies on efficient cryptocomputable conditional disclosure of secret protocols; the way this is done may be of independent interest. The currently most ...
متن کاملOblivious Decision Programs from Oblivious Transfer: Efficient Reductions
In this paper, we design efficient protocols for a number of private database query problems. Consider a general form of the problem where a client who holds a private input interacts with a server who holds a private decision program (e.g. a decision tree or a branching program) with the goal of evaluating his input on the decision program without learning any additional information. Many know...
متن کامل