Share Conversion and Private Information Retrieval

An information-theoretic private information retrieval (PIR) protocol allows a client to retrieve the i-th bit of a database, held by two or more servers, without revealing information about i to any individual server. Information theoretic PIR protocols are closely related to locally decodable codes (LDCs), which are error correcting codes that can simultaneously offer a high level of robustness and sublinear time decoding of each bit of the encoded message. Recent breakthrough results of Yekhanin (STOC 2007) and Efremenko (STOC 2009) have led to a dramatic improvement in the asymptotic complexity of PIR and LDC. We suggest a new “cryptographic” perspective on these recent constructions, which is based on a general notion of share conversion in secret sharing schemes that may be of independent interest. Our new perspective gives rise to a clean framework which unifies previous constructions and generalizes them in several directions. In a nutshell, we use the following two-step approach: (1) apply share conversion to get a low-communication secure multiparty computation protocol P for a nontrivial class F of low-depth circuits; (2) use a lower bound on the VC dimension of F to get a good PIR protocol from P. Our framework reduces the task of designing good PIR protocols to that of finding powerful forms of share conversion which support circuit classes of a high VC dimension. Motivated by this framework, we study the general power of share conversion and obtain both positive and negative results. Our positive results improve the concrete complexity of PIR even for very feasible real-life parameters. They also lead to some improvements in the asymptotic complexity of the best previous PIR and LDC constructions. For 3-server PIR, we improve the asymptotic communication complexity from O(2146√(log n log log n)) to O(26√(log n log log n)) bits, where n is the database size. Our negative results on share conversion establish some limitations on the power of our approach.

[1]  Amnon Ta-Shma,et al.  Local List Decoding with a Constant Number of Queries , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[2]  R. J. McEliece,et al.  On sharing secrets and Reed-Solomon codes , 1981, CACM.

[3]  Klim Efremenko,et al.  From irreducible representations to locally decodable codes , 2012, STOC '12.

[4]  Tao Feng,et al.  Query-Efficient Locally Decodable Codes of Subexponential Length , 2010, computational complexity.

[5]  Yasuhiro Suzuki,et al.  Improved Constructions for Query-Efficient Locally Decodable Codes of Subexponential Length , 2008, IEICE Trans. Inf. Syst..

[6]  Vladimir Vapnik,et al.  Chervonenkis: On the uniform convergence of relative frequencies of events to their probabilities , 1971 .

[7]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[8]  Yuval Ishai,et al.  Breaking the Barrier for Information-Theoretic Private Information Retrieval , 2002 .

[9]  Avi Wigderson,et al.  Linear Systems over Composite Moduli , 2009, 2009 50th Annual IEEE Symposium on Foundations of Computer Science.

[10]  Sergey Yekhanin,et al.  Towards 3-query locally decodable codes of subexponential length , 2008, JACM.

[11]  Serge Fehr,et al.  Span Programs over Rings and How to Share a Secret from a Module , 1998 .

[12]  Ronald Cramer,et al.  Black-Box Secret Sharing from Primitive Sets in Algebraic Number Fields , 2005, CRYPTO.

[13]  E. Kushilevitz,et al.  Barrier for Information-Theoretic Private Information Retrieval , 2002 .

[14]  Vince Grolmusz,et al.  Superpolynomial Size Set-systems with Restricted Intersections mod 6 and Explicit Ramsey Graphs , 2000, Comb..

[15]  Yuval Ishai,et al.  Share Conversion, Pseudorandom Secret-Sharing and Applications to Secure Computation , 2005, TCC.

[16]  Ronald de Wolf,et al.  Exponential lower bound for 2-query locally decodable codes via a quantum argument , 2002, STOC '03.

[17]  Peter Frankl Constructing Finite Sets With Given Intersections , 1983 .

[18]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[19]  Jonathan Katz,et al.  On the efficiency of local decoding procedures for error-correcting codes , 2000, STOC '00.

[20]  Zeev Dvir,et al.  Matching Vector Codes , 2010, 2010 IEEE 51st Annual Symposium on Foundations of Computer Science.

[21]  Luca Trevisan,et al.  Lower bounds for linear locally decodable codes and private information retrieval , 2002, Proceedings 17th IEEE Annual Conference on Computational Complexity.

[22]  Rafail Ostrovsky,et al.  Private Searching on Streaming Data , 2005, Journal of Cryptology.

[23]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[24]  Niv Gilboa,et al.  Computationally private information retrieval (extended abstract) , 1997, STOC '97.

[25]  Leonid A. Levin,et al.  Checking computations in polylogarithmic time , 1991, STOC '91.

[26]  Yuval Ishai,et al.  Efficient Multi-party Computation over Rings , 2003, EUROCRYPT.

[27]  Avi Wigderson,et al.  On span programs , 1993, [1993] Proceedings of the Eigth Annual Structure in Complexity Theory Conference.

[28]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[29]  Ueli Maurer,et al.  General Secure Multi-party Computation from any Linear Secret-Sharing Scheme , 2000, EUROCRYPT.

[30]  R. Cramer,et al.  Optimal Black-Box Secret Sharing over Arbitrary Abelian Groups , 2002 .

[31]  Yuval Ishai,et al.  Share conversion , pseudorandom secret-sharing and applications to secure distributed computing , 2005 .

[32]  Ron Steinfeld,et al.  On Secure Multi-party Computation in Black-Box Groups , 2007, CRYPTO.

[33]  Yuval Ishai,et al.  General constructions for information-theoretic private information retrieval , 2005, J. Comput. Syst. Sci..

[34]  Sergey Yekhanin,et al.  Locally Decodable Codes , 2012, Found. Trends Theor. Comput. Sci..

[35]  Klim Efremenko,et al.  3-Query Locally Decodable Codes of Subexponential Length , 2008 .

[36]  Mitsuru Ito,et al.  Secret sharing scheme realizing general access structure , 1989 .

[37]  Tamir Tassa,et al.  Improved efficiency for revocation schemes via Newton interpolation , 2006, TSEC.