On Basing Private Information Retrieval on NP-Hardness

The possibility of basing the security of cryptographic objects on the minimal assumption that $$ \mathbf{NP } \nsubseteq \mathbf{BPP } $$ is at the very heart of complexity-theoretic cryptography. Most known results along these lines are negative, showing that assuming widely believed complexity-theoretic conjectures, there are no reductions from an $$ \mathbf{NP } $$ -hard problem to the task of breaking certain cryptographic schemes. We make progress along this line of inquiry by showing that the security of single-server single-round private information retrieval schemes cannot be based on $$ \mathbf{NP } $$ -hardness, unless the polynomial hierarchy collapses. Our main technical contribution is in showing how to break the security of a PIR protocol given an $$ \mathbf{SZK } $$ oracle. Our result is tight in terms of both the correctness and the privacy parameter of the PIR scheme.

[1]  Rüdiger L. Urbanke,et al.  Polar Codes are Optimal for Lossy Source Coding , 2009, IEEE Transactions on Information Theory.

[2]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[3]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[4]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[5]  Andrej Bogdanov,et al.  Limits of Provable Security for Homomorphic Encryption , 2013, CRYPTO.

[6]  Oded Goldreich,et al.  On the possibility of basing Cryptography on the assumption that P ≠ NP , 1998, IACR Cryptol. ePrint Arch..

[7]  Stathis Zachos,et al.  Does co-NP Have Short Interactive Proofs? , 1987, Inf. Process. Lett..

[8]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[9]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[10]  Aaron D. Wyner,et al.  Coding Theorems for a Discrete Source With a Fidelity CriterionInstitute of Radio Engineers, International Convention Record, vol. 7, 1959. , 1993 .

[11]  Yuval Ishai,et al.  One-way functions are essential for single-server private information retrieval , 1999, STOC '99.

[12]  Mohammad Mahmoody,et al.  On the Power of Randomized Reductions and the Checkability of SAT , 2010, 2010 IEEE 25th Annual Conference on Computational Complexity.

[13]  Oded Goldreich,et al.  Comparing entropies in statistical zero knowledge with applications to the structure of SZK , 1999, Proceedings. Fourteenth Annual IEEE Conference on Computational Complexity (Formerly: Structure in Complexity Theory Conference) (Cat.No.99CB36317).

[14]  R. Urbanke,et al.  Polar codes are optimal for lossy source coding , 2009 .

[15]  Erdal Arikan,et al.  Channel Polarization: A Method for Constructing Capacity-Achieving Codes for Symmetric Binary-Input Memoryless Channels , 2008, IEEE Transactions on Information Theory.

[16]  Rafail Ostrovsky,et al.  Single Database Private Information Retrieval Implies Oblivious Transfer , 2000, EUROCRYPT.

[17]  Oded Goldreich,et al.  On basing one-way functions on NP-hardness , 2006, STOC '06.

[18]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[19]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[20]  Andrej Bogdanov,et al.  On Basing Size-Verifiable One-Way Functions on NP-Hardness , 2015, TCC.

[21]  Salil P. Vadhan,et al.  Theory of Cryptography , 2016, Lecture Notes in Computer Science.

[22]  Yuval Ishai,et al.  Sufficient Conditions for Collision-Resistant Hashing , 2005, TCC.

[23]  Luca Trevisan,et al.  On worst-case to average-case reductions for NP problems , 2003, 44th Annual IEEE Symposium on Foundations of Computer Science, 2003. Proceedings..

[24]  Gilles Brassard,et al.  Relativized cryptography , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[25]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.