Randomness in Private Computations

We consider the amount of randomness used in private distributed computations. Specifically, we show how n players can compute the exclusive-or (xor) of n boolean inputs t-privately, using only O(t2 log (n/t)) random bits (the best known upper bound is O(tn)). We accompany this result by a lower bound on the number of random bits required to carry out this task; we show that any protocol solving this problem requires at least t random bits (again, this significantly improves over the known lower bounds). For the upper bound, we show how, given m subsets of {1,...,n}, to construct in (deterministic) polynomial time a probability distribution of n random variables (i.e., a probability distribution over {0,1}n) such that (1) the parity of random variables in each of these m subsets is 0 or 1 with equal probability, and (2) the support of the distribution is of size at most 2m. This construction generalizes previously considered types of sample spaces (such as k-wise independent spaces and Schulman's spaces [Sample spaces uniform on neighborhoods, in Proc. of the 24th Annual ACM Symposium on Theory of Computing, ACM, New York, 1992, pp. 17--25]). We believe that this construction is of independent interest and may have various applications.

[1]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[2]  Vijay V. Vazirani,et al.  Random polynomial time is equal to slightly-random polynomial time , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[3]  A. Yao How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[4]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[5]  Avi Wigderson,et al.  Completeness theorems for non-cryptographic fault-tolerant distributed computation , 1988, STOC '88.

[6]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[7]  Eyal Kushilevitz,et al.  A zero-one law for Boolean privacy , 1989, STOC '89.

[8]  Donald Beaver Perfect Privacy For Two-Party Protocols , 1989, Distributed Computing And Cryptography.

[9]  Noga Alon,et al.  The Probabilistic Method , 2015, Fundamentals of Ramsey Theory.

[10]  Leonard J. Schulman Sample spaces uniform on neighborhoods , 1992, STOC '92.

[11]  Noam Nisan,et al.  Pseudorandom generators for space-bounded computation , 1992, Comb..

[12]  Moni Naor,et al.  Small-Bias Probability Spaces: Efficient Constructions and Applications , 1993, SIAM J. Comput..

[13]  Nimrod Megiddo,et al.  Constructing small sample spaces satisfying given constraints , 1993, SIAM J. Discret. Math..

[14]  Y. Mansour,et al.  On construction of k-wise independent random variables , 1994, STOC '94.

[15]  Rafail Ostrovsky,et al.  Reducibility and completeness in multi-party private computations , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[16]  R. Motwani,et al.  Derandomization through approximation: an NC algorithm for minimum cuts , 1994, STOC '94.

[17]  Rafail Ostrovsky,et al.  Characterizing linear size circuits in terms of privacy , 1996, STOC '96.

[18]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[19]  David R. Karger,et al.  (De)randomized Construction of Small Sample Spaces in NC , 1997, J. Comput. Syst. Sci..

[20]  Douglas R. Stinson,et al.  On the Dealer's Randomness Required in Secret Sharing Schemes , 1994, Des. Codes Cryptogr..

[21]  Ran Canetti,et al.  Bounds on tradeoffs between randomness and communication complexity , 2005, computational complexity.