Cited By
View all- Couteau GRosén A(2022)Random Sources in Private ComputationAdvances in Cryptology – ASIACRYPT 202210.1007/978-3-031-22963-3_15(443-473)Online publication date: 5-Dec-2022
Lower and Upper Bounds on the Randomness Complexity of Private Computations of AND
Authors: 
Eyal Kushilevitz, Rafail Ostrovsky, Emmanuel Prouff, Adi Rosén, Adrian Thillard, Damien VergnaudAuthors Info & Claims
Pages 465 - 484
Abstract
We consider multiparty information-theoretic private protocols, and specifically their randomness complexity. The randomness complexity of private protocols is of interest both because random bits are considered a scarce resource and because of the relation between that complexity measure and other complexity measures of boolean functions such as the circuit size or the sensitivity of the function being computed [Kushilevitz, Ostrovsky, and Rosén, J. Comput. Syst. Sci., 58 (1999), pp. 129--136] and [Gál and Rosén, SIAM J. Comput., 31 (2002), pp. 1424--1437]. More concretely, we consider the randomness complexity of the basic Boolean function \tt and, that serves as a building block in the design of many private protocols. We show that \tt and cannot be privately computed using a single random bit, thus giving the first nontrivial lower bound on the 1-private randomness complexity of an explicit Boolean function, $f: \{0,1\}^n \rightarrow \{0,1\}$. We further show that and, on any number of inputs $n$ (one input bit per player), can be privately computed using 8 random bits (and 7 random bits in the special case of $n=3$ players), improving the upper bound of 73 random bits implicit in [Kushilevitz, Ostrovsky, and Rosén, J. Comput. Syst. Sci., 58 (1999), pp. 129--136]. Together with our lower bound, we thus approach the exact determination of the randomness complexity of \tt and. To the best of our knowledge, the exact randomness complexity of private computation is not known for any explicit function (except for \tt xor, which is 1-random, and for several degenerate functions).
References
[1]
G. Asharov and Y. Lindell, A full proof of the BGW protocol for perfectly secure multiparty computation, J. Cryptology, 30 (2017), pp. 58--151, https://doi.org/10.1007/s00145-015-9214-4.
[2]
D. Beaver, Precomputing oblivious transfer, in Advances in Cryptology - CRYPTO '95, 15th Annual International Cryptology Conference, Santa Barbara, California, USA, August 27-31, 1995, Proceedings, 1995, pp. 97--109, https://doi.org/10.1007/3-540-44750-4_8.
[3]
M. Ben-Or, S. Goldwasser, and A. Wigderson, Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract), in Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2-4, 1988, Chicago, Illinois, USA, 1988, pp. 1--10, https://doi.org/10.1145/62212.62213, http://doi.acm.org/10.1145/62212.62213.
[4]
C. Blundo, C. Galdi, and P. Persiano, Randomness recycling in constant-round private computations (extended abstract), in Distributed Computing, 13th International Symposium, Bratislava, Slovak Republic, September 27-29, 1999, Proceedings, P. Jayanti, ed., vol. 1693 of Lecture Notes in Computer Science, Springer, New York, 1999, pp. 138--150, https://doi.org/10.1007/3-540-48169-9_10.
[5]
C. Blundo, A. D. Santis, G. Persiano, and U. Vaccaro, Randomness complexity of private computation, Comput. Complexity, 8 (1999), pp. 145--168, https://doi.org/10.1007/s000370050025.
[6]
P. Bogetoft, D. L. Christensen, I. Damg\aard, M. Geisler, T. P. Jakobsen, M. Krøigaard, J. D. Nielsen, J. B. Nielsen, K. Nielsen, J. Pagter, M. I. Schwartzbach, and T. Toft, Secure multiparty computation goes live, in Financial Cryptography and Data Security, 13th International Conference, FC 2009, Accra Beach, Barbados, February 23-26, 2009. Revised Selected Papers, R. Dingledine and P. Golle, eds., vol. 5628 of Lecture Notes in Computer Science, Springer, New York, 2009, pp. 325--343, https://doi.org/10.1007/978-3-642-03549-4_20.
[7]
D. Chaum, C. Crépeau, and I. Damg\aard, Multiparty unconditionally secure protocols (extended abstract), in Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2-4, 1988, Chicago, Illinois, USA, 1988, pp. 11--19, https://doi.org/10.1145/62212.62214.
[8]
B. Chor and E. Kushilevitz, A zero-one law for boolean privacy, SIAM J. Discrete Math., 4 (1991), pp. 36--47, https://doi.org/10.1137/0404004.
[9]
B. Chor and E. Kushilevitz, A communication-privacy tradeoff for modular addition, Inf. Process. Lett., 45 (1993), pp. 205--210, https://doi.org/10.1016/0020-0190(93)90120-X.
[10]
I. Damg\aard, J. B. Nielsen, R. Ostrovsky, and A. Rosén, Unconditionally secure computation with reduced interaction, in Advances in Cryptology - EUROCRYPT 2016 - 35th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Vienna, Austria, May 8-12, 2016, Proceedings, Part II, M. Fischlin and J. Coron, eds., vol. 9666 of Lecture Notes in Computer Science, Springer, New York, 2016, pp. 420--447, https://doi.org/10.1007/978-3-662-49896-5_15.
[11]
I. Damg\aard, J. B. Nielsen, A. Polychroniadou, and M. A. Raskin, On the communication required for unconditionally secure multiplication, in Advances in Cryptology - CRYPTO 2016 - 36th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 14-18, 2016, Proceedings, Part II, M. Robshaw and J. Katz, eds., vol. 9815 of Lecture Notes in Computer Science, Springer, New York, 2016, pp. 459--488, https://doi.org/10.1007/978-3-662-53008-5_16.
[12]
D. Data, V. M. Prabhakaran, and M. M. Prabhakaran, Communication and randomness lower bounds for secure computation, IEEE Trans. Inform. Theory, 62 (2016), pp. 3901--3929, https://doi.org/10.1109/TIT.2016.2568207.
[13]
A. Gál and A. Rosén, A theorem on sensitivity and applications in private computation, SIAM J. Comput., 31 (2002), pp. 1424--1437, https://doi.org/10.1137/S0097539701385296.
[14]
A. Gál and A. Rosén, Omega(log n) lower bounds on the amount of randomness in 2-private computation, SIAM J. Comput., 34 (2005), pp. 946--959, https://doi.org/10.1137/S0097539703432785.
[15]
O. Goldreich, Modern Cryptography, Probabilistic Proofs and Pseudorandomness, Algorithms and Combinatorics 17, Springer, New York, 1998.
[16]
A. Jakoby, M. Liśkiewicz, and R. Reischuk, Private computations in networks: Topology versus randomness, in STACS 2003, 20th Annual Symposium on Theoretical Aspects of Computer Science, Berlin, Germany, February 27 - March 1, 2003, Proceedings, H. Alt and M. Habib, eds., vol. 2607 of Lecture Notes in Computer Science, Springer, New York, 2003, pp. 121--132, https://doi.org/10.1007/3-540-36494-3_12.
[17]
E. Kushilevitz and Y. Mansour, Randomness in private computations, SIAM J. Discrete Math., 10 (1997), pp. 647--661, https://doi.org/10.1137/S0895480196306130.
[18]
E. Kushilevitz, R. Ostrovsky, and A. Rosén, Characterizing linear size circuits in terms of privacy, J. Comput. Syst. Sci., 58 (1999), pp. 129--136, https://doi.org/10.1006/jcss.1997.1544.
[19]
E. Kushilevitz, R. Ostrovsky, and A. Rosén, Amortizing randomness in private multiparty computations, SIAM J. Discrete Math., 16 (2003), pp. 533--544.
[20]
E. Kushilevitz and A. Rosén, A randomness-rounds tradeoff in private computation, SIAM J. Discrete Math., 11 (1998), pp. 61--80, https://doi.org/10.1137/S089548019427634X.
[21]
N. Nisan and A. Ta-Shma, Extracting randomness: A survey and new constructions, J. Comput. Syst. Sci., 58 (1999), pp. 148--173, https://doi.org/10.1006/jcss.1997.1546.
[22]
A. Rosén and F. Urrutia, A new approach to multi-party peer-to-peer communication complexity, in 10th Innovations in Theoretical Computer Science Conference, ITCS 2019, January 10-12, 2019, San Diego, California, USA, A. Blum, ed., vol. 124 of LIPIcs, Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik, 2019, pp. 64:1--64:19, https://doi.org/10.4230/LIPIcs.ITCS.2019.64.
Index Terms
- Lower and Upper Bounds on the Randomness Complexity of Private Computations of AND
Index terms have been assigned to the content through auto-classification.
Recommendations
Lower bounds on the amount of randomness in private computation
STOC '03: Proceedings of the thirty-fifth annual ACM symposium on Theory of computingWe consider the amount of randomness necessary in information-theoretic private protocols. We prove that at least Ω(log n) random bits are necessary for the t-private computation of the function xor by n players, for any t ≥ 2. In view of the upper ...
$\Omega(\log n)$ Lower Bounds on the Amount of Randomness in 2-Private Computation
We consider the amount of randomness necessary in information-theoretic private protocols. We prove that at least $\Omega(\log n)$ random bits are necessary for the t-private computation of the function {\tt xor} by n players for any $t \geq 2$. In view ...
Lower and Upper Bounds on the Randomness Complexity of Private Computations of AND
Theory of Cryptography
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
DOI:10.1137/sjdmec.35.1
Issue’s Table of Contents© 2021, Society for Industrial and Applied Mathematics.
Publisher
Society for Industrial and Applied Mathematics
United States
Publication History
Published: 01 January 2021
Author Tags
Author Tags
Qualifiers
- Research-article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- View Citations1Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 22 Nov 2024
Other Metrics
Citations
Cited By
View all- Couteau GRosén A(2022)Random Sources in Private ComputationAdvances in Cryptology – ASIACRYPT 202210.1007/978-3-031-22963-3_15(443-473)Online publication date: 5-Dec-2022
View Options
View options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in