Presentation is loading. Please wait.

Presentation is loading. Please wait.

On Locally Decodable Codes Self Correctable Codes t-private PIR and Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel.

Published byKelley Cross Modified over 9 years ago

Similar presentations

Presentation on theme: "On Locally Decodable Codes Self Correctable Codes t-private PIR and Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel."— Presentation transcript:

1 On Locally Decodable Codes Self Correctable Codes t-private PIR and Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel

2 On Locally Decodable Codes Self Correctable Codes and Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel Server Client [CGKS95] Want: Correctness and privacy for the client Communication: Only the trivial Ω(n) solution i ∈ [n] i? xixi q A(q,x) x ∈ {0,1} n t-private PIRPIR Private Information Retrieval

3 Client i xixi t servers x x ∈ {0,1} n x k servers i? [CGKS95] Private Information Retrievalt-private q1q1 A(q 1,x) q2q2 A(q 2,x) PIRk-server PIR

4 PIRt-privateBest known Const. kK=3K=2 Servers Paper n 1/(2k-1) n 1/5 n 1/3 CGKS95, BI01,WY05 n loglogk/klogk n 1/5.25 n 1/3 BIKR02 n 10 -7 (or n 1/loglogn )- Yek07 t-private version ✔ ? ?

5 C message x encoding C(x) i C:{0,1} n → {0,1} m(n) is a k-LDC Randomized Decoder D k-query LDC C:{0,1} n → {0,1} m k-server PIR logm query bits 1 bit answer [KT00] xixi k On Locally Decodable Codes Self Correctable Codes t-private PIR and Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel

6 PIR C k replicas database x k-query LDC C:{0,1} n → {0,1} m k-server PIR logm query bits [KT00] C message xencoded message C(x) LDC

7 Best known LDCs Const. kK=3 Probes Paper exp(n 1/(k-1) )exp(n 1/2 ) BF90, CGKS95, BI01 exp(n loglogk/klogk )exp(n 1/2 ) BIKR02 exp(n 10 -7 ) (or exp( n 1/loglogn )) Yek07

8 On Locally Decodable Codes Self Correctable Codes t-private PIR and C message xencoding C(x) j C:{0,1} n → {0,1} m(n) is a k-SCC Randomized Corrector M systematic k-LDC Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel linear k-query SCC C:{0,1} n → {0,1} m linear k-query LDC C:{0,1} n → {0,1} m k C(x) j

9 Is it SCC? ✔ ? ? SCCLDC ? Const. kK=3 Probes Paper exp(n 1/(k-1) )exp(n 1/2 ) BF90, CGKS95, BI01 exp(n loglogk/klogk )exp(n 1/2 ) BIKR02 exp(n 10 -7 ) (or exp( n 1/loglogn )) Yek07 Reed- Muller based

10 Main Problems Closing the gap between: 1-private and t-private PIR LDC and SCC RM SCC upper bound Yek07 LDC upper bound LDC lower bound

11 Talk Outline Notions and current state Our contributions: highlights Our contributions: technical details Summary and open issues

12 Our Contributions (1) 1-private k-server PIR t-private k t -server PIR 1-private k-server SRPIR t-private kt-server PIR k-LDC k-SCC Communication preserving transformations

13 Best known t-private PIR ? Const. kK=3K=2 Servers Paper n 1/(2k-1) n 1/5 n 1/3 CGKS95, BI01,WY05 n loglogk/klogk n 1/5.25 n 1/3 BIKR02 n 10 -7 (or n 1/loglogn )- Yek07 t-private version ✔ ? k t servers

14 Main Problems Closing the gap between: 1-private and t-private PIR LDC and SCC Closing the gap of LDC vs. SCC Closing the question on t-private PIR RM SCC upper bound Yek07 LDC upper bound LDC lower bound

15 Linear SCC vs. Combinatorial designs Based on Hamada’s Conjecture (1973): Evidence for difficulty of progress on the LDC vs. SCC question Our Contributions (2)

16 LDC vs. SCC Is it SCC? ✔ ? ? Const. kK=3 Probes Paper exp(n 1/(k-1) )exp(n 1/2 ) BF90, CGKS95, BI01 exp(n loglogk/klogk )exp(n 1/2 ) BIKR02 exp(n 10 -7 ) (or exp( n 1/loglogn )) Yek07 ?

17 Talk Outline Notions and current state Our contributions: highlights Our contributions: technical details Summary and open issues

18 1-private PIR  t-private PIR 1-private k-server PIR t-private k t -server PIR k-LDC

19 i X S 1,1 S 1,2 S 1,3 S 2,1 S 2,2 S 2,3 S 3,1 S 3,2 S 3,3 i ≡ i 1 + i 2 X i 1 +i 2 =X i q 1 (i 2 ) q 2 (i 2 ) q 3 (i 2 ) X=X<<0 X<<1 X<<2 ⋮ X<<i 2 ⋮ ⋮ X<<n-1 i1i1 i 1-private 3-server PIR to 2-private 3 2 -server PIR q 1 (i 1 )q 2 (i 1 )q 3 (i 1 ) A1A1 A2A2 A3A3 AAA i 2 ? i? i 1 ? i? A1A1 A2A2 A3A3

20 1-private k-server SRPIR t-private kt-server PIR k-SCC 1-private PIR  t-private PIR t(k-1)+1

21 Server Client q q? A(q,x) q’ A(q’,x) SRPIR = PIR+ x ∈ {0,1} n i i? xixi q A(q,x)

22 k-server SRPIR logm query bits k-query SCC C:{0,1} n → {0,1} m C message xencoded message C(x) SCC SRPIR C k replicas database x

23 X i 1-private 3-server SRPIR to 2-private 5-server PIR q1q1 q2q2 q3q3 A(q 3,x) A(q 2,x) A(q 1,x) S1S1 S2S2 S3S3 q 11 q 12 q 13 S1S1 S2S2 S3S3 q 23 q 12 q 22 q 31 q 32 q 33 xixi S?S? S?S? S?S? S?S? S?S? S?S? S1S1 S4S4 S5S5 S2S2 S3S3 S5S5 Threshold 3-out-of-5 circuit using only Threshold 2-out-of-3 gates NO

24 X i S1S1 S2S2 S3S3 S4S4 S5S5 Threshold 3-out-of-5 1-private 3-server SRPIR to 2-private 2(3-1)+1=5-server PIR Threshold 3-out-of-5 circuit using only Threshold 2-out-of-3 gates Threshold (t+1)-out-of-t(k-1)+1 circuit using only Threshold 2-out-of-k gates

25 Combinatorial designs 2-(m,k, λ ) design m points blocks: sets of k points each 2 points appear together in λ blocks 11111111 11 2-(24,4,1) design

26 Example: lines in F 17 2 design Points: GF(17) 2 =F 17 2 Blocks: points on a line 2-(17 2,17, 1 ) design

27 Low rank designs  good SCC 11111111 C = span 2-(m,k, λ ) design with p-rank r C ⊥ :F p m-r → F p m is a (k-1)-SCC

28 Hamada’s Conjecture (‘73): The 2-(p r,p,1) design that stems from the lines in F p r has the smallest p-rank of all the designs with the same parameters. the support of the low-weight words of the Reed-Muller code Reed-Muller SCCs are optimal Hamada’s conjecture

29 Generalization of the conjecture: Relaxation in the following senses dimension (rather than rank) over different fields (i.e. q-dimension) almost designs 1111 1111 1111 1111 1111 1111 1111 1111 1111 1111 1111 5411 1122 2411 6412 4451 1662 3243 2116 6215 3541 3312 Generalized conjecture ⇓ Reed-Muller based SCCs are “essentially optimal”

30 Generalization of the conjecture: Relaxation in the following senses dimension (rather than rank) over different fields (i.e. q-dimension) almost designs Reed-Muller SCCs are “essentially optimal” Generalized conjecture

31 Talk Outline Notions and current state Our contributions: highlights Our contributions: technical details Summary and open issues

32 Summary Substantial improvement of best t-private PIR 1-private PIR ⇨ t-private PIR t-private version of Yekhanin’s protocol Interesting connection: SCC and t-private PIR Better SCC ⇨ better t-private PIR SCC=LDC ⇨ 1-private=t-private PIR Intriguing connection: SCC and p-rank designs Prove known SCC optimal ⇨ Hamada’s conjecture

33 RM SCC upper bound Yek07 LDC upper bound LDC lower bound Better t-private PIR Extend Yek07 to 2-private 5-server PIR? … or even 2-private 8-server PIR? LDC vs. SCC Better SCC than Reed-Muller based e.g. 3-SCC of length 2 o(√n) const. size alphabet Better Lower bounds on SCC separate SCC from LDC or even super-polynomial lower bounds on SCC Open Issues SCC lower bound

34 thank you

Download ppt "On Locally Decodable Codes Self Correctable Codes t-private PIR and Omer Barkol, Yuval Ishai and Enav Weinreb Technion, Israel."

Similar presentations

Optimal Lower Bounds for 2-Query Locally Decodable Linear Codes Kenji Obata.

Optimal Lower Bounds for 2-Query Locally Decodable Linear Codes Kenji Obata.
Constant-Round Private Database Queries Nenad Dedic and Payman Mohassel Boston UniversityUC Davis.

Constant-Round Private Database Queries Nenad Dedic and Payman Mohassel Boston UniversityUC Davis.
1 Cryptography: on the Hope for Privacy in a Digital World Omer Reingold VVeizmann and Harvard CRCS.

1 Cryptography: on the Hope for Privacy in a Digital World Omer Reingold VVeizmann and Harvard CRCS.
Efficient Private Approximation Protocols Piotr Indyk David Woodruff Work in progress.

Efficient Private Approximation Protocols Piotr Indyk David Woodruff Work in progress.
Multi-Query Computationally-Private Information Retrieval with Constant Communication Rate Jens Groth, University College London Aggelos Kiayias, University.

Multi-Query Computationally-Private Information Retrieval with Constant Communication Rate Jens Groth, University College London Aggelos Kiayias, University.
Truthful Mechanisms for Combinatorial Auctions with Subadditive Bidders Speaker: Shahar Dobzinski Based on joint works with Noam Nisan & Michael Schapira.

Truthful Mechanisms for Combinatorial Auctions with Subadditive Bidders Speaker: Shahar Dobzinski Based on joint works with Noam Nisan & Michael Schapira.
Locally correctable codes from lifting Alan Guo MIT CSAIL Joint work with Swastik Kopparty (Rutgers) and Madhu Sudan (Microsoft Research)

Locally correctable codes from lifting Alan Guo MIT CSAIL Joint work with Swastik Kopparty (Rutgers) and Madhu Sudan (Microsoft Research)
Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors Ronald Cramer, Yevgeniy Dodis, Serge Fehr, Carles Padro,

Detection of Algebraic Manipulation with Applications to Robust Secret Sharing and Fuzzy Extractors Ronald Cramer, Yevgeniy Dodis, Serge Fehr, Carles Padro,
The Complexity of Information-Theoretic Secure Computation Yuval Ishai Technion 2014 European School of Information Theory.

The Complexity of Information-Theoretic Secure Computation Yuval Ishai Technion 2014 European School of Information Theory.
Oblivious Branching Program Evaluation

Oblivious Branching Program Evaluation
An Ω(n 1/3 ) Lower Bound for Bilinear Group Based Private Information Retrieval Alexander Razborov Sergey Yekhanin.

An Ω(n 1/3 ) Lower Bound for Bilinear Group Based Private Information Retrieval Alexander Razborov Sergey Yekhanin.
Locally Decodable Codes from Nice Subsets of Finite Fields and Prime Factors of Mersenne Numbers Kiran Kedlaya Sergey Yekhanin MIT Microsoft Research.

Locally Decodable Codes from Nice Subsets of Finite Fields and Prime Factors of Mersenne Numbers Kiran Kedlaya Sergey Yekhanin MIT Microsoft Research.
15-853:Algorithms in the Real World

15-853:Algorithms in the Real World
List decoding Reed-Muller codes up to minimal distance: Structure and pseudo- randomness in coding theory Abhishek Bhowmick (UT Austin) Shachar Lovett.

List decoding Reed-Muller codes up to minimal distance: Structure and pseudo- randomness in coding theory Abhishek Bhowmick (UT Austin) Shachar Lovett.
Locally Decodable Codes

Locally Decodable Codes
1 Cell Probe Complexity - An Invitation Peter Bro Miltersen University of Aarhus.

1 Cell Probe Complexity - An Invitation Peter Bro Miltersen University of Aarhus.
Secure Computation of Constant-Depth Circuits with Applications to Database Search Problems Omer Barkol Yuval Ishai Technion.

Secure Computation of Constant-Depth Circuits with Applications to Database Search Problems Omer Barkol Yuval Ishai Technion.
Sparse Random Linear Codes are Locally Decodable and Testable Tali Kaufman (MIT) Joint work with Madhu Sudan (MIT)

Sparse Random Linear Codes are Locally Decodable and Testable Tali Kaufman (MIT) Joint work with Madhu Sudan (MIT)
1 Robust PCPs of Proximity (Shorter PCPs, applications to Coding) Eli Ben-Sasson (Radcliffe) Oded Goldreich (Weizmann & Radcliffe) Prahladh Harsha (MIT)

1 Robust PCPs of Proximity (Shorter PCPs, applications to Coding) Eli Ben-Sasson (Radcliffe) Oded Goldreich (Weizmann & Radcliffe) Prahladh Harsha (MIT)
On Gallager’s problem: New Bounds for Noisy Communication. Navin Goyal & Mike Saks Joint work with Guy Kindler Microsoft Research.

On Gallager’s problem: New Bounds for Noisy Communication. Navin Goyal & Mike Saks Joint work with Guy Kindler Microsoft Research.

Similar presentations

Ads by Google