Distributed point functions and their applications

Niv Gilboa, Yuval Ishai

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

55 Scopus citations

Abstract

For x,y ∈{0,1}*, the point function Px,y is defined by Px,y (x) = y and Px,y (x′) = 0|y| for all x′ ≠ x. We introduce the notion of a distributed point function (DPF), which is a keyed function family Fk with the following property. Given x,y specifying a point function, one can efficiently generate a key pair (k0,k1) such that: (1) Fk0 ⊕ Fk1 = Px,y, and (2) each of k0 and k 1 hides x and y. Our main result is an efficient construction of a DPF under the (minimal) assumption that a one-way function exists. Distributed point functions have applications to private information retrieval (PIR) and related problems, as well as to worst-case to average-case reductions. Concretely, assuming the existence of a strong one-way function, we obtain the following applications. - Polylogarithmic 2-server binary PIR. We present the first 2-server computational PIR protocol in which the length of each query is polylogarithmic in the database size n and the answers consist of a single bit each. This improves over the 2O(√log n) query length of the protocol of Chor and Gilboa (STOC '97). Similarly, we get a polylogarithmic "PIR writing" scheme, allowing secure non-interactive updates of a database shared between two servers. Assuming just a standard one-way function, we get the first 2-server private keyword search protocol in which the query length is polynomial in the keyword size, the answers consist of a single bit, and there is no error probability. In all these protocols, the computational cost on the server side is comparable to applying a symmetric encryption scheme to the entire database. - Worst-case to average-case reductions. We present the first worst-case to average-case reductions for PSPACE and EXPTIME complete languages that require only a constant number of oracle queries. These reductions complement a recent negative result of Watson (TOTC '12).

Original languageEnglish
Title of host publicationAdvances in Cryptology, EUROCRYPT 2014 - 33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Proceedings
PublisherSpringer Verlag
Pages640-658
Number of pages19
ISBN (Print)9783642552199
DOIs
StatePublished - 1 Jan 2014
Event33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2014 - Copenhagen, Denmark
Duration: 11 May 201415 May 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8441 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference33rd Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2014
Country/TerritoryDenmark
CityCopenhagen
Period11/05/1415/05/14

Keywords

  • Distributed point function
  • PIR
  • secure keyword search
  • worst-case to average-case reductions

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science (all)

Fingerprint

Dive into the research topics of 'Distributed point functions and their applications'. Together they form a unique fingerprint.

Cite this