TY - JOUR
T1 - General constructions for information-theoretic private information retrieval
AU - Beimel, Amos
AU - Ishai, Yuval
AU - Kushilevitz, Eyal
N1 - Funding Information:
This paper contains the results of the two conference papers [23,8]. ∗Corresponding author. E-mail addresses: [email protected] (A. Beimel), [email protected] (Y. Ishai), [email protected] (E. Kushilevitz) URLs: http://www.cs.bgu.ac.il/∼beimel (A. Beimel), http://www.cs.technion.ac.il/∼yuvali (Y. Ishai), http://www.cs.technion.ac.il/∼eyalk (E. Kushilevitz). 1Part of this research was done while the author was visiting DIMACS. 2 Part of this research was done while at DIMACS and AT&T Labs. Research supported in part by Grant no. 36/03 from the Israel Science Foundation and by the Technion V.P.R. Fund. 3Research supported in part by Grant no. 36/03 from the Israel Science Foundation, by a grant from the Mitchell Schoref Fund and by the Technion V.P.R. Fund.
PY - 2005/1/1
Y1 - 2005/1/1
N2 - A Private Information Retrieval (PIR) protocol enables a user to retrieve a data item from a database while hiding the identity of the item being retrieved; specifically, in a t-private k-server PIR protocol the database is replicated among k servers, and the user's privacy is protected from any collusion of up to t servers. The main cost-measure of such protocols is the communication complexity of retrieving a single bit of data. This work addresses the information-theoretic setting for PIR, where the user's privacy should be unconditionally protected against computationally unbounded servers. We present a general construction, whose abstract components can be instantiated to yield both old and new families of PIR protocols. A main ingredient in the new protocols is a generalization of a solution by Babai, Gál, Kimmel, and Lokam for a communication complexity problem in the multiparty simultaneous messages model. Our protocols simplify and improve upon previous ones, and resolve some previous anomalies. In particular, we get (1) 1-private k-server PIR protocols with O(k3n1/(2k-1)) communication bits, where n is the database size; (2) t-private k-server protocols with O(n1/⌊(2k-1)/t⌋) communication bits, for any constant integers k>t≥1; and (3) t-private k-server protocols in which the user sends O(logn) bits to each server and receives O(nt/k+ε) bits in return, for any constant integers k>t≥1 and constant ε>0. The latter protocols have applications to the construction of efficient families of locally decodable codes over large alphabets and to PIR protocols with reduced work by the servers.
AB - A Private Information Retrieval (PIR) protocol enables a user to retrieve a data item from a database while hiding the identity of the item being retrieved; specifically, in a t-private k-server PIR protocol the database is replicated among k servers, and the user's privacy is protected from any collusion of up to t servers. The main cost-measure of such protocols is the communication complexity of retrieving a single bit of data. This work addresses the information-theoretic setting for PIR, where the user's privacy should be unconditionally protected against computationally unbounded servers. We present a general construction, whose abstract components can be instantiated to yield both old and new families of PIR protocols. A main ingredient in the new protocols is a generalization of a solution by Babai, Gál, Kimmel, and Lokam for a communication complexity problem in the multiparty simultaneous messages model. Our protocols simplify and improve upon previous ones, and resolve some previous anomalies. In particular, we get (1) 1-private k-server PIR protocols with O(k3n1/(2k-1)) communication bits, where n is the database size; (2) t-private k-server protocols with O(n1/⌊(2k-1)/t⌋) communication bits, for any constant integers k>t≥1; and (3) t-private k-server protocols in which the user sends O(logn) bits to each server and receives O(nt/k+ε) bits in return, for any constant integers k>t≥1 and constant ε>0. The latter protocols have applications to the construction of efficient families of locally decodable codes over large alphabets and to PIR protocols with reduced work by the servers.
KW - Information-theoretic cryptography
KW - Locally decodable codes
KW - Multiparty communication complexity
KW - Private information retrieval
KW - Simultaneous messages protocols
UR - http://www.scopus.com/inward/record.url?scp=21144453606&partnerID=8YFLogxK
U2 - 10.1016/j.jcss.2005.03.002
DO - 10.1016/j.jcss.2005.03.002
M3 - Article
AN - SCOPUS:21144453606
SN - 0022-0000
VL - 71
SP - 213
EP - 247
JO - Journal of Computer and System Sciences
JF - Journal of Computer and System Sciences
IS - 2
ER -