How should we solve search problems privately?

Amos Beimel, Tal Malkin, Kobbi Nissim, Enav Weinreb

Research output: Contribution to journalArticlepeer-review


Secure multiparty computation allows a group of distrusting parties to jointly compute a (possibly randomized) function of their inputs. However, it is often the case that the parties executing a computation try to solve a search problem, where one input may have a multitude of correct answers-such as when the parties compute a shortest path in a graph or find a solution of a set of linear equations. The algorithm for arbitrarily picking one output from the solution set has significant implications on the privacy of the computation. A minimal privacy requirement was put forward by Beimel et al. [STOC 2006] with focus on proving impossibility results. Their definition, however, guarantees a very weak notion of privacy, which is probably insufficient for most applications. In this work we aim for stronger definitions of privacy for search problems that provide reasonable privacy. We give two alternative definitions and discuss their privacy guarantees. We also supply algorithmic machinery for designing such protocols for a broad selection of search problems.

Original languageEnglish
Pages (from-to)344-371
Number of pages28
JournalJournal of Cryptology
Issue number2
StatePublished - 1 Apr 2010


  • Privacy
  • Resemblance
  • Search problems
  • Secure computation

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Applied Mathematics


Dive into the research topics of 'How should we solve search problems privately?'. Together they form a unique fingerprint.

Cite this