on basing private information retrieval on np hardness
play

On Basing Private Information Retrieval on NP-Hardness Tianren Liu 1 - PowerPoint PPT Presentation

Mar 27, 2023 •118 likes •696 views

On Basing Private Information Retrieval on NP-Hardness Tianren Liu 1 Vinod Vaikuntanathan 1 1 MIT liutr@mit.edu , vinodv@csail.mit.edu Thirteenth IACR Theory of Cryptography Conference . . . . . . . . . . . . . . . . . . . . .

  1. On Basing Private Information Retrieval on NP-Hardness Tianren Liu 1 Vinod Vaikuntanathan 1 1 MIT liutr@mit.edu , vinodv@csail.mit.edu Thirteenth IACR Theory of Cryptography Conference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 1 / 14

  2. Assumptions and Primitives in Cryptography Add-Homomorphic Enc Trapdoor PIR Permutation Pub-key Enc CRHF OWP OWF Avg-NP ⊈ BPP NP ⊈ BPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 2 / 14

  3. Assumptions and Primitives in Cryptography Add-Homomorphic Enc Trapdoor PIR Permutation Pub-key Enc CRHF OWP OWF Avg-NP ⊈ BPP NP ⊈ BPP Can we prove the security of a cryptographic primitive from the minimal assumption NP ⊈ BPP ? (Brassard 1979) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 2 / 14

  4. (Black-box) Security Proofs To prove the security of X based on NP ⊈ BPP , find a (p.p.t.) reduction R s.t. for any oracle A that “breaks the security of X ”, R A solves SAT R . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 3 / 14

  5. (Black-box) Security Proofs To prove the security of X based on NP ⊈ BPP , find a (p.p.t.) reduction R s.t. for any oracle A that “breaks the security of X ”, R A solves SAT A R . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 3 / 14

  6. (Black-box) Security Proofs To prove the security of X based on NP ⊈ BPP , find a (p.p.t.) reduction R s.t. for any oracle A that “breaks the security of X ”, R A solves SAT A ) { accepts w.p. ≥ 2 / 3 , if x ∈ SAT ( x accepts w.p. ≤ 1 / 3 , if x / ∈ SAT R . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 3 / 14

  7. (Black-box) Security Proofs To prove the security of X based on NP ⊈ BPP , find a (p.p.t.) reduction R s.t. for any oracle A that “breaks the security of X ”, R A solves SAT A ) { accepts w.p. ≥ 2 / 3 , if x ∈ SAT ( x accepts w.p. ≤ 1 / 3 , if x / ∈ SAT R Note: Black-box security proof but allow arbitrary construction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 3 / 14

  8. Impossibility Results Add-Homomorphic Enc No known cryptographic scheme based on NP ⊈ BPP . Trapdoor PIR Several negative results* (Brassard Permutation 1979, . . . ) Pub-key Enc CRHF OWP OWF Avg-NP ⊈ BPP NP ⊈ BPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 4 / 14

  9. Impossibility Results Add-Homomorphic Enc One-way Permutations (Brassard 1979) Trapdoor PIR Permutation Pub-key Enc CRHF OWP OWF Avg-NP ⊈ BPP NP ⊈ BPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 4 / 14

  10. Impossibility Results (restricting the primitives) Add-Homomorphic Enc Homomorphic Encryption ∗ (Bogdanov-Lee 2013) Trapdoor PIR One-way Functions ∗ Permutation (Akavia-Goldreich-Goldwasser- Pub-key Enc CRHF OWP Moshkovitz 2006, Bogdanov-Brzuska 2014) OWF Avg-NP ⊈ BPP NP ⊈ BPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 4 / 14

  11. Impossibility Results (restricting the reductions) Add-Homomorphic Enc Public-key Encryption Scheme, via “smart” reduction Trapdoor PIR (Goldreich-Goldwasser 1998) Permutation Collision-resistant Hash Functions, Pub-key Enc CRHF OWP via constant-adaptive reduction (Haitner-Mahmoody-Xiao 2009) OWF Average-case NP, via non-adaptive reduction Avg-NP ⊈ BPP (Bogdanov-Trevisan 2006) NP ⊈ BPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 4 / 14

  12. Our Result: Private Information Retrieval [CGKS95, KO97] Add-Homomorphic Enc Theorem (Informal) Trapdoor PIR Permutation Let Π be a single-server one-round PIR scheme. Pub-key Enc CRHF OWP Security of Π can not be based on NP-hardness unless OWF polynomial hierarchy collapses. Avg-NP ⊈ BPP NP ⊈ BPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 5 / 14

  13. Our Result: Private Information Retrieval [CGKS95, KO97] Add-Homomorphic Enc Theorem (Informal) Trapdoor PIR Permutation Let Π be a single-server one-round PIR scheme. Pub-key Enc CRHF OWP Security of Π can not be based on NP-hardness unless OWF polynomial hierarchy collapses. Avg-NP ⊈ BPP Rule out approximately correct PIR. NP ⊈ BPP Rule out PIR with communication complexity n − o ( n ). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 5 / 14

  14. Proof Overview Lemma 1 (Single-server one-round) PIR can be broken with an SZK oracle Lemma 2 Language L ∈ BPP SZK = ⇒ L ∈ AM ∩ coAM (Mahmoody & Xiao, 2010) Thus: if there is a reduction from SAT to breaking PIR, then SAT ∈ AM ∩ coAM . Lemma 3 NP ̸⊆ coAM unless polynomial hierarchy collapses (Boppana, H˚ astad & Zachos, 1987) Thus: if there is a reduction from SAT to breaking PIR, then polynomial hierarchy collapses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 6 / 14

  15. Proof Overview Lemma 1 (Single-server one-round) PIR can be broken with an SZK oracle Lemma 2 Language L ∈ BPP SZK = ⇒ L ∈ AM ∩ coAM (Mahmoody & Xiao, 2010) Thus: if there is a reduction from SAT to breaking PIR, then SAT ∈ AM ∩ coAM . Lemma 3 NP ̸⊆ coAM unless polynomial hierarchy collapses (Boppana, H˚ astad & Zachos, 1987) Thus: if there is a reduction from SAT to breaking PIR, then polynomial hierarchy collapses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 6 / 14

  16. Proof Overview Lemma 1 (Single-server one-round) PIR can be broken with an SZK oracle Lemma 2 Language L ∈ BPP SZK = ⇒ L ∈ AM ∩ coAM (Mahmoody & Xiao, 2010) Thus: if there is a reduction from SAT to breaking PIR, then SAT ∈ AM ∩ coAM . Lemma 3 NP ̸⊆ coAM unless polynomial hierarchy collapses (Boppana, H˚ astad & Zachos, 1987) Thus: if there is a reduction from SAT to breaking PIR, then polynomial hierarchy collapses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 6 / 14

  17. Proof Overview Lemma 1 (Single-server one-round) PIR can be broken with an SZK oracle Lemma 2 Language L ∈ BPP SZK = ⇒ L ∈ AM ∩ coAM (Mahmoody & Xiao, 2010) Thus: if there is a reduction from SAT to breaking PIR, then SAT ∈ AM ∩ coAM . Lemma 3 NP ̸⊆ coAM unless polynomial hierarchy collapses (Boppana, H˚ astad & Zachos, 1987) Thus: if there is a reduction from SAT to breaking PIR, then polynomial hierarchy collapses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 6 / 14

  18. Proof Overview Lemma 1 (Single-server one-round) PIR can be broken with an SZK oracle Lemma 2 Language L ∈ BPP SZK = ⇒ L ∈ AM ∩ coAM (Mahmoody & Xiao, 2010) Thus: if there is a reduction from SAT to breaking PIR, then SAT ∈ AM ∩ coAM . Lemma 3 NP ̸⊆ coAM unless polynomial hierarchy collapses (Boppana, H˚ astad & Zachos, 1987) Thus: if there is a reduction from SAT to breaking PIR, then polynomial hierarchy collapses. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Tianren, Vinod (MIT) Basing PIR on NP-Hardness TCC 2016-A 6 / 14

Recommend

On Basing Search SIVP on NP-Hardness Tianren Liu MIT liutr@mit.edu Sixteenth IACR Theory of

On Basing Search SIVP on NP-Hardness Tianren Liu MIT liutr@mit.edu Sixteenth IACR Theory of

On Basing Search SIVP on NP-Hardness Tianren Liu MIT liutr@mit.edu Sixteenth IACR Theory of Cryptography Conference Tianren LIU (MIT) Basing Search SIVP on NP-Hardness TCC 2018 1 / 18 Assumptions and Primitives in Cryptography

1.46k views • 99 slides
Heterogenous Private Information Retrieval Hamid Mozaffari, Amir Houmansadr University of

Heterogenous Private Information Retrieval Hamid Mozaffari, Amir Houmansadr University of

Heterogenous Private Information Retrieval Hamid Mozaffari, Amir Houmansadr University of Massachusetts Amherst Pr Private Information Retrieval u Private information retrieval (PIR) enables clients to query and retrieve data from untrusted

415 views • 25 slides
Private Information Retrieval Over Gaussian MAC Ori Shmuel Joint Work with Asaf Cohen Ben

Private Information Retrieval Over Gaussian MAC Ori Shmuel Joint Work with Asaf Cohen Ben

Private Information Retrieval PIR for Gaussian Multiple Access Channels Private Information Retrieval Over Gaussian MAC Ori Shmuel Joint Work with Asaf Cohen Ben Gurion University of the Negev shmuelor@bgu.ac.il IEEE International Symposium

1.09k views • 73 slides
Computational Code-Based Single-Server Private Information Retrieval Lukas Holzbaur , Camilla

Computational Code-Based Single-Server Private Information Retrieval Lukas Holzbaur , Camilla

Computational Code-Based Single-Server Private Information Retrieval Lukas Holzbaur , Camilla Hollanti, Antonia Wachter-Zeh Technical University of Munich Institute for Communications Engineering Private Information Retrieval Goal: Retrieve

431 views • 28 slides
Information Retrieval Introducing Information Retrieval and Web Search Information Retrieval

Information Retrieval Introducing Information Retrieval and Web Search Information Retrieval

Introduction to Information Retrieval Introducing Information Retrieval and Web Search Information Retrieval Information Retrieval (IR) is finding material (usually documents) of an unstructured nature (usually text) that satisfies an

1.01k views • 57 slides
Private Information Retrieval over ICN Christian Tschudin University of Basel ,

Private Information Retrieval over ICN Christian Tschudin University of Basel ,

Private Information Retrieval over ICN Christian Tschudin University of Basel , Switzerland and Symphony.com , Palo Alto, USA /edu/ucla/cs/nom16/PIRoverICN/ndx sha256 MPHF PIR Overview How to lookup secrets over public NDN?

585 views • 12 slides
Single-Database Private Information Retrieval 07.11.2005 Aleksandr Grebennik Tartu University a

Single-Database Private Information Retrieval 07.11.2005 Aleksandr Grebennik Tartu University a

MTAT.07.006 Research Seminar in Cryptography Single-Database Private Information Retrieval 07.11.2005 Aleksandr Grebennik Tartu University a g@ut.ee Single-Database Private Information Retrieval Aleksandr Grebennik 1 Overview of the Lecture

626 views • 15 slides
Improved User-Private Information Retrieval via Finite Geometry RMIT Padraig O Cath ain

Improved User-Private Information Retrieval via Finite Geometry RMIT Padraig O Cath ain

Improved User-Private Information Retrieval via Finite Geometry RMIT Padraig O Cath ain (WPI) joint with Oliver W. Gnilke, Marcus Greferath, Camilla Hollanti, Guillermo Nu nez Ponasso, Eric Swartz 7th October 2019 Private

955 views • 62 slides
1 What is multimedia information retrieval? 1.1 Information retrieval 1.2 Multimedia 1.3

1 What is multimedia information retrieval? 1.1 Information retrieval 1.2 Multimedia 1.3

1 What is multimedia information retrieval? 1.1 Information retrieval 1.2 Multimedia 1.3 Semantic Gap? 1.4 Challenges of automated multimedia indexing 2 Basic multimedia search technologies 2.1 Meta-data driven retrieval 2.2 Piggy-back text

902 views • 56 slides
CS54701: Information Retrieval CS-54701 Information Retrieval Luo Si Department of Computer

CS54701: Information Retrieval CS-54701 Information Retrieval Luo Si Department of Computer

CS54701: Information Retrieval CS-54701 Information Retrieval Luo Si Department of Computer Science Purdue University Overview of Information Retrieval Why Information Retrieval: Information Overload: The world produces between 1 and 2

366 views • 33 slides
Mechanical Properties of Paint Coatings Hardness Measurement Shore Hardness D Barcol Hardness

Mechanical Properties of Paint Coatings Hardness Measurement Shore Hardness D Barcol Hardness

Mechanical Properties of Paint Coatings Hardness Measurement Shore Hardness D Barcol Hardness ASTM D2583 Fiberglass Aluminum Aluminum Alloys Soft Metals Plastics Scratch Hardness- (IS 101 - Part 5/Sec 2) BS 3900 Hardness can

1.89k views • 30 slides
Private Information Retrieval Vesa Vaskelainen Helsinki University of Technology

Private Information Retrieval Vesa Vaskelainen Helsinki University of Technology

T-79.514 Special Course on Cryptology Private Information Retrieval Vesa Vaskelainen Helsinki University of Technology vvaskela@cc.hut.fi T-79.514 Special Course in Cryptology, Private Information Retrieval, Vesa Vaskelainen 1 Overview of

195 views • 18 slides
Extended Private Information Retrieval and its Application in Biometrics Authentications J.

Extended Private Information Retrieval and its Application in Biometrics Authentications J.

Extended Private Information Retrieval and its Application in Biometrics Authentications J. Bringer and H. Chabanne D. Pointcheval and Q. Tang Sagem S ecurit Ecole normale sup e, France erieure, France CANS 2007 December 2007

372 views • 12 slides
Information Retrieval Introducing Information Retrieval and Web Search

Information Retrieval Introducing Information Retrieval and Web Search

Introduction to Information Retrieval Introducing Information Retrieval and Web Search Information Retrieval Information Retrieval (IR) is finding material (usually documents) of

585 views • 57 slides
Information Retrieval CS-7961: Topics in Information retrieval (IR) is finding material (usually

Information Retrieval CS-7961: Topics in Information retrieval (IR) is finding material (usually

Information Retrieval CS-7961: Topics in Information retrieval (IR) is finding material (usually documents) of an unstructured nature Information Retrieval (usually text) that satisfies an information need Seminar from within large

276 views • 4 slides
Weakly Private Information Retrieval Under the Maximal Leakage Metric Ruida Zhou, Tao Guo, Chao

Weakly Private Information Retrieval Under the Maximal Leakage Metric Ruida Zhou, Tao Guo, Chao

Weakly Private Information Retrieval Under the Maximal Leakage Metric Ruida Zhou, Tao Guo, Chao Tian Texas A&M University ISIT 2020 R. Zhou, T. Guo, C. Tian Weakly PIR Under the Maximal Leakage Metric 1 / 20 Private Information Retrieval

653 views • 31 slides
Information Retrieval CS276: Information Retrieval and Web Search

Information Retrieval CS276: Information Retrieval and Web Search

Introduction to Information Retrieval Introduction to Information Retrieval CS276: Information Retrieval and Web Search Christopher Manning and Prabhakar Raghavan Lecture 10: Text

736 views • 57 slides
Information Retrieval CS276: Information Retrieval and Web Search

Information Retrieval CS276: Information Retrieval and Web Search

Introduction to Information Retrieval Introduction to Information Retrieval CS276: Information Retrieval and Web Search Christopher Manning, Pandu Nayak, and Prabhakar Raghavan

1.49k views • 50 slides
A Storage-efficient and Robust Private Information Retrieval Scheme allowing few servers D.

A Storage-efficient and Robust Private Information Retrieval Scheme allowing few servers D.

A Storage-efficient and Robust Private Information Retrieval Scheme allowing few servers D. Augot, Franc oise Levy-dit-Vehel, Abudllatif Shikfa INRIA, ENSTA, Alcatel-Lucent D. Augot GT-BAC T el ecom, December 11, 2014 - 1/27 Outline

654 views • 31 slides
Introduction Information Retrieval Indian Statistical Institute Information Retrieval (ISI)

Introduction Information Retrieval Indian Statistical Institute Information Retrieval (ISI)

Introduction Information Retrieval Indian Statistical Institute Information Retrieval (ISI) Introduction 1 / 20 Course details Books [MRS] Introduction to Information Retrieval , Manning, Raghavan, Schtze. https://nlp.stanford.edu/IR-book/

1.16k views • 23 slides
Probabilistic Information Retrieval CE-324: Modern Information Retrieval Sharif University of

Probabilistic Information Retrieval CE-324: Modern Information Retrieval Sharif University of

Probabilistic Information Retrieval CE-324: Modern Information Retrieval Sharif University of Technology M. Soleymani Fall 2017 Most slides have been adapted from: Profs. Manning, Nayak & Raghavan (CS-276, Stanford) Why probabilities in

701 views • 38 slides
Web Information Retrieval Lecture 9 Information Retrieval in the Web Search use (iProspect

Web Information Retrieval Lecture 9 Information Retrieval in the Web Search use (iProspect

Web Information Retrieval Lecture 9 Information Retrieval in the Web Search use (iProspect Survey, 4/04) Without search engines the web wouldnt scale 1. No incentive in creating content unless it can be easily found other finding

814 views • 60 slides
Information Retrieval CS276: Information Retrieval and Web Search Pandu

Information Retrieval CS276: Information Retrieval and Web Search Pandu

Introduction to Information Retrieval Introduction to Information Retrieval CS276: Information Retrieval and Web Search Pandu Nayak and Prabhakar Raghavan Lecture 4: Index

649 views • 49 slides
Information Retrieval CS276: Information Retrieval and Web Search Pandu

Information Retrieval CS276: Information Retrieval and Web Search Pandu

Introduction to Information Retrieval Introduction to Information Retrieval CS276: Information Retrieval and Web Search Pandu Nayak and Prabhakar Raghavan Lecture 3: Dictionaries

489 views • 48 slides

More recommend