on the construction of pir schemes
play

On the construction of PIR schemes Julien Lavauzelle IRMAR, - PowerPoint PPT Presentation

Apr 02, 2023 •229 likes •973 views

On the construction of PIR schemes Julien Lavauzelle IRMAR, Universit de Rennes 1 Sminaire GREYC 27/02/2019 Outline 1. Private information retrieval 2. PIR schemes for common storage systems Distributed storage systems A PIR scheme on

  1. On the construction of PIR schemes Julien Lavauzelle IRMAR, Université de Rennes 1 Séminaire GREYC 27/02/2019

  2. Outline 1. Private information retrieval 2. PIR schemes for common storage systems Distributed storage systems A PIR scheme on RS-coded databases 3. PIR schemes with low computation Transversal designs and codes A PIR scheme with transversal designs Instances 4. Conclusion 1/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  3. Outline 1. Private information retrieval 2. PIR schemes for common storage systems Distributed storage systems A PIR scheme on RS-coded databases 3. PIR schemes with low computation Transversal designs and codes A PIR scheme with transversal designs Instances 4. Conclusion 1/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  4. Problem statement Private information retrieval (PIR): Given a remote database F ∈ Σ M and i ∈ [ 1, M ] , can we retrieve the entry/file F i , without leaking information on the index i ? 2/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  5. Problem statement Private information retrieval (PIR): Given a remote database F ∈ Σ M and i ∈ [ 1, M ] , can we retrieve the entry/file F i , without leaking information on the index i ? Trivial solution: full download. 2/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  6. Definition of PIR Introduced in: Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Database F stored (in some way) on n servers S 1 , . . . , S n , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : 3/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  7. Definition of PIR Introduced in: Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Database F stored (in some way) on n servers S 1 , . . . , S n , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q n ) 1. U generates a query vector q = ( q 1 , . . . , q n ) ← Q ( i ) and sends q j to server S j . . . U S 1 S 2 S n 3/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  8. Definition of PIR Introduced in: Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Database F stored (in some way) on n servers S 1 , . . . , S n , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q n ) 1. U generates a query vector q = ( q 1 , . . . , q n ) ← Q ( i ) and sends q j to server S j . . . U 2. Each server S j computes r j = A ( q j , F | S j ) and sends it back to U ( r 1 , . . . , r n ) S 1 S 2 S n 3/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  9. Definition of PIR Introduced in: Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Database F stored (in some way) on n servers S 1 , . . . , S n , user U wants to recover F i privately. A Private Information Retrieval protocol is a set of algorithms ( Q , A , R ) : ( q 1 , . . . , q n ) 1. U generates a query vector q = ( q 1 , . . . , q n ) ← Q ( i ) and sends q j to server S j . . . U 2. Each server S j computes r j = A ( q j , F | S j ) and sends it back to U ( r 1 , . . . , r n ) S 1 S 2 S n 3. U recovers F i = R ( q , r , i ) 3/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  10. Privacy A collusion of servers : set of servers { S j : j ∈ T } , where T ⊂ [ 1, n ] , which exchange information about queries, data, etc. t : = max {| T | , T ⊆ [ 1, n ] is a collusion } ≥ 1 4/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  11. Privacy A collusion of servers : set of servers { S j : j ∈ T } , where T ⊂ [ 1, n ] , which exchange information about queries, data, etc. t : = max {| T | , T ⊆ [ 1, n ] is a collusion } ≥ 1 • Information-theoretic privacy: I ( i ; q | T ) = 0, ∀ T ⊆ [ 1, n ] , | T | ≤ t . • Computational privacy: by varying the index i , distributions of queries q | T = Q ( i ) | T are computationally indistinguishable. 4/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  12. Privacy A collusion of servers : set of servers { S j : j ∈ T } , where T ⊂ [ 1, n ] , which exchange information about queries, data, etc. t : = max {| T | , T ⊆ [ 1, n ] is a collusion } ≥ 1 • Information-theoretic privacy: I ( i ; q | T ) = 0, ∀ T ⊆ [ 1, n ] , | T | ≤ t . • Computational privacy: by varying the index i , distributions of queries q | T = Q ( i ) | T are computationally indistinguishable. Theorem [CGKS95, CG97]. If t = n (in particular if n = 1), then: ◮ for IT-privacy, no better solution than full download , ◮ computational privacy is possible (but remains expensive as of now). 4/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  13. Main parameters of PIR schemes We focus on IT-privacy (hence we need n ≥ 2 servers) 5/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  14. Main parameters of PIR schemes We focus on IT-privacy (hence we need n ≥ 2 servers) Parameters to be taken into account: – communication complexity (upload and download) – computation complexity (client and servers) – global server storage overhead – maximum size of collusions ( t ) 5/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  15. Main parameters of PIR schemes We focus on IT-privacy (hence we need n ≥ 2 servers) Parameters to be taken into account: – communication complexity (upload and download) – computation complexity (client and servers) – global server storage overhead – maximum size of collusions ( t ) Several possible settings : – bounded vs. unbounded number of entries in the database – replicated database vs. coded database – small entries vs. large entries – dynamic database vs. static database – unresponsive or byzantine servers 5/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  16. Seminal work [CGKS’95-98] Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Settings: ◮ | F | = M bits, with M = L 2 , and [ 1, M ] ≃ [ 1, L ] 2 . ◮ n = 4 servers S 00 , S 01 , S 10 , S 11 , each storing a replica of F . ◮ Goal: retrieve F i = F ( i 1 , i 2 ) , for 1 ≤ i 1 , i 2 ≤ L . i 2 i 1 6/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  17. Seminal work [CGKS’95-98] Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Settings: ◮ | F | = M bits, with M = L 2 , and [ 1, M ] ≃ [ 1, L ] 2 . ◮ n = 4 servers S 00 , S 01 , S 10 , S 11 , each storing a replica of F . ◮ Goal: retrieve F i = F ( i 1 , i 2 ) , for 1 ≤ i 1 , i 2 ≤ L . 1. U generates at random two subsets X 1 , X 2 of [ 1, L ] . Then U sends: X 2 i 2 i 1 X 1 6/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  18. Seminal work [CGKS’95-98] Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Settings: ◮ | F | = M bits, with M = L 2 , and [ 1, M ] ≃ [ 1, L ] 2 . ◮ n = 4 servers S 00 , S 01 , S 10 , S 11 , each storing a replica of F . ◮ Goal: retrieve F i = F ( i 1 , i 2 ) , for 1 ≤ i 1 , i 2 ≤ L . 1. U generates at random two subsets X 1 , X 2 of [ 1, L ] . Then U sends: – ( X 1 , X 2 ) to S 00 , i 2 i 1 6/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  19. Seminal work [CGKS’95-98] Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Settings: ◮ | F | = M bits, with M = L 2 , and [ 1, M ] ≃ [ 1, L ] 2 . ◮ n = 4 servers S 00 , S 01 , S 10 , S 11 , each storing a replica of F . ◮ Goal: retrieve F i = F ( i 1 , i 2 ) , for 1 ≤ i 1 , i 2 ≤ L . 1. U generates at random two subsets X 1 , X 2 of [ 1, L ] . Then U sends: – ( X 1 , X 2 ) to S 00 , – ( X 1 ∆ { i 1 } , X 2 ) to S 10 , i 2 i 1 6/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  20. Seminal work [CGKS’95-98] Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Settings: ◮ | F | = M bits, with M = L 2 , and [ 1, M ] ≃ [ 1, L ] 2 . ◮ n = 4 servers S 00 , S 01 , S 10 , S 11 , each storing a replica of F . ◮ Goal: retrieve F i = F ( i 1 , i 2 ) , for 1 ≤ i 1 , i 2 ≤ L . 1. U generates at random two subsets X 1 , X 2 of [ 1, L ] . Then U sends: – ( X 1 , X 2 ) to S 00 , – ( X 1 ∆ { i 1 } , X 2 ) to S 10 , – ( X 1 , X 2 ∆ { i 2 } ) to S 01 , i 2 i 1 6/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

  21. Seminal work [CGKS’95-98] Private Information Retrieval . Chor, Goldreich, Kushilevitz, Sudan. FOCS. 1995 . Settings: ◮ | F | = M bits, with M = L 2 , and [ 1, M ] ≃ [ 1, L ] 2 . ◮ n = 4 servers S 00 , S 01 , S 10 , S 11 , each storing a replica of F . ◮ Goal: retrieve F i = F ( i 1 , i 2 ) , for 1 ≤ i 1 , i 2 ≤ L . 1. U generates at random two subsets X 1 , X 2 of [ 1, L ] . Then U sends: – ( X 1 , X 2 ) to S 00 , – ( X 1 ∆ { i 1 } , X 2 ) to S 10 , – ( X 1 , X 2 ∆ { i 2 } ) to S 01 , – ( X 1 ∆ { i 1 } , X 2 ∆ { i 2 } ) to S 11 . i 2 i 1 6/22 J. Lavauzelle – On the construction of PIR schemes – Séminaire GREYC

Recommend

On the construction of PIR schemes Julien Lavauzelle IRMAR, Universit de Rennes Sminaire C2

On the construction of PIR schemes Julien Lavauzelle IRMAR, Universit de Rennes Sminaire C2

On the construction of PIR schemes Julien Lavauzelle IRMAR, Universit de Rennes Sminaire C2 25/01/2019 Outline 1. Private information retrieval 2. PIR schemes for common storage systems Distributed storage systems A PIR scheme on

1.62k views • 107 slides
Hierarchy Construction Schemes within the Scale Set Framework Jean-Hugues PRUVOT, Luc BRUN GreyC

Hierarchy Construction Schemes within the Scale Set Framework Jean-Hugues PRUVOT, Luc BRUN GreyC

Hierarchy Construction Schemes within the Scale Set Framework Jean-Hugues PRUVOT, Luc BRUN GreyC Laboratory, Image Team CNRS UMR 6072 ENSICAEN 6th IAPR -TC-15 Workshop on Graph-based Representations in Pattern Recognition J.H. PRUVOT, L.BRUN

656 views • 51 slides
Introduction to the Council For Medical Schemes and the Medical Schemes Act Namaf Annual Trustee

Introduction to the Council For Medical Schemes and the Medical Schemes Act Namaf Annual Trustee

Introduction to the Council For Medical Schemes and the Medical Schemes Act Namaf Annual Trustee Training 2 August 2019 Presented by Craig Burton-Durham General Manager: Legal Services Unit ABOUT THE CMS The Council for Medical Schemes is a

580 views • 20 slides
Section 1 Commitment Schemes Commitment Schemes Commitment Schemes Digital analogue of a safe.

Section 1 Commitment Schemes Commitment Schemes Commitment Schemes Digital analogue of a safe.

Commitment Schemes Section 1 Commitment Schemes Commitment Schemes Commitment Schemes Digital analogue of a safe. Commitment Schemes Commitment Schemes Digital analogue of a safe. Definition 1 (Commitment scheme) An efficient two-stage

605 views • 23 slides
ESTATE RENEWAL SCHEMES IN ENFIELD UPDATE Striving for excellence www.enfield.gov.uk

ESTATE RENEWAL SCHEMES IN ENFIELD UPDATE Striving for excellence www.enfield.gov.uk

ESTATE RENEWAL SCHEMES IN ENFIELD UPDATE Striving for excellence www.enfield.gov.uk LADDERSWOOD Construction commenced 17 th March 2014 - delay caused by completion of section 106 agreement. Pub site will be the first phase

323 views • 14 slides
New Figure Schemes for Stata: blindschemes The Schemes plotplain & plottig Adaptation

New Figure Schemes for Stata: blindschemes The Schemes plotplain & plottig Adaptation

The Issue Solutions New Figure Schemes for Stata: blindschemes The Schemes plotplain & plottig Adaptation Conclusion Daniel Bischof 1 1 University of Zurich November 17, 2016 1/17 The Default Stata Figure Schemes 6 The Issue

207 views • 20 slides
Positivity- -preserving Lagrangian schemes for preserving Lagrangian schemes for Positivity

Positivity- -preserving Lagrangian schemes for preserving Lagrangian schemes for Positivity

Sino-German Symposium on Advanced Numerical Methods for Compressible Fluid Mechanics and Related Problems, May 22-26, 2014 Beijing Positivity- -preserving Lagrangian schemes for preserving Lagrangian schemes for Positivity multi-

746 views • 53 slides
On the isomorphism of certain Q -polynomial association schemes Giusy Monzillo (joint work with

On the isomorphism of certain Q -polynomial association schemes Giusy Monzillo (joint work with

Preliminaries The construction of the relative hemisystem of Penttila-Williford Betting... On the isomorphism of certain Q -polynomial association schemes Giusy Monzillo (joint work with Alessandro Siciliano) 18th June 2019 Preliminaries The

879 views • 70 slides
Collective Investment Schemes in Cyprus What are the Collective Investment Schemes A

Collective Investment Schemes in Cyprus What are the Collective Investment Schemes A

Collective Investment Schemes in Cyprus What are the Collective Investment Schemes A Collective Investment Scheme or a Fund as more commonly known can be defined as a pool of assets that invests collectively to give access to professional

463 views • 18 slides
On Key -collisions in (EC)DSA Schemes (1) Let ( m , S ) be a message and its signature.

On Key -collisions in (EC)DSA Schemes (1) Let ( m , S ) be a message and its signature.

On Key -collisions in (EC)DSA Schemes CRYPTO 2002 Rump Session Tom Rosa tomas.rosa@i.cz, http://crypto.hyperlink.cz ICZ, a.s. Dept. of Computer Science, CTU in Prague CZECH REPUBLIC On Key -collisions in (EC)DSA Schemes (1) Let ( m

519 views • 5 slides
WHY? WHY does the END USER require TPC fire schemes? WHY do companies require TPC fire

WHY? WHY does the END USER require TPC fire schemes? WHY do companies require TPC fire

NSI FIRE SCHEMES John Davidson Fire Schemes Manager WHY? WHY does the END USER require TPC fire schemes? WHY do companies require TPC fire schemes? A Brave New World 01 October 2006 A Brave New World Fire Precautions Act 1971 A

578 views • 33 slides
Modular Tree Automata Deriving Modular Recursion Schemes from Tree Automata Patrick Bahr

Modular Tree Automata Deriving Modular Recursion Schemes from Tree Automata Patrick Bahr

Modular Tree Automata Deriving Modular Recursion Schemes from Tree Automata Patrick Bahr University of Copenhagen, Department of Computer Science paba@diku.dk 11th International Conference on Mathematics of Program Construction Madrid,

1.29k views • 97 slides
the difference between governmental schemes and market schemes Quito, 10 April 2014 Agr. Dr.

the difference between governmental schemes and market schemes Quito, 10 April 2014 Agr. Dr.

Degrees of commodification and the difference between governmental schemes and market schemes Quito, 10 April 2014 Agr. Dr. Thomas Hahn, Stockholm Resilience Centre thomas.hahn@su.se Planetary and social boundaries Kate Raworth at Oxfam

804 views • 19 slides
Schemes Access to Markets Schemes at Enterprise Mauritius Informative Workshop for SMEs 09 March

Schemes Access to Markets Schemes at Enterprise Mauritius Informative Workshop for SMEs 09 March

Schemes Access to Markets Schemes at Enterprise Mauritius Informative Workshop for SMEs 09 March 2017 Table of Content EM Vision Mission, roles, objectives and services Markets for Export Promotion Traditional, Emerging and Africa

1.4k views • 31 slides
Hybrid Construction Hybrid Construction Hybrid Construction Hybrid Construction 1 VP

Hybrid Construction Hybrid Construction Hybrid Construction Hybrid Construction 1 VP

Hybrid Construction Hybrid Construction Hybrid Construction Hybrid Construction 1 VP University VP University WHEN DO YOU USE HYBRI D CONSTRUCTI ON? Hybrid Construction is an economical alternative to conventional steel structures

431 views • 15 slides
On Siamese Association Schemes Martin Ma caj October 4th, 2016 Overview Introduction

On Siamese Association Schemes Martin Ma caj October 4th, 2016 Overview Introduction

On Siamese Association Schemes Martin Ma caj October 4th, 2016 Overview Introduction Siamese association schemes Constructions Results Open problems 1 Related objects Association schemes; strongly regular graph (SRG),

601 views • 31 slides
Sequence Alignment: Scoring Schemes COMP 571 Luay Nakhleh, Rice University Scoring Schemes

Sequence Alignment: Scoring Schemes COMP 571 Luay Nakhleh, Rice University Scoring Schemes

Sequence Alignment: Scoring Schemes COMP 571 Luay Nakhleh, Rice University Scoring Schemes Recall that an alignment score is aimed at providing a scale to measure the degree of similarity (or difference) between two sequences and thus make it

827 views • 41 slides
Sequence Alignment: Scoring Schemes COMP 571 Luay Nakhleh, Rice University 2 Scoring Schemes

Sequence Alignment: Scoring Schemes COMP 571 Luay Nakhleh, Rice University 2 Scoring Schemes

1 Sequence Alignment: Scoring Schemes COMP 571 Luay Nakhleh, Rice University 2 Scoring Schemes Recall that an alignment score is aimed at providing a scale to measure the degree of similarity (or difference) between two sequences and thus

687 views • 14 slides
Key points 4 state energy savings schemes are the biggest game in town (and under review)

Key points 4 state energy savings schemes are the biggest game in town (and under review)

Energy Efficiency Expo 24 October 2019, Melbourne Energy Saving Schemes Panel Topic and Participant Talking Points Introduction: Energy efficiency schemes and incentives 2019 unprecedented year of opportunity Australias energy

490 views • 18 slides
CONSTRUCTION LAW SEMINARS Beneschs Construction Law Practice Group 1. Construction Law:

CONSTRUCTION LAW SEMINARS Beneschs Construction Law Practice Group 1. Construction Law:

CONSTRUCTION LAW SEMINARS Beneschs Construction Law Practice Group 1. Construction Law: Beyond the Letter of Your overcome. Specific topics include: Contract Effectively Playing the Claims (1) notice clauses; (2) no-damage-for-delay

252 views • 3 slides
Commitment Schemes A commitment scheme CS = ( P , C , V ) is a triple of algorithms P

Commitment Schemes A commitment scheme CS = ( P , C , V ) is a triple of algorithms P

Commitment Schemes A commitment scheme CS = ( P , C , V ) is a triple of algorithms P COMMITMENT SCHEMES EXAMPLE M C C K V 0/1 Parameter generation algorithm P is run once by a trusted party to produce public parameters . Mihir

1.22k views • 6 slides
Building Citizen Engagement into the Implementation of Welfare Schemes in Rural India Dipanjan

Building Citizen Engagement into the Implementation of Welfare Schemes in Rural India Dipanjan

Building Citizen Engagement into the Implementation of Welfare Schemes in Rural India Dipanjan Chakraborty Aaditeshwar Seth IIT Delhi dipanjan@cse.iitd.ernet.in Welfare Schemes NREGA RSBY Kannyashree Beneficiaries Welfare Schemes NREGA

878 views • 62 slides
Implicit schemes for the equation of the BGK model Sandra Pieraccini, Gabriella Puppo

Implicit schemes for the equation of the BGK model Sandra Pieraccini, Gabriella Puppo

The BGK model Numerical schemes for BGK models MiMe numerical schemes for BGK models Compressible NS asymptotics Implicit schemes for the equation of the BGK model Sandra Pieraccini, Gabriella Puppo Dipartimento di Scienze Matematiche

1.03k views • 70 slides
Microphysics Schemes W.-K. Tao S. Lang , J. Chern, T. Matsui, X. Li, T. Iguchi, D. Wu NASA

Microphysics Schemes W.-K. Tao S. Lang , J. Chern, T. Matsui, X. Li, T. Iguchi, D. Wu NASA

Microphysics Schemes W.-K. Tao S. Lang , J. Chern, T. Matsui, X. Li, T. Iguchi, D. Wu NASA Goddard Space Flight Center All microphysical schemes have their own set of unique assumptions and capabilities. It is critical therefore to sample and

347 views • 34 slides

More recommend