Abstract
We show that general one-way trapdoor permutations are sufficient to privately retrieve an entry from a database of size n with total communication complexity strictly less than n. More specifically, we present a protocol in which the user sends O(K 2) bits and the server sends n − K cn bits (for any constant c), where K is the security parameter of the trapdoor permutations. Thus, for sufficiently large databases (e.g., when K = n ∈ for some small ∈) our construction breaks the information-theoretic lower-bound (of at least n bits). This demonstrates the feasibility of basing single-server private information retrieval on general complexity assumptions.
An important implication of our result is that we can implement a 1-out-of-n Oblivious Transfer protocol with communication complexity strictly less than n based on any one-way trapdoor permutation.
Chapter PDF
Similar content being viewed by others
Keywords
- Communication Complexity
- Oblivious Transfer
- Private Information Retrieval
- Trapdoor Function
- Malicious Server
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
A. Ambainis. Upper bound on the communication complexity of private information retrieval. In Proc. of 24th ICALP, volume 1256 of Lecture Notes in Computer Science, pages 401–407, 1997.
A. Beimel, Y. Ishai, E. Kushilevitz, and T. Malkin. One-way functions are essential for single-server private information retrieval. In Proc. of the 31th Annu. ACM Symp. on the Theory of Computing, 1999.
M. Bellare, S. Halevi, A. Sahai, and S. Vadhan. Many-to-one trapdoor functions and their relation to public-key cryptosystems. In H. Krawczyk, editor, Advances in Cryptology-CRYPTO’ 98, volume 1462 of Lecture Notes in Computer Science, pages 283–298. Springer-Verlag, 1998.
G. Brassard, C. Crepeau and J.-M. Robert All-or-nothing disclosure of secrets In Advances in Cryptology: Proceedings of Crypto’ 86 Springer-Verlag, 1987, pp. 234–238.
C. Crépeau. Equivalence between two flavors of oblivious transfers. In Proc. of CRYPTO’ 87, pages 350–354, 1988.
C. Cachin, C. Crepeau, and J. Marcil. Oblivious transfer with a memory-bounded receiver. In Proc. 39th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 493–502, 1998.
C. Cachin, S. Micali, and M. Stadler. Computationally private information retrieval with polylogarithmic communication. In Advances in Cryptology-EUROCRYPT’ 99, 1999.
B. Chor and N. Gilboa. Computationally private information retrieval. In Proc. of the 29th Annu. ACM Symp. on the Theory of Computing, pages 304–313, 1997.
B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private information retrieval. In Proc. of the 36th Annu. IEEE Symp. on Foundations of Computer Science, pages 41–51, 1995. Journal version in JACM, Vol. 45(6), 1998, pp. 965–981.
I. Damgard. Interactive hashing can simplify zero-knowledge protocol design without computational assumptions. In D. R. Stinson, editor, Advances in Cryptology-CRYPTO’ 93, volume 773 of Lecture Notes in Computer Science. Springer-Verlag, 1994.
G. Di Crescenzo, Y. Ishai, and R. Ostrovsky. Universal service-providers for database private information retrieval. In Proc. of the 17th Annu. ACM Symp. on Principles of Distributed Computing, pages 91–100, 1998.
G. Di Crescenzo, T. Malkin, and R. Ostrovsky. Single-database private information retrieval implies oblivious transfer. In Advances in Cryptology-EUROCRYPT 2000, Lecture Notes in Computer Science, volume 1807, Springer-Verlag, 2000, pp. 122–139 (this volume).
S. Even, O. Goldreich and A. Lempel A Randomized Protocol for Signing Contracts Communications of the ACM, Vol 28, 1985, pp. 637–447.
J. Feigenbaum and R. Ostrovsky A note on one-prover, instance-hiding zero-knowledge proof systems In Advances in Cryptology — Asiacrypt’91, Lecture Notes in Computer Science, volume 739, Springer, Berlin, 1993, pp. 352–359.
Y. Gertner, S. Goldwasser, and T. Malkin. A random server model for private information retrieval. In M. Luby, J. Rolim, and M. Serna, editors, RANDOM’ 98, 2nd International Workshop on Randomization and Approximation Techniques in Computer Science, volume 1518 of Lecture Notes in Computer Science, pages 200–217. Springer, 1998.
Y. Gertner, Y. Ishai, E. Kushilevitz, and T. Malkin. Protecting data privacy in private information retrieval schemes. In Proc. of the 30th Annu. ACM Symp. on the Theory of Computing, pages 151–160, 1998.
O. Goldreich. Foundations of Cryptography (fragments of a book). Electronic Colloquium on Computational Complexity, 1995. Electronic publication: http://www.eccc.uni-trier.de/eccc-local/ECCC-Books/eccc-books.html.
O. Goldreich, S. Goldwasser, and N. Linial. Fault-tolerant computation in the full information model: the Two-party Case In Proc. of the 32nd Annu. IEEE Symp. on Foundations of Computer Science, pages 447–457, 1991. Journal Version in SIAM J. on Computing, Vol. 27(3), 1998, pp. 505–544.
O. Goldreich and L. Levin. A hard predicate for all one-way functions. In Proc. of the 21st Annu. ACM Symp. on the Theory of Computing, pages 25–32, 1989.
O. Goldreich, S. Micali, and A. Wigderson. How to play any mental game or a completeness theorem for protocols with honest majority. In Proc. of the 19th Annu. ACM Symp. on the Theory of Computing, pages 218–229, 1987.
J. Hastad, R. Impagliazzo, L. A. Levin, and M. Luby. Construction of a pseudo-random generator from any one-way function. Technical Report TR-91-068, International Computer Science Institute, 1991.
R. Impagliazzo and M. Luby. One-way functions are essential for complexity based cryptography. In Proc. of the 30th Annu. IEEE Symp. on Foundations of Computer Science, pages 230–235, 1989.
R. Impagliazzo and S. Rudich. Limits on the provable consequences of one-way permutations. In Proc. of the 21st Annu. ACM Symp. on the Theory of Computing, pages 44–61, 1989.
Y. Ishai and E. Kushilevitz. Improved upper bounds on information theoretic private information retrieval. In Proc. of the 31th Annu. ACM Symp. on the Theory of Computing, 1999.
J. Kilian. Basing cryptography on oblivious transfer. In Proc. of the 20th Annu. ACM Symp. on the Theory of Computing, pages 20–31, 1988.
J. Kilian. A general completeness theorem for two-party games. In Proc. of the 23th Annu. ACM Symp. on the Theory of Computing, pages 553–560, 1991.
E. Kushilevitz and R. Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In Proc. of the 38th Annu. IEEE Symp. on Foundations of Computer Science, pages 364–373, 1997.
E. Mann. Private access to distributed information. Master’s thesis, Technion-Israel Institute of Technology, Haifa, 1998.
M. Naor, R. Ostrovsky, R. Venkatesan, and M. Yung. Perfect zero-knowledge arguments for NP can be based on general complexity assumptions. In E. F. Brickell, editor, Advances in Cryptology-CRYPTO’ 92, volume 740 of Lecture Notes in Computer Science. Springer-Verlag, 1992. Final version in J. Cryptology, 11(2):87–108, 1998.
M. Naor and B. Pinkas. Oblivious transfer and polynomial evaluation. In Proc. of the 31th Annu. ACM Symp. on the Theory of Computing, pages 245–254, 1999.
M. Naor and M. Yung. Universal one-way functions and their cryptographic applications. In Proc. of the 21st Annu. ACM Symp. on the Theory of Computing, pages 33–43, 1989.
R. Ostrovsky and V. Shoup. Private information storage. In Proc. of the 29th Annu. ACM Symp. on the Theory of Computing, pages 294–303, 1997.
R. Ostrovsky, R. Venkatesan, and M. Yung. Fair games against an all-powerful adversary. Presented at DIMACS Complexity and Cryptography workshop, October 1990, Princeton. Prelim. version in Proc. of the Sequences II workshop 1991, Springer-Verlag, pp. 418–429. Final version in AMS DIMACS Series in Discrete Mathematics and Theoretical Computer Science, Vol. 13 Distributed Computing and Cryptography, Jin-Yi Cai, editor, pp. 155–169. AMS, 1993.
R. Ostrovsky, R. Venkatesan, and M. Yung. Secure Commitment Against Powerful Adversary: A Security Primitive based on Average Intractability. In Proceedings of 9th Symposium on Theoretical Aspects of Computer Science (STACS-92) (LNCS 577 Springer Verlag Ed. A. Finkel and M. Jantzen) pp. 439–448 February 13–15 1992, Paris, France.
R. Ostrovsky, R. Venkatesan, and M. Yung. Interactive hashing simplifies zero-knowledge protocol design. In Advances in Cryptology-EUROCRYPT’ 93, Lecture Notes in Computer Science. Springer-Verlag, 1993.
R. Ostrovsky and A. Wigderson One-Way Functions are Essential for Non-Trivial Zero-Knowledge. In Proceedings of the Second Israel Symposium on Theory of Computing and Systems (ISTCS-93) pp. 1–10., IEEE 1993.
M. O. Rabin How to exchange secrets by oblivious transfer Technical Memo TR-81, Aiken Computation Laboratory, Harvard University, 1981.
J. Rompel. One-way functions are necessary and sufficient for secure signatures. In Proc. of the 22nd Annu. ACM Symp. on the Theory of Computing, pages 387–394, 1990.
J. P. Stern. A new and efficient all-or-nothing disclosure of secrets protocol. In ASIACRYPT’ 98, 1998.
A. C. Yao. Theory and application of trapdoor functions. In Proc. of the 23th Annu. IEEE Symp. on Foundations of Computer Science, pages 80–91, 1982.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kushilevitz, E., Ostrovsky, R. (2000). One-Way Trapdoor Permutations Are Sufficient for Non-trivial Single-Server Private Information Retrieval. In: Preneel, B. (eds) Advances in Cryptology — EUROCRYPT 2000. EUROCRYPT 2000. Lecture Notes in Computer Science, vol 1807. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45539-6_9
Download citation
DOI: https://doi.org/10.1007/3-540-45539-6_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-67517-4
Online ISBN: 978-3-540-45539-4
eBook Packages: Springer Book Archive