Private Retrieval, Computing and Learning: Recent Progress and Future Challenges

Ulukuş, Şennur; Avestimehr, Salman; Gastpar, Michael; Jafar, Syed A.; Tandon, Ravi; Tian, Chao

doi:10.48550/arxiv.2108.00026

Cited by 3 publications

(4 citation statements)

References 144 publications

(231 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the information theoretic framework, which requires perfect privacy and assumes long messages, the capacity of PIR is the maximum number of bits of desired information that can be retrieved per bit of download from the server(s) [3]. Capacity characterizations have recently been obtained for various forms of PIR, especially for the multi-server setting [3]- [22].…”

Section: Introductionmentioning

confidence: 99%

On Single Server Private Information Retrieval with Private Coded Side Information

Lu¹,

Jafar²

2022

Preprint

View full text Add to dashboard Cite

Motivated by an open problem and a conjecture, this work studies the problem of single server private information retrieval with private coded side information (PIR-PCSI) that was recently introduced by Heidarzadeh et al. The goal of PIR-PCSI is to allow a user to efficiently retrieve a desired message W θ , which is one of K independent messages that are stored at a server, while utilizing private side information of a linear combination of a uniformly chosen size-M subset (S ⊂ [K]) of messages. The settings PIR-PCSI-I and PIR-PCSI-II correspond to the constraints that θ is generated uniformly from[K] \ S, and S, respectively. In each case, (θ, S) must be kept private from the server. The capacity is defined as the supremum over message and field sizes, of achievable rates (number of bits of desired message retrieved per bit of download) and is characterized by Heidarzadeh et al. for PIR-PCSI-I in general, and for PIR-PCSI-II for M > (K + 1)/2 as (K − M + 1) −1 . For 2 ≤ M ≤ (K + 1)/2 the capacity of PIR-PCSI-II remains open, and it is conjectured that even in this case the capacity is2 , which is strictly larger than the conjectured value, and does not depend on M within this parameter regime.Remarkably, half the side-information is found to be redundant. We also characterize the infimum capacity (infimum over fields instead of supremum), and the capacity with private coefficients. The results are generalized to PIR-PCSI-I (θ ∈ [K] \ S) and PIR-PCSI (θ ∈ [K]) settings.

show abstract

Section: Introductionmentioning

confidence: 99%

On Single Server Private Information Retrieval with Private Coded Side Information

Lu¹,

Jafar²

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Information-theoretic privacy and straggler mitigation in coded computing (for polynomial evaluation, matrix-matrix and matrix-vector multiplication) is achieved by using secret sharing [26]- [39]. For a very recent survey on private distributed computing and its connections we refer the reader to [40]. Security against malicious workers is considered in [28], [41]- [44].…”

Section: Introductionmentioning

confidence: 99%

Secure Private and Adaptive Matrix Multiplication Beyond the Singleton Bound

Hofmeister¹,

Bitar²,

Xhemrishi³

et al. 2021

Preprint

View full text Add to dashboard Cite

Consider the problem of designing secure and private codes for distributed matrix-matrix multiplication. A master server owns two private matrices A and B and hires worker nodes to help computing their multiplication. The matrices should remain information-theoretically private from the workers. Some of the workers are malicious and return corrupted results to the master. This work is motivated by the literature on myopic adversaries in network coding and distributed storage. Security beyond the Singleton bound is possible when the adversary has limited knowledge about the master's data and probabilistic decoding is acceptable. The key observation in this setting is that the master is the sender and the receiver. Therefore, the master enjoys a plethora of advantages that enable coding for security beyond the Singleton bound.We design a framework for security against malicious adversaries in private matrix-matrix multiplication. Our main goal is to apply this security framework to schemes with adaptive rates previously introduced by a subset of the authors. Adaptive schemes divide the workers into clusters and thus provide flexibility in trading decoding complexity for efficiency. Checking the integrity of the computation per cluster has low complexity but costs deleting the results of a whole cluster with at least one malicious worker. Checking the integrity of the results per worker is more complex but allows an efficient use of the non-malicious workers. Our scheme, called SRPM3, provides a computationally efficient security check that detects malicious workers with high probability and can tolerate the presence of an arbitrary number of malicious workers. We provide simulation results that validate our theoretical findings.

show abstract

“…For arbitrary collection of security input sets and colluding user sets, I characterize the optimal randomness assumption, i.e., the minimum number of key bits that need to be held by the users, per input bit, for weakly secure summation to be feasible, which generally involves solving a linear program. In a seminal work [78], Shannon introduced the notion of information theoretic security [16,94] based on statistical independence and established the fundamental limits of a single-user secure communication system. While [78] provided an elegant theoretical foundation for cryptography, the optimal solutions are deemed too inefficient to im plement in practice [47].…”

Section: Overview Of the Dissertationmentioning

confidence: 99%

“…≥ max H(Z 4 ), H(Z 5 ), H(Z 3 ) + a * L (6. 94) where in (6.93), we split the non-redundant Z k term in set S m ∪ T n to that in T n \ S and A m,n ; in (6.94), we use Lemma 6.66 to bound the A m,n term conditioned on T n \ S (note that we consider only A m,n where |A m,n | = a * , i.e., A m,n = S). Next, we proceed to bound the term max (H(Z 4 ), H(Z 5 ), H(Z 3 )), where it turns out that the only constraints required are from Lemma 6.44.…”

Section: H(zmentioning

confidence: 99%

Conditional Disclosure of Secrets and Storage over Graphs

View full text Add to dashboard Cite

In the era of big data, it is essential to implement practical security and privacy measures to ensure the lawful use of data and provide users with trust and assurance. In the dissertation, I address this issue through several key steps. Firstly, I delve into the problem of conditional secret disclosure, representing it using graphs to determine the most efficient approach for storing and disclosing secrets. Secondly, I extend the conditional disclosure of secrets problem from a single secret to multiple secrets and from a bipartite graph to an arbitrary graph. Thirdly, I remove security constraints to observe how they affect the efficiency of storage and recovery. In our final paper, I explore the secure summation problem, aiming to determine the capacity of total noise. Throughout the dissertation, I leverage information-theoretic tools to address security and privacy concerns.

show abstract

Private Retrieval, Computing and Learning: Recent Progress and Future Challenges

Cited by 3 publications

References 144 publications

On Single Server Private Information Retrieval with Private Coded Side Information

On Single Server Private Information Retrieval with Private Coded Side Information

Secure Private and Adaptive Matrix Multiplication Beyond the Singleton Bound

Conditional Disclosure of Secrets and Storage over Graphs

Contact Info

Product

Resources

About