Randomness in private computations

We consider the amount of randomness used in private distributed computations. Specifically, we show how n players can compute the exclusive-or (xor) of n boolean inputs t-privately, using only O(t2 log(n/t)) random bits (the best known upper bound is O(tn)). We accompany this result by a lower bound on the number of random bits required to carry out this task; we show that any protocol solving this problem requires at least t random bits (again, this significantly improves over the known lower bounds). For the upper bound, we show how, given m subsets of {1, . . . , n}, to construct in (deterministic) polynomial time a probability distribution of n random variables (i.e., a probability distribution over {0, 1}n) such that (1) the parity of random variables in each of these m subsets is 0 or 1 with equal probability, and (2) the support of the distribution is of size at most 2m. This construction generalizes previously considered types of sample spaces (such as k-wise independent spaces and Schulman’s spaces [Sample spaces uniform on neighborhoods, in Proc. of the 24th Annual ACM Symposium on Theory of Computing, ACM, New York, 1992, pp. 17–25]). We believe that this construction is of independent interest and may have various applications.

[1]  Rafail Ostrovsky,et al.  Reducibility and completeness in multi-party private computations , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[2]  Vijay V. Vazirani,et al.  Random polynomial time is equal to slightly-random polynomial time , 1985, 26th Annual Symposium on Foundations of Computer Science (sfcs 1985).

[3]  Manuel Blum,et al.  How to generate cryptographically strong sequences of pseudo random bits , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[4]  B. M. Fulk MATH , 1992 .

[5]  Y. Mansour,et al.  On construction of k-wise independent random variables , 1994, STOC '94.

[6]  Douglas R. Stinson,et al.  On the Dealer's Randomness Required in Secret Sharing Schemes , 1994, Des. Codes Cryptogr..

[7]  Andrew Chi-Chih Yao,et al.  Theory and application of trapdoor functions , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[8]  Noga Alon,et al.  Simple construction of almost k-wise independent random variables , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[9]  Noam Nisan,et al.  Pseudorandom generators for space-bounded computation , 1992, Comb..

[10]  Nimrod Megiddo,et al.  Constructing small sample spaces satisfying given constraints , 1993, SIAM J. Discret. Math..

[11]  Matthew K. Franklin,et al.  Communication complexity of secure computation (extended abstract) , 1992, STOC '92.

[12]  Eyal Kushilevitz,et al.  A Zero-One Law for Boolean Privacy , 1991, SIAM J. Discret. Math..

[13]  R. Motwani,et al.  Derandomization through approximation: an NC algorithm for minimum cuts , 1994, STOC '94.

[14]  Alfredo De Santis,et al.  On the Number of Random Bits in Totally Private Computation , 1995, ICALP.

[15]  Leonard J. Schulman Sample spaces uniform on neighborhoods , 1992, STOC '92.

[16]  Eyal Kushilevitz,et al.  A zero-one law for Boolean privacy , 1989, STOC '89.

[17]  A. Yao How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[18]  Rafail Ostrovsky,et al.  Characterizing linear size circuits in terms of privacy , 1996, STOC '96.

[19]  Noam Nisan,et al.  Pseudorandom generators for space-bounded computations , 1990, STOC '90.

[20]  Nimrod Megiddo,et al.  Constructing Small Sample Spaces Satisfying Given Constraints , 1994, SIAM J. Discret. Math..

[21]  David Chaum,et al.  Multiparty unconditionally secure protocols , 1988, STOC '88.

[22]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[23]  Moni Naor,et al.  Small-Bias Probability Spaces: Efficient Constructions and Applications , 1993, SIAM J. Comput..

[24]  Eyal Kushilevitz,et al.  Private Computations over the Integers , 1995, SIAM J. Comput..

[25]  Eli Upfal,et al.  A time-randomness tradeoff for oblivious routing , 1988, STOC '88.

[26]  Judit Bar-Ilan,et al.  Non-cryptographic fault-tolerant computing in constant number of rounds of interaction , 1989, PODC '89.

[27]  Moni Naor,et al.  Adaptively secure multi-party computation , 1996, STOC '96.

[28]  Eyal Kushilevitz,et al.  A Randomnesss-Rounds Tradeoff in Private Computation , 1994, CRYPTO.

[29]  Alfredo De Santis,et al.  Randomness in Distribution Protocols , 1996, Inf. Comput..

[30]  Noga Alon,et al.  The Probabilistic Method , 2015, Fundamentals of Ramsey Theory.

[31]  Oded Goldreich,et al.  Unbiased Bits from Sources of Weak Randomness and Probabilistic Communication Complexity , 1988, SIAM J. Comput..

[32]  Mihir Bellare,et al.  Randomness in interactive proofs , 1990, Proceedings [1990] 31st Annual Symposium on Foundations of Computer Science.

[33]  Eyal Kushilevitz,et al.  Privacy and communication complexity , 1989, 30th Annual Symposium on Foundations of Computer Science.

[34]  Prabhakar Raghavan,et al.  Memory Versus Randomization in On-line Algorithms (Extended Abstract) , 1989, ICALP.

[35]  Avi Wigderson,et al.  Dispersers, deterministic amplification, and weak random sources , 1989, 30th Annual Symposium on Foundations of Computer Science.

[36]  Eyal Kushilevitz,et al.  A Communication-Privacy Tradeoff for Modular Addition , 1993, Inf. Process. Lett..

[37]  David R. Karger,et al.  (De)randomized Construction of Small Sample Spaces in NC , 1997, J. Comput. Syst. Sci..

[38]  Eyal Kushilevitz,et al.  A Randomness-Rounds Tradeoff in Private Computation , 1994, SIAM J. Discret. Math..

[39]  Russell Impagliazzo,et al.  How to recycle random bits , 1989, 30th Annual Symposium on Foundations of Computer Science.

[40]  Donald Beaver Perfect Privacy For Two-Party Protocols , 1989, Distributed Computing And Cryptography.