TY - GEN
T1 - On the cryptographic complexity of the worst functions
AU - Beimel, Amos
AU - Ishai, Yuval
AU - Kumaresan, Ranjit
AU - Kushilevitz, Eyal
N1 - Funding Information:
Research by the first three authors received funding from the European Union’s Tenth Framework Programme (FP10/2010-2016) under grant agreement no. 259426 ERC-CaC. The fourth author was supported by ISF grant 1361/10 and BSF grant 2008411.
PY - 2014
Y1 - 2014
N2 - We study the complexity of realizing the "worst" functions in several standard models of information-theoretic cryptography. In particular, for the case of security against passive adversaries, we obtain the following main results. OT complexity of secure two-party computation. Every function f:[N]×[N] → {0,1} can be securely evaluated using invocations of an oblivious transfer oracle. A similar result holds for securely sampling a uniform pair of outputs from a set S ⊆ [N]×[N]. Correlated randomness complexity of secure two-party computation. Every function f:[N]×[N] → {0,1} can be securely evaluated using bits of correlated randomness. Communication complexity of private simultaneous messages. Every function f:[N]×[N] → {0,1} can be securely evaluated in the non-interactive model of Feige, Kilian, and Naor (STOC 1994) with messages of length. Share complexity of forbidden graph access structures. For every graph G on N nodes, there is a secret-sharing scheme for N parties in which each pair of parties can reconstruct the secret if and only if the corresponding nodes in G are connected, and where each party gets a share of size. The worst-case complexity of the best previous solutions was Ω(N) for the first three problems and Ω(N/logN) for the last one. The above results are obtained by applying general transformations to variants of private information retrieval (PIR) protocols from the literature, where different flavors of PIR are required for different applications.
AB - We study the complexity of realizing the "worst" functions in several standard models of information-theoretic cryptography. In particular, for the case of security against passive adversaries, we obtain the following main results. OT complexity of secure two-party computation. Every function f:[N]×[N] → {0,1} can be securely evaluated using invocations of an oblivious transfer oracle. A similar result holds for securely sampling a uniform pair of outputs from a set S ⊆ [N]×[N]. Correlated randomness complexity of secure two-party computation. Every function f:[N]×[N] → {0,1} can be securely evaluated using bits of correlated randomness. Communication complexity of private simultaneous messages. Every function f:[N]×[N] → {0,1} can be securely evaluated in the non-interactive model of Feige, Kilian, and Naor (STOC 1994) with messages of length. Share complexity of forbidden graph access structures. For every graph G on N nodes, there is a secret-sharing scheme for N parties in which each pair of parties can reconstruct the secret if and only if the corresponding nodes in G are connected, and where each party gets a share of size. The worst-case complexity of the best previous solutions was Ω(N) for the first three problems and Ω(N/logN) for the last one. The above results are obtained by applying general transformations to variants of private information retrieval (PIR) protocols from the literature, where different flavors of PIR are required for different applications.
UR - http://www.scopus.com/inward/record.url?scp=84958544842&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-54242-8_14
DO - 10.1007/978-3-642-54242-8_14
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:84958544842
SN - 9783642542411
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 317
EP - 342
BT - Theory of Cryptography - 11th Theory of Cryptography Conference, TCC 2014, Proceedings
T2 - 11th Theory of Cryptography Conference on Theory of Cryptography, TCC 2014
Y2 - 24 February 2014 through 26 February 2014
ER -