nach oben

Erschienen in:

2019 | OriginalPaper | Buchkapitel

On Quantum Advantage in Information Theoretic Single-Server PIR

verfasst von : Dorit Aharonov, Zvika Brakerski, Kai-Min Chung, Ayal Green, Ching-Yi Lai, Or Sattath

Erschienen in: Advances in Cryptology – EUROCRYPT 2019

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

In (single-server) Private Information Retrieval (PIR), a server holds a large database \({\mathtt {DB}}\) of size n, and a client holds an index \(i \in [n]\) and wishes to retrieve \({\mathtt {DB}}[i]\) without revealing i to the server. It is well known that information theoretic privacy even against an “honest but curious” server requires \(\varOmega (n)\) communication complexity. This is true even if quantum communication is allowed and is due to the ability of such an adversarial server to execute the protocol on a superposition of databases instead of on a specific database (“input purification attack”).

Nevertheless, there have been some proposals of protocols that achieve sub-linear communication and appear to provide some notion of privacy. Most notably, a protocol due to Le Gall (ToC 2012) with communication complexity \(O(\sqrt{n})\), and a protocol by Kerenidis et al. (QIC 2016) with communication complexity \(O(\log (n))\), and O(n) shared entanglement.

We show that, in a sense, input purification is the only potent adversarial strategy, and protocols such as the two protocols above are secure in a restricted variant of the quantum honest but curious (a.k.a specious) model. More explicitly, we propose a restricted privacy notion called anchored privacy, where the adversary is forced to execute on a classical database (i.e. the execution is anchored to a classical database). We show that for measurement-free protocols, anchored security against honest adversarial servers implies anchored privacy even against specious adversaries.

Finally, we prove that even with (unlimited) pre-shared entanglement it is impossible to achieve security in the standard specious model with sub-linear communication, thus further substantiating the necessity of our relaxation. This lower bound may be of independent interest (in particular recalling that PIR is a special case of Fully Homomorphic Encryption).

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel On Finding Quantum Multi-collisions

Nächstes Kapitel Verifier-on-a-Leash: New Schemes for Verifiable Delegated Quantum Computation, with Quasilinear Resources

Nur mit Berechtigung zugänglich

Throughout this work we will focus on the setting of binary database. We do note that there is vast literature concerned with optimizations for the case of larger alphabet.

Setup refers to any information that is provided to the parties prior to the execution of the protocol by a trusted entity, but crucially one that does not depend on the parties’ inputs. Shared randomness or shared entanglement are common examples.

As [DNS10] point out, their model is stronger, i.e. excludes a larger class of attacks, compared to the honest but curious model, even when restricted to a completely classical setting.

More accurately, indistinguishability is required to hold even in the presence of an environment which can be arbitrary correlated (or entangled) with the parties’ inputs. In the quantum setting this usually corresponds to the environment.

We note that to the best of our understanding, even prior “entropic” results such as [JRS09] seem to fall short of capturing the potential additional power of shared entanglement. This is essentially due to the property that if AB are entangled, then it is possible that the reduced state of B will have (much) higher von Neumann entropy than the joint AB (whose entropy might even be 0).

This is because we can include the purification register at any point, as the server could have included himself rather than throwing it away.

We make one minor adaptation – see Remark B.1.

[Aar04]

Aaronson, S.: Limitations of quantum advice and one-way communication. In: Proceedings of the 19th IEEE Annual Conference on Computational Complexity, pp. 320–332, June 2004. https://doi.org/10.1109/CCC.2004.1313854

[ABC+19]

Aharonov, D., Brakerski, Z., Chung, K.-M., Green, A., Lai, C.-Y., Sattath, O.: On quantum advantage in information theoretic single-server PIR (2019). arXiv:1902.09768

[ACG+16]

Aharonov, D., Chailloux, A., Ganz, M., Kerenidis, I., Magnin, L.: A simpler proof of the existence of quantum weak coin flipping with arbitrarily small bias. SIAM J. Comput. 45(3), 633–679 (2016). https://doi.org/10.1137/14096387XMathSciNetCrossRefMATH

[AKN98]

Aharonov, D., Kitaev, A.Y., Nisan, N.: Quantum circuits with mixed states. In: Proceedings of the Thirtieth Annual ACM Symposium on the Theory of Computing, Dallas, Texas, USA, 23–26 May 1998, pp. 20–30 (1998). https://doi.org/10.1145/276698.276708

[ANTSV02]

Ambainis, A., Nayak, A., Ta-Shma, A., Vazirani, U.: Dense quantum coding and quantum finite automata. JACM 49(4), 496–511 (2002). https://doi.org/10.1145/581771.581773MathSciNetCrossRefMATH

[BB84]

Bennett, C.H., Brassard, G.: Quantum cryptography: public key distribution and coin tossing. In: Proceedings of IEEE International Conference on Computers, Systems, and Signal Processing, p. 175 (1984)

[BB15]

Baumeler, Ä., Broadbent, A.: Quantum private information retrieval has linear communication complexity. J. Cryptol. 28(1), 161–175 (2015). https://doi.org/10.1007/s00145-014-9180-2MathSciNetCrossRefMATH

[BS16]

Broadbent, A., Schaffner, C.: Quantum cryptography beyond quantum key distribution. Des. Codes Crypt. 78(1), 351–382 (2016). https://doi.org/10.1007/s10623-015-0157-4MathSciNetCrossRefMATH

[BV11]

Brakerski, Z., Vaikuntanathan, V.: Efficient fully homomorphic encryption from (standard) LWE. In: Ostrovsky, R. (ed.) FOCS, pp. 97–106. IEEE (2011). https://eprint.iacr.org/2011/344.pdf

[CGKS95]

Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: 36th Annual Symposium on Foundations of Computer Science, Milwaukee, Wisconsin, USA, 23–25 October 1995, pp. 41–50. IEEE Computer Society (1995). https://doi.org/10.1109/SFCS.1995.492461

[CK09]

Chailloux, A., Kerenidis, I.: Optimal quantum strong coin flipping. In: 50th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2009, Atlanta, Georgia, USA, 25–27 October 2009, pp. 527–533. IEEE Computer Society (2009). https://doi.org/10.1109/FOCS.2009.71

[CMS99]

Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–414. Springer, Heidelberg (1999). https://doi.org/10.1007/3-540-48910-X_28CrossRef

[DG15]

Dvir, Z., Gopi, S.: 2-Server PIR with sub-polynomial communication. In: Servedio, R.A., Rubinfeld, R. (eds.) Proceedings of the Forty-Seventh Annual ACM on Symposium on Theory of Computing, STOC 2015, Portland, OR, USA, 14–17 June 2015, pp. 577–584. ACM (2015). https://doi.org/10.1145/2746539.2746546

[DNS10]

Dupuis, F., Nielsen, J.B., Salvail, L.: Secure two-party quantum evaluation of unitaries against specious adversaries. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 685–706. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_37CrossRef

[Efr12]

Efremenko, K.: 3-query locally decodable codes of subexponential length. SIAM J. Comput. 41(6), 1694–1703 (2012). https://doi.org/10.1137/090772721MathSciNetCrossRefMATH

[FvdG99]

Fuchs, C.A., van de Graaf, J.: Cryptographic distinguishability measures for quantum-mechanical states. IEEE Trans. Inf. Theory 45(4), 1216–1227 (1999). https://doi.org/10.1109/18.761271MathSciNetCrossRefMATH

[GC01]

Gottesman, D., Chuang, I.: Quantum digital signatures (2001). arXiv:quant-ph/0105032

[Gen09]

Gentry, C.: A fully homomorphic encryption scheme. Ph.D. thesis. Stanford University (2009)

[GLM08]

Giovannetti, V., Lloyd, S., Maccone, L.: Quantum private queries. Phys. Rev. Lett. 100, 230502 (2008). https://doi.org/10.1103/PhysRevLett.100.230502MathSciNetCrossRefMATH

[Gol04]

Goldreich, O.: The Foundations of Cryptography - Volume 2, Basic Applications. Cambridge University Press, Cambridge (2004)MATH

[GW07]

Gutoski, G., Watrous, J.: Toward a general theory of quantum games. In: Proceedings of the Thirty-Ninth Annual ACM Symposium on Theory of Computing, pp. 565–574. ACM (2007). https://doi.org/10.1145/1250790.1250873

[JP99]

Jonathan, D., Plenio, M.B.: Entanglement-assisted local manipulation of pure quantum states. Phys. Rev. Lett. 83, 3566–3569 (1999). https://doi.org/10.1103/PhysRevLett.83.3566MathSciNetCrossRefMATH

[JRS09]

Jain, R., Radhakrishnan, J., Sen, P.: A property of quantum relative entropy with an application to privacy in quantum communication. J. ACM 56(6), 33:1–33:32 (2009). https://doi.org/10.1145/1568318.1568323MathSciNetCrossRefMATH

[KLGR16]

Kerenidis, I., Laurière, M., Gall, F.L., Rennela, M.: Information cost of quantum communication protocols. Quantum Inf. Comput. 16(3&4), 181–196 (2016). http://www.rintonpress.com/xxqic16/qic-16-34/0181-0196.pdfMathSciNet

[Kli07]

Klimesh, M.: Inequalities that collectively completely characterize the catalytic majorization relation (2007). arXiv:0709.3680

[KRS09]

Konig, R., Renner, R., Schaffner, C.: The operational meaning of min- and max-entropy. IEEE Trans. Inf. Theory 55(9), 4337–4347 (2009). https://doi.org/10.1109/TIT.2009.2025545MathSciNetCrossRefMATH

[LC97]

Lo, H.-K., Chau, H.F.: Is quantum bit commitment really possible? Phys. Rev. Lett. 78, 3410–3413 (1997). https://doi.org/10.1103/PhysRevLett.78.3410CrossRef

[LC18]

Lai, C.-Y., Chung, K.-M.: Interactive leakage chain rule for quantum min-entropy (2018). arXiv:1809.10694

[LG12]

Le Gall, F.: Quantum private information retrieval with sublinear communication complexity. Theory Comput. 8(16), 369–374 (2012). https://doi.org/10.4086/toc.2012.v008a016MathSciNetCrossRefMATH

[Lo97]

Lo, H.-K.: Insecurity of quantum secure computations. Phys. Rev. A 56(2), 1154 (1997). https://doi.org/10.1103/PhysRevA.56.1154CrossRef

[May97]

Mayers, D.: Unconditionally secure quantum bit commitment is impossible. Phys. Rev. Lett. 78, 3414–3417 (1997). https://doi.org/10.1103/PhysRevLett.78.3414CrossRef

[Moc07]

Mochon, C.: Quantum weak coin flipping with arbitrarily small bias (2007). arXiv:0711.4114

[Nay99]

Nayak, A.: Optimal lower bounds for quantum automata and random access codes. In: 40th Annual Symposium on Foundations of Computer Science, pp. 369–376 (1999). https://doi.org/10.1109/SFFCS.1999.814608

[ON07]

Ogawa, T., Nagaoka, H.: Making good codes for classical-quantum channel coding via quantum hypothesis testing. IEEE Trans. Inf. Theory 53(6), 2261–2266 (2007). https://doi.org/10.1109/TIT.2007.896874MathSciNetCrossRefMATH

[vDH03]

van Dam, W., Hayden, P.: Universal entanglement transformations without communication. Phys. Rev. A 67, 060302 (2003). https://doi.org/10.1103/PhysRevA.67.060302MathSciNetCrossRef

[Wie83]

Wiesner, S.: Conjugate coding. SIGACT News 15(1), 78–88 (1983). https://doi.org/10.1145/1008908.1008920CrossRefMATH

[Wil13]

Wilde, M.M.: Quantum Information Theory. Cambridge University Press, Cambridge (2013). Cambridge Books OnlineCrossRef

[Win99]

Winter, A.J.: Coding theorem and strong converse for quantum channels. IEEE Trans. Inf. Theory 45(7), 2481–2485 (1999). https://doi.org/10.1109/18.796385MathSciNetCrossRefMATH

[YPF14]

Yu, L., Pérez-Delgado, C.A., Fitzsimons, J.F.: Limitations on information theoretically secure quantum homomorphic encryption (2014). arXiv:1406.2456

Titel: On Quantum Advantage in Information Theoretic Single-Server PIR
verfasst von: Dorit Aharonov
Zvika Brakerski
Kai-Min Chung
Ayal Green
Ching-Yi Lai
Or Sattath
Verlag: Springer International Publishing
Buch: Advances in Cryptology – EUROCRYPT 2019
Print ISBN: 978-3-030-17658-7

Electronic ISBN: 978-3-030-17659-4

Copyright-Jahr: 2019
DOI: https://doi.org/10.1007/978-3-030-17659-4_8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner