How Should We Solve Search Problems Privately?
- 174 Downloads
Abstract
Secure multiparty computation allows a group of distrusting parties to jointly compute a (possibly randomized) function of their inputs. However, it is often the case that the parties executing a computation try to solve a search problem, where one input may have a multitude of correct answers—such as when the parties compute a shortest path in a graph or find a solution of a set of linear equations.
The algorithm for arbitrarily picking one output from the solution set has significant implications on the privacy of the computation. A minimal privacy requirement was put forward by Beimel et al. [STOC 2006] with focus on proving impossibility results. Their definition, however, guarantees a very weak notion of privacy, which is probably insufficient for most applications.
In this work we aim for stronger definitions of privacy for search problems that provide reasonable privacy. We give two alternative definitions and discuss their privacy guarantees. We also supply algorithmic machinery for designing such protocols for a broad selection of search problems.
Keywords
Secure computation Search problems Privacy ResemblancePreview
Unable to display preview. Download preview PDF.
References
- [1]A. Beimel, P. Carmi, K. Nissim, E. Weinreb, Private approximation of search problems, in Proc. of the 38th ACM Symp. on the Theory of Computing, pp. 119–128, 2006 Google Scholar
- [2]A. Beimel, R. Hallak, K. Nissim, Private approximation of clustering and vertex cover, in Proc. of the Fourth Theory of Cryptography Conference—TCC 2007, ed. by S. Vadhan. Lecture Notes in Computer Science, vol. 4392 (Springer, Berlin, 2007), pp. 383–403 Google Scholar
- [3]M. Ben-Or, S. Goldwasser, A. Wigderson, Completeness theorems for noncryptographic fault-tolerant distributed computations, in Proc. of the 20th ACM Symp. on the Theory of Computing, pp. 1–10, 1988 Google Scholar
- [4]E.R. Berlekamp, Factoring polynomials over large finite fields. Math. Comput. 24, 713–735 (1970) CrossRefMathSciNetGoogle Scholar
- [5]N. Bhatnagar, S. Greenberg, D. Randall, Sampling stable marriages: Why spouse-swapping won’t work, in Proc. of the 19th ACM-SIAM Symp. on Discrete Algorithms, pp. 1223–1232, 2008 Google Scholar
- [6]A.Z. Broder, On the resemblance and containment of documents, in Compression and Complexity of Sequences 1997, pp. 21–29, 1997 Google Scholar
- [7]A.Z. Broder, S.C. Glassman, M.S. Manasse, G. Zweig, Syntactic clustering of the web, in Proc. of World Wide Web Conference, pp. 1157–1166, 1997 Google Scholar
- [8]A.Z. Broder, M. Charikar, A.M. Frieze, M. Mitzenmacher, Min-wise independent permutations. J. Comput. Syst. Sci. 60(3), 630–659 (2000) MATHCrossRefMathSciNetGoogle Scholar
- [9]D. Chaum, C. Crépeau, I. Damgård, Multiparty unconditionally secure protocols, in Proc. of the 20th ACM Symp. on the Theory of Computing, pp. 11–19, 1988 Google Scholar
- [10]V.M.F. Dias, G.D. da Fonseca, C.M.H. de Figueiredo, J.L. Szwarcfiter, The stable marriage problem with restricted pairs. Theor. Comput. Sci. 306(1–3), 391–405 (2003) MATHCrossRefGoogle Scholar
- [11]J. Feigenbaum, Y. Ishai, T. Malkin, K. Nissim, M.J. Strauss, R.N. Wright, Secure multiparty computation of approximations. ACM Trans. Algorithms 2(3), 435–472 (2006). Conference version, in Proc. of the 28th International Colloquium on Automata, Languages and Programming. Lecture Notes in Computer Science, vol. 2076 (Springer, Berlin, 2001), pp. 927–938 CrossRefMathSciNetGoogle Scholar
- [12]M. Franklin, M. Gondree, P. Mohassel, Improved efficiency for private stable matching, in Topics in Cryptology – CT-RSA 2007, ed. by M. Abe. Lecture Notes in Computer Science, vol. 4377 (Springer, Berlin, 2007), pp. 163–177 CrossRefGoogle Scholar
- [13]D. Gale, L.S. Shapley, College admissions and the stability of marriage. Am. Math. Mon. 69, 9–15 (1962) MATHCrossRefMathSciNetGoogle Scholar
- [14]O. Goldreich, S. Goldwasser, S. Micali, How to construct random functions. J. ACM 33(4), 792–807 (1986) CrossRefMathSciNetGoogle Scholar
- [15]O. Goldreich, S. Micali, A. Wigderson, How to play any mental game, in Proc. of the 19th ACM Symp. on the Theory of Computing, pp. 218–229, 1987 Google Scholar
- [16]P. Golle, A private stable matching algorithm, in 10th International Conference on Financial Cryptography and Data Security, ed. by G. Di. Lecture Notes in Computer Science, vol. 4107 (Springer, Berlin, 2006), pp. 65–80 CrossRefGoogle Scholar
- [17]S. Halevi, R. Krauthgamer, E. Kushilevitz, K. Nissim, Private approximation of NP-hard functions, in Proc. of the 33th ACM Symp. on the Theory of Computing, pp. 550–559, 2001 Google Scholar
- [18]P. Indyk, D. Woodruff, Polylogarithmic private approximations and efficient matching, in Proc. of the Third Theory of Cryptography Conference—TCC 2006, ed. by S. Halevi, T. Rabin. Lecture Notes in Computer Science, vol. 3876 (Springer, Berlin, 2006), pp. 245–264 Google Scholar
- [19]M. Jerrum, A. Sinclair, E. Vigoda, A polynomial-time approximation algorithm for the permanent of a matrix with nonnegative entries. J. ACM 51(4), 671–697 (2004) CrossRefMathSciNetGoogle Scholar
- [20]L.G. Valiant, V.V. Vazirani, NP is as easy as detecting unique solutions. Theor. Comput. Sci. 47, 85–93 (1986) MATHCrossRefMathSciNetGoogle Scholar
- [21]A.C. Yao, Protocols for secure computations, in Proc. of the 23th IEEE Symp. on Foundations of Computer Science, pp. 160–164, 1982 Google Scholar