On the number of random bits in totally private computation

  • Carlo Blundo
  • Alfredo De Santis
  • Giuseppe Persiano
  • Ugo Vaccaro
Communication Protocols
Part of the Lecture Notes in Computer Science book series (LNCS, volume 944)


We consider the classic problem of n honest but curious players with private inputs x1,...,x n who wish to compute the value of a fixed function f(x1,...,x n ) in such way that at the end of the protocol every player knows the value f(x1,..., x n ). Each pair of players is connected by a secure point-to-point communication channel. The players have unbounded computational resources and they intend to compute f in a totally private way. That is, after the execution of the protocol no coalition of arbitrary size can get any information about the inputs of the remaining players other than what can be deduced by their own inputs and the value of f.

We study the amount of randomness needed in totally private protocols. Our main result is a lower bound on the number of random bits needed to compute a function with sensitivity n. As a corollary we obtain that when the private inputs are uniformly distributed and the players have access to a source of uniformly distributed bits, at least k n−1)(n−2)/2 random bits are needed to compute the sum modulo 2 k of n k-bit integers. This result is tight as there are protocols for this problem that use exactly this number of random bits.


Boolean Function Shannon Entropy Random Input Random Source Private Input 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Ben-Or, S. Goldwasser, and A. Wigderson, Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation, STOC 1988, pp. 1–10.Google Scholar
  2. 2.
    C. Blundo, A. De Santis, and U. Vaccaro, Randomness in Distribution Protocols, ICALP 1994, Vol. 820 of LNCS, 1994, pp. 568–579.Google Scholar
  3. 3.
    R. Canetti and O. Goldreich, Bounds on Tradeoffs Between Randomness and Communication Complexity, Computational Complexity 3, pp. 141–167, 1993.Google Scholar
  4. 4.
    S. Chari, P. Rohatgi, and A. Srinivasan, Randomness-Optimal Unique Element Isolation, with Application to Perfect Matching and Related Problems, STOC 1993, pp. 458–467.Google Scholar
  5. 5.
    D. Chaum, C. Crépeau, and I. Damgård, Multiparty Unconditionally Secure Protocols, STOC 1988, pp. 11–19.Google Scholar
  6. 6.
    B. Chor, M. Gereb-Graus, and E. Kushilevitz, On The Structure of the Privacy Hierarchy, J. of Cryptology 7, 1994, pp. 53–60.Google Scholar
  7. 7.
    B. Chor and E. Kushilevitz, A Zero-One Law for Boolean Privacy, SIAM J. Discrete Math., 4, 1991, pp. 36–47.Google Scholar
  8. 8.
    B. Chor and E. Kushilevitz, A Communication-Privacy Tradeoff for Modular Addition, Information Processing Letters, Vol. 45, 1993, pp. 205–210.Google Scholar
  9. 9.
    B. Chor and N. Shani, The Privacy of Dense Symmetric Functions, to appear in Computational Complexity.Google Scholar
  10. 10.
    T. M. Cover and J. A. Thomas, Elements of Information Theory, John Wiley & Sons, 1991.Google Scholar
  11. 11.
    R. Fleischer, H. Jung, and K. Melhorn, A Time-Randomness Tradeoff for Communication Complexity, 4th International Workshop on Distributed Algorithms, Vol. 486 of LNCS, 1991, pp. 390–401.Google Scholar
  12. 12.
    R. Impagliazzo and D. Zuckerman, How to Recycle Random Bits, FOCS 1989 pp. 248–255.Google Scholar
  13. 13.
    D.E. Knuth and A.C. Yao, The Complexity of Nonuniform Random Number Generation, in “Algorithms and Complexity”, Academic Press, 1976, pp. 357–428.Google Scholar
  14. 14.
    D. Krizanc, D. Peleg, and E. Upfal, A Time-Randomness Tradeoff for Oblivious Routing, STOC 1988, pp. 93–102.Google Scholar
  15. 15.
    E. Kushilevitz, Privacy and Communication Complexity, SIAM J. Discrete Math., 5, pp. 273–284.Google Scholar
  16. 16.
    E. Kushilevitz, S. Micali, and R. Ostrowsky, Universal Boolean Judges and their Characterization, FOCS 1994, pp. 478–489.Google Scholar
  17. 17.
    E. Kushilevitz and Y. Mansour, Small Sample Spaces and Privacy, manuscript.Google Scholar
  18. 18.
    E. Kushilevitz and A. Rosen, A Randomness-Rounds Tradeoff in Private Computation, CRYPTO 94, Vol. 839 of LNCS, 1994, pp. 397–410.Google Scholar
  19. 19.
    P. Raghavan and M. Snir, Memory Versus Randomization in On-line Algorithms, ICALP 1989, LNCS, 1989, pp. 687–703.Google Scholar
  20. 20.
    D. Zuckerman, Simulating BPP Using a General Weak Random Source, FOCS 1991, pp. 79–89.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1995

Authors and Affiliations

  • Carlo Blundo
    • 1
  • Alfredo De Santis
    • 1
  • Giuseppe Persiano
    • 1
  • Ugo Vaccaro
    • 1
  1. 1.Dipartimento di Informatica ed ApplicazioniUniversité di SalernoBaronissiItaly

Personalised recommendations