Lower and Upper Bounds on the Randomness Complexity of Private Computations of AND

  • Eyal Kushilevitz
  • Rafail Ostrovsky
  • Emmanuel Prouff
  • Adi RosénEmail author
  • Adrian Thillard
  • Damien Vergnaud
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11892)


We consider multi-party information-theoretic private protocols, and specifically their randomness complexity. The randomness complexity of private protocols is of interest both because random bits are considered a scarce resource, and because of the relation between that complexity measure and other complexity measures of boolean functions such as the circuit size or the sensitivity of the function being computed [12, 17].

More concretely, we consider the randomness complexity of the basic boolean function and, that serves as a building block in the design of many private protocols. We show that and cannot be privately computed using a single random bit, thus giving the first non-trivial lower bound on the 1-private randomness complexity of an explicit boolean function, \(f: \{0,1\}^n \rightarrow \{0,1\}\). We further show that the function and, on any number of inputs n (one input bit per player), can be privately computed using 8 random bits (and 7 random bits in the special case of \(n=3\) players), improving the upper bound of 73 random bits implicit in [17]. Together with our lower bound, we thus approach the exact determination of the randomness complexity of and. To the best of our knowledge, the exact randomness complexity of private computation is not known for any explicit function (except for xor, which is trivially 1-random, and for several degenerate functions).



We would like to thank an anonymous reviewer of an earlier version of this paper for comments which helped us reduce the upper bound for even number of players from 10 random bits to 8 random bits, and hence also the general upper bound from 10 to 8.


  1. 1.
    Asharov, G., Lindell, Y.: A full proof of the BGW protocol for perfectly secure multiparty computation. J. Cryptology 30(1), 58–151 (2017)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Beaver, D.: Precomputing oblivious transfer. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 97–109. Springer, Heidelberg (1995). Scholar
  3. 3.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2–4, 1988, Chicago, Illinois, USA, pp. 1–10 (1988)Google Scholar
  4. 4.
    Blundo, C., Galdi, C., Persiano, P.: Randomness recycling in constant-round private computations. In: Jayanti, P. (ed.) DISC 1999. LNCS, vol. 1693, pp. 140–149. Springer, Heidelberg (1999). Scholar
  5. 5.
    Blundo, C., De Santis, A., Persiano, G., Vaccaro, U.: Randomness complexity of private computation. Comput. Complex. 8(2), 145–168 (1999)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Proceedings of the 20th Annual ACM Symposium on Theory of Computing, May 2–4, 1988, Chicago, Illinois, USA, pp. 11–19 (1988)Google Scholar
  7. 7.
    Chor, B., Kushilevitz, E.: A zero-one law for Boolean privacy. SIAM J. Discrete Math. 4(1), 36–47 (1991)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Chor, B., Kushilevitz, E.: A communication-privacy tradeoff for modular addition. Inf. Process. Lett. 45(4), 205–210 (1993)MathSciNetCrossRefGoogle Scholar
  9. 9.
    Damgård, I., Nielsen, J.B., Ostrovsky, R., Rosén, A.: Unconditionally secure computation with reduced interaction. In: Fischlin, M., Coron, J.-S. (eds.) EUROCRYPT 2016. LNCS, vol. 9666, pp. 420–447. Springer, Heidelberg (2016). Scholar
  10. 10.
    Damgård, I., Nielsen, J.B., Polychroniadou, A., Raskin, M.: On the communication required for unconditionally secure multiplication. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9815, pp. 459–488. Springer, Heidelberg (2016). Scholar
  11. 11.
    Data, D., Prabhakaran, V.M., Prabhakaran, M.M.: Communication and randomness lower bounds for secure computation. IEEE Trans. Inf. Theory 62(7), 3901–3929 (2016)MathSciNetCrossRefGoogle Scholar
  12. 12.
    Gál, A., Rosén, A.: A theorem on sensitivity and applications in private computation. SIAM J. Comput. 31(5), 1424–1437 (2002)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Gál, A., Rosén, A.: Omega(log n) lower bounds on the amount of randomness in 2-private computation. SIAM J. Comput. 34(4), 946–959 (2005)MathSciNetCrossRefGoogle Scholar
  14. 14.
    Goldreich, O.: Modern Cryptography, Probabilistic Proofs and Pseudorandomness, vol. 17 of Algorithms and Combinatorics. Springer, Berlin (1998)Google Scholar
  15. 15.
    Jakoby, A., Liśkiewicz, M., Reischuk, R.: Private computations in networks: topology versus randomness. In: Alt, H., Habib, M. (eds.) STACS 2003. LNCS, vol. 2607, pp. 121–132. Springer, Heidelberg (2003). Scholar
  16. 16.
    Kushilevitz, E., Mansour, Y.: Randomness in private computations. SIAM J. Discrete Math. 10(4), 647–661 (1997)MathSciNetCrossRefGoogle Scholar
  17. 17.
    Kushilevitz, E., Ostrovsky, R., Rosén, A.: Characterizing linear size circuits in terms of privacy. J. Comput. Syst. Sci. 58(1), 129–136 (1999)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Kushilevitz, E., Ostrovsky, R., Rosén, A.: Amortizing randomness in private multiparty computations. SIAM J. Discrete Math. 16(4), 533–544 (2003)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Kushilevitz, E., Rosén, A.: A randomness-rounds tradeoff in private computation. SIAM J. Discrete Math. 11(1), 61–80 (1998)MathSciNetCrossRefGoogle Scholar
  20. 20.
    Nisan, N., Ta-Shma, A.: Extracting randomness: a survey and new constructions. J. Comput. Syst. Sci. 58(1), 148–173 (1999)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Rosén, A., Urrutia, F.: A new approach to multi-party peer-to-peer communication complexity. In: Blum, A. (ed.) 10th Innovations in Theoretical Computer Science Conference, ITCS 2019, January 10–12, 2019, San Diego, California, USA, vol. 124 of LIPIcs, pp. 64:1–64:19. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2019)Google Scholar

Copyright information

© International Association for Cryptologic Research 2019

Authors and Affiliations

  • Eyal Kushilevitz
    • 1
  • Rafail Ostrovsky
    • 2
  • Emmanuel Prouff
    • 3
    • 5
  • Adi Rosén
    • 4
    Email author
  • Adrian Thillard
    • 5
  • Damien Vergnaud
    • 3
  1. 1.Department of Computer ScienceTechnionHaifaIsrael
  2. 2.Department of Computer Science and Department of MathematicsUCLALos AngelesUSA
  3. 3.Laboratoire d’informatique de Paris 6, LIP6Sorbonne Université, CNRSParisFrance
  4. 4.CNRS and Université Paris DiderotParisFrance
  5. 5.ANSSIParisFrance

Personalised recommendations