Privacy in Non-private Environments
We study private computations in information-theoretical settings on networks that are not 2-connected. Non-2-connected networks are “non-private” in the sense that most functions cannot privately be computed on them. We relax the notion of privacy by introducing lossy private protocols, which generalize private protocols. We measure the information each player gains during the computation. Good protocols should minimize the amount of information they lose to the players. Throughout this work, privacy always means 1-privacy, i.e. players are not allowed to share their knowledge. Furthermore, the players are honest but curious, thus they never deviate from the given protocol.
By use of randomness by the protocol the communication strings a certain player can observe on a particular input determine a probability distribution. We define the loss of a protocol to a player as the logarithm of the number of different probability distributions the player can observe. For optimal protocols, this is justified by the following result: For a particular content of any player’s random tape, the distributions the player observes have pairwise fidelity zero. Thus the player can easily distinguish the distributions.
The simplest non-2-connected networks consists of two blocks that share one bridge node. We prove that on such networks, communication complexity and the loss of a private protocol are closely related: Up to constant factors, they are the same.
Then we study 1-phase protocols, an analogue of 1-round communication protocols. In such a protocol each bridge node may communicate with each block only once. We investigate in which order a bridge node should communicate with the blocks to minimize the loss of information. In particular, for symmetric functions it is optimal to sort the components by increasing size. Then we design a 1-phase protocol that for symmetric functions simultaneously minimizes the loss at all nodes where the minimum is taken over all 1-phase protocols.
Finally, we prove a phase hierarchy. For any k there is a function such that every (k–1)-phase protocol for this function has an information loss that is exponentially greater than that of the best k-phase protocol.
- 3.Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation. In: Proc. of the 20th Ann. ACM Symp. on Theory of Computing (STOC), pp. 1–10. ACM Press, New York (1988)Google Scholar
- 4.Berge, C.: Graphs. North-Holland, Amsterdam (1991)Google Scholar
- 6.Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols. In: Proc. of the 20th Ann. ACM Symp. on Theory of Computing (STOC), pp. 11–19. ACM Press, New York (1988)Google Scholar
- 9.Franklin, M., Yung, M.: Secure hypergraphs: Privacy from partial broadcast. In: Proc. of the 27th Ann. ACM Symp. on Theory of Computing (STOC), pp. 36–44. ACM Press, New York (1995)Google Scholar
- 15.Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information, ch. 9. Cambridge University Press, Cambridge (2000)Google Scholar
- 17.Orlitsky, A., El Gamal, A.: Communication with secrecy constraints. In: Proc. of the 16th Ann. ACM Symp. on Theory of Computing (STOC), pp. 217–224. ACM Press, New York (1984)Google Scholar
- 20.Yao, A.C.-C.: Protocols for secure computations. In: Proc. of the 23rd Ann. IEEE Symp. on Foundations of Computer Science (FOCS), pp. 160–164. IEEE Computer Society Press, Los Alamitos (1982)Google Scholar