Abstract
Consider a ppt two-party protocol Π = (A, B) in which the parties get no private inputs and obtain outputs OA,OA ∈ {0, 1}, and let VA and VA denote the parties’ individual views. Protocol (formula presented) has (formula presented)-agreement if (formula presented). The leakage of (formula presented) is the amount of information a party obtains about the event (formula presented); that is, the leakage (formula presented) is the maximum, over (formula presented), of the distance between (formula presented). Typically, this distance is measured in statistical distance, or, in the computational setting, in computational indistinguishability. For this choice, Wullschleger [TCC ’09] showed that if (formula presented) then the protocol can be transformed into an OT protocol. We consider measuring the protocol leakage by the log-ratio distance (which was popularized by its use in the differential privacy framework). The log-ratio distance between X, Y over domain (formula presented) is the minimal (formula presented) for which, for every (formula presented). In the computational setting, we use computational indistinguishability from having log-ratio distance (formula presented). We show that a protocol with (noticeable) accuracy (formula presented) can be transformed into an OT protocol (note that this allows (formula presented). We complete the picture, in this respect, showing that a protocol with (formula presented) does not necessarily imply OT. Our results hold for both the information theoretic and the computational settings, and can be viewed as a “fine grained” approach to “weak OT amplification”. We then use the above result to fully characterize the complexity of differentially private two-party computation for the XOR function, answering the open question put by Goyal, Khurana, Mironov, Pandey, and Sahai, [ICALP ’16] and Haitner, Nissim, Omri, Shaltiel, and Silbak [22] [FOCS ’18]. Specifically, we show that for any (noticeable) (formula presented), a two-party protocol that computes the XOR function with (formula presented)-accuracy and (formula presented)-differential privacy can be transformed into an OT protocol. This improves upon Goyal et al. that only handle (formula presented), and upon Haitner et al. who showed that such a protocol implies (infinitely-often) key agreement (and not OT). Our characterization is tight since OT does not follow from protocols in which (formula presented), and extends to functions (over many bits) that “contain” an “embedded copy” of the XOR function.
Original language | English |
---|---|
Title of host publication | Theory of Cryptography - 17th International Conference, TCC 2019, Proceedings |
Editors | Dennis Hofheinz, Alon Rosen |
Publisher | Springer |
Pages | 531-560 |
Number of pages | 30 |
ISBN (Print) | 9783030360290 |
DOIs | |
State | Published - 2019 |
Event | 17th International Conference on Theory of Cryptography, TCC 2019 - Nuremberg, Germany Duration: 1 Dec 2019 → 5 Dec 2019 |
Publication series
Name | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
---|---|
Volume | 11891 LNCS |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 17th International Conference on Theory of Cryptography, TCC 2019 |
---|---|
Country/Territory | Germany |
City | Nuremberg |
Period | 1/12/19 → 5/12/19 |
Bibliographical note
Publisher Copyright:© 2019, International Association for Cryptologic Research.
Keywords
- Differential privacy
- Hardness amplification
- Oblivious transfer
ASJC Scopus subject areas
- Theoretical Computer Science
- General Computer Science