A communication-privacy tradeoff for modular addition

Benny Chor*, Eyal Kushilevitz

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

49 Scopus citations


We consider the following problem: A set of n parties, each holding an input value xi∈{0, 1,...,m-1}, wishes to distributively compute the sum of their input values modulo the integer m, (i.e, ∑ni=1xi mod m). The parties wish to compute this sum t-privately. That is, in a way that no coalition of size at most t can infer any additional information, other than what follows from their input values and the computed sum. We present an oblivious protocol which computes the sum t-privately, using n·⌈(t+1)/2⌉ messages. This protocol requires fewer messages than the known private protocols for modular addition. Then, we show that this protocol is in a sense optimal, by proving a tight lower bound of ⌈n·(t+1)/2⌉ messages for any oblivious protocol that computes the sum t-privately.

Original languageEnglish
Pages (from-to)205-210
Number of pages6
JournalInformation Processing Letters
Issue number4
StatePublished - 22 Mar 1993
Externally publishedYes


FundersFunder number
US-Israel BSFONR-N0001491-J-1981 CCR-90-07677, 88-00282


    • Distributed computing
    • message complexity
    • modular sum
    • private computation


    Dive into the research topics of 'A communication-privacy tradeoff for modular addition'. Together they form a unique fingerprint.

    Cite this