TY - JOUR
T1 - Bloom filters in adversarial environments
AU - Naor, Moni
AU - Eylon, Yogev
N1 - Publisher Copyright:
© 2019 Association for Computing Machinery.
PY - 2019/5
Y1 - 2019/5
N2 - Many efficient data structures use randomness, allowing them to improve upon deterministic ones. Usually, their efficiency and correctness are analyzed using probabilistic tools under the assumption that the inputs and queries are independent of the internal randomness of the data structure. In this work, we consider data structures in a more robust model, which we call the adversarial model. Roughly speaking, this model allows an adversary to choose inputs and queries adaptively according to previous responses. Specifically, we consider a data structure known as a "Bloom filter" and prove a tight connection between Bloom filters in this model and cryptography. A Bloom filter represents a set S of elements approximately by using fewer bits than a precise representation. The price for succinctness is allowing for some errors: For any x ∈ S, it should always answer Yes, and for any x S it should answer Yes only with small probability. In the adversarial model, we consider both efficient adversaries (that run in polynomial time) and computationally unbounded adversaries that are only bounded in the number of queries they can make. For computationally bounded adversaries, we show that non-trivial (memory-wise) Bloom filters exist if and only if one-way functions exist. For unbounded adversaries, we show that there exists a Bloom filter for sets of size n and error ϵ that is secure against t queries and uses only O(n log 1 ϵ + t ) bits of memory. In comparison, n log 1 ϵ is the best possible under a non-adaptive adversary.
AB - Many efficient data structures use randomness, allowing them to improve upon deterministic ones. Usually, their efficiency and correctness are analyzed using probabilistic tools under the assumption that the inputs and queries are independent of the internal randomness of the data structure. In this work, we consider data structures in a more robust model, which we call the adversarial model. Roughly speaking, this model allows an adversary to choose inputs and queries adaptively according to previous responses. Specifically, we consider a data structure known as a "Bloom filter" and prove a tight connection between Bloom filters in this model and cryptography. A Bloom filter represents a set S of elements approximately by using fewer bits than a precise representation. The price for succinctness is allowing for some errors: For any x ∈ S, it should always answer Yes, and for any x S it should answer Yes only with small probability. In the adversarial model, we consider both efficient adversaries (that run in polynomial time) and computationally unbounded adversaries that are only bounded in the number of queries they can make. For computationally bounded adversaries, we show that non-trivial (memory-wise) Bloom filters exist if and only if one-way functions exist. For unbounded adversaries, we show that there exists a Bloom filter for sets of size n and error ϵ that is secure against t queries and uses only O(n log 1 ϵ + t ) bits of memory. In comparison, n log 1 ϵ is the best possible under a non-adaptive adversary.
KW - Adaptive inputs
KW - Bloom filter
KW - Pseudorandom functions
KW - Streaming algorithm
UR - http://www.scopus.com/inward/record.url?scp=85067263132&partnerID=8YFLogxK
U2 - 10.1145/3306193
DO - 10.1145/3306193
M3 - ???researchoutput.researchoutputtypes.contributiontojournal.article???
AN - SCOPUS:85067263132
SN - 1549-6325
VL - 15
JO - ACM Transactions on Algorithms
JF - ACM Transactions on Algorithms
IS - 3
M1 - 0080
ER -