Channels of Small Log-Ratio Leakage and Characterization of Two-Party Differentially Private Computation

Iftach Haitner, Noam Mazor*, Ronen Shaltiel, Jad Silbak

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

4 Scopus citations

Abstract

Consider a ppt two-party protocol Π = (A, B) in which the parties get no private inputs and obtain outputs OA,OA ∈ {0, 1}, and let VA and VA denote the parties’ individual views. Protocol (formula presented) has (formula presented)-agreement if (formula presented). The leakage of (formula presented) is the amount of information a party obtains about the event (formula presented); that is, the leakage (formula presented) is the maximum, over (formula presented), of the distance between (formula presented). Typically, this distance is measured in statistical distance, or, in the computational setting, in computational indistinguishability. For this choice, Wullschleger [TCC ’09] showed that if (formula presented) then the protocol can be transformed into an OT protocol. We consider measuring the protocol leakage by the log-ratio distance (which was popularized by its use in the differential privacy framework). The log-ratio distance between X, Y over domain (formula presented) is the minimal (formula presented) for which, for every (formula presented). In the computational setting, we use computational indistinguishability from having log-ratio distance (formula presented). We show that a protocol with (noticeable) accuracy (formula presented) can be transformed into an OT protocol (note that this allows (formula presented). We complete the picture, in this respect, showing that a protocol with (formula presented) does not necessarily imply OT. Our results hold for both the information theoretic and the computational settings, and can be viewed as a “fine grained” approach to “weak OT amplification”. We then use the above result to fully characterize the complexity of differentially private two-party computation for the XOR function, answering the open question put by Goyal, Khurana, Mironov, Pandey, and Sahai, [ICALP ’16] and Haitner, Nissim, Omri, Shaltiel, and Silbak [22] [FOCS ’18]. Specifically, we show that for any (noticeable) (formula presented), a two-party protocol that computes the XOR function with (formula presented)-accuracy and (formula presented)-differential privacy can be transformed into an OT protocol. This improves upon Goyal et al. that only handle (formula presented), and upon Haitner et al. who showed that such a protocol implies (infinitely-often) key agreement (and not OT). Our characterization is tight since OT does not follow from protocols in which (formula presented), and extends to functions (over many bits) that “contain” an “embedded copy” of the XOR function.

Original languageEnglish
Title of host publicationTheory of Cryptography - 17th International Conference, TCC 2019, Proceedings
EditorsDennis Hofheinz, Alon Rosen
PublisherSpringer
Pages531-560
Number of pages30
ISBN (Print)9783030360290
DOIs
StatePublished - 2019
Event17th International Conference on Theory of Cryptography, TCC 2019 - Nuremberg, Germany
Duration: 1 Dec 20195 Dec 2019

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume11891 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th International Conference on Theory of Cryptography, TCC 2019
Country/TerritoryGermany
CityNuremberg
Period1/12/195/12/19

Funding

FundersFunder number
European Research Council638121
Israel Science Foundation1628/17
Check Point Institute for Information Security, Tel Aviv University

    Keywords

    • Differential privacy
    • Hardness amplification
    • Oblivious transfer

    Fingerprint

    Dive into the research topics of 'Channels of Small Log-Ratio Leakage and Characterization of Two-Party Differentially Private Computation'. Together they form a unique fingerprint.

    Cite this