The communication complexity of private simultaneous messages, revisited

Benny Applebaum, Thomas Holenstein, Manoj Mishra, Ofer Shayevitz

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Private Simultaneous Message (PSM) protocols were introduced by Feige, Kilian and Naor (STOC ’94) as a minimal non-interactive model for information-theoretic three-party secure computation. While it is known that every function f: { 0, 1 }k× { 0, 1 }k→ { 0, 1 } admits a PSM protocol with exponential communication of 2k/2 (Beimel et al., TCC ’14), the best known (non-explicit) lower-bound is 3 k- O(1) bits. To prove this lower-bound, FKN identified a set of simple requirements, showed that any function that satisfies these requirements is subject to the 3 k- O(1) lower-bound, and proved that a random function is likely to satisfy the requirements. We revisit the FKN lower-bound and prove the following results: (Counterexample) We construct a function that satisfies the FKN requirements but has a PSM protocol with communication of 2 k+ O(1) bits, revealing a gap in the FKN proof. (PSM lower-bounds) We show that, by imposing additional requirements, the FKN argument can be fixed leading to a 3 k- O(log k) lower-bound for a random function. We also get a similar lower-bound for a function that can be computed by a polynomial-size circuit (or even polynomial-time Turing machine under standard complexity-theoretic assumptions). This yields the first non-trivial lower-bound for an explicit Boolean function partially resolving an open problem of Data, Prabhakaran and Prabhakaran (Crypto ’14, IEEE Information Theory ’16). We further extend these results to the setting of imperfect PSM protocols which may have small correctness or privacy error. (CDS lower-bounds) We show that the original FKN argument applies (as is) to some weak form of PSM protocols which are strongly related to the setting of Conditional Disclosure of Secrets (CDS). This connection yields a simple combinatorial criterion for establishing linear Ω(k) -bit CDS lower-bounds. As a corollary, we settle the complexity of the Inner Product predicate resolving an open problem of Gay, Kerenidis, and Wee (Crypto ’15).

Original languageEnglish
Title of host publicationAdvances in Cryptology - EUROCRYPT 2018 - 37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, 2018 Proceedings
EditorsJesper Buus Nielsen, Vincent Rijmen
PublisherSpringer Verlag
Pages261-286
Number of pages26
ISBN (Print)9783319783741
DOIs
StatePublished - 2018
Event37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2018 - Tel Aviv, Israel
Duration: 29 Apr 20183 May 2018

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume10821 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference37th Annual International Conference on the Theory and Applications of Cryptographic Techniques, EUROCRYPT 2018
Country/TerritoryIsrael
CityTel Aviv
Period29/04/183/05/18

Fingerprint

Dive into the research topics of 'The communication complexity of private simultaneous messages, revisited'. Together they form a unique fingerprint.

Cite this