LDCs and PIRs

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2007.Includes bibliographical references (leaves 90-99).This thesis studies two closely related notions, namely Locally Decodable Codes (LDCs) and Private Information Retrieval Schemes (PIRs). Locally decodable codes are error-correcting codes that allow extremely efficient, "sublinear-time" decoding procedures. More formally, a k-query locally decodable code encodes n-bit messages x in such a way that one can probabilistically recover any bit xi of the message by querying only k bits of the (possibly corrupted) code-word, where k can be as small as 2. LDCs were initially introduced in complexity theory in the context of worst-case to average-case reductions and probabilistically checkable proofs. Later they have found applications in numerous other areas including information theory, cryptography and the theory of fault tolerant computation. The major goal of LDC related research is to establish the optimal trade-off between length N and query complexity k of such codes, for a given message length n. Private information retrieval schemes are cryptographic protocols developed in order to protect the privacy of the user's query, when accessing a public database. In such schemes a database (modelled by an n-bit string x) is replicated between k non-communicating servers. The user holds an index i and is interested in obtaining the value of the bit xi. To achieve this goal, the user queries each of the servers and gets replies from which the desired bit xi can be computed. The query to each server is distributed independently of i and therefore each server gets no information about what the user is after. The main parameter of interest in a PIR scheme is its communication complexity, namely the number of bits exchanged by the user accessing an n-bit database and the servers. In this thesis we provide a fresh algebraic look at the theory of locally decodable codes and private information retrieval schemes.(cont.) We obtain new families of LDCs and PIRs that have much better parameters than those of previously known constructions. We also prove limitations of two server PIRs in a restricted setting that covers all currently known schemes. Below is a more detailed summary of our contributions. * Our main result is a novel (point removal) approach to constructing locally decodable codes that yields vast improvements upon the earlier work. Specifically, given any Mersenne prime p = 2t - 1, we design three query LDCs of length N = exp (nl/t), for every n. Based on the largest known Mersenne prime, this translates to a length of less than exp (n10-7), compared to exp (n1/2) in the previous constructions. It has often been conjectured that there are infinitely many Mersenne primes. Under this conjecture, our constructions yield three query locally decodable codes of length N = exp n(oglog)) for infinitely many n. * We address a natural question regarding the limitations of the point-removal approach. We argue that further progress in the unconditional bounds via this method (under a fairly broad definition of the method) is tied to progress on an old number theory question regarding the size of the largest prime factors of Mersenne numbers. * Our improvements in the parameters of locally decodable codes yield analogous improvements for private information retrieval schemes. We give 3-server PIR schemes with communication complexity of O (n10-7) to access an n-bit database, compared to the previous best scheme with complexity 0(n1/5.25).(cont.) Assuming again that there are infinitely many Mersenne primes, we get 3-server PIR schemes of communication complexity n(1/ loglog n) for infinitely many n. * Our constructions yield tremendous improvements for private information retrieval schemes involving three or more servers, and provide no insights on the two server case. This raises a natural question regarding whether the two server case is truly intrinsically different. We argue that this may well be the case. We introduce a novel combinatorial approach to PIR and establish the optimality of the currently best known two server schemes a restricted although fairly broad modelby Sergey Yekhanin.Ph.D

The method of multiplicities

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2011.Cataloged from PDF version of thesis.Includes bibliographical references (p. 93-98).Polynomials have played a fundamental role in the construction of objects with interesting combinatorial properties, such as error correcting codes, pseudorandom generators and randomness extractors. Somewhat strikingly, polynomials have also been found to be a powerful tool in the analysis of combinatorial parameters of objects that have some algebraic structure. This method of analysis has found applications in works on list-decoding of error correcting codes, constructions of randomness extractors, and in obtaining strong bounds for the size of Kakeya Sets. Remarkably, all these applications have relied on very simple and elementary properties of polynomials such as the sparsity of the zero sets of low degree polynomials. In this thesis we improve on several of the results mentioned above by a more powerful application of polynomials that takes into account the information contained in the derivatives of the polynomials. We call this technique the method of multiplicities. The derivative polynomials encode information about the high multiplicity zeroes of the original polynomial, and by taking into account this information, we are about to meaningfully reason about the zero sets of polynomials of degree much higher than the underlying field size. This freedom of using high degree polynomials allows us to obtain new and improved constructions of error correcting codes, and qualitatively improved analyses of Kakeya sets and randomness extractors.by Shubhangi Saraf.Ph.D