Private information retrieval and function computation for noncolluding coded databases

The rapid development of information and communication technologies has motivated many data-centric paradigms such as big data and cloud computing. The resulting paradigmatic shift to cloud/network-centric applications and the accessibility of information over public networking platforms has brought information privacy to the focal point of current research challenges. Motivated by the emerging privacy concerns, the problem of private information retrieval (PIR), a standard problem of information privacy that originated in theoretical computer science, has recently attracted much attention in the information theory and coding communities. The goal of PIR is to allow a user to download a message from a dataset stored on multiple (public) databases without revealing the identity of the message to the databases and with the minimum communication cost. Thus, the primary performance metric for a PIR scheme is the PIR rate, which is defined as the ratio between the size of the desired message and the total amount of downloaded information. The first part of this dissertation focuses on a generalization of the PIR problem known as private computation (PC) from distributed storage system (DSS). In PC, a user wishes to compute a function of f variables (or messages) stored in n noncolluding coded databases, i.e., databases storing data encoded with an [n, k] linear storage code, while revealing no information about the desired function to the databases. Here, colluding databases refers to databases that communicate with each other in order to deduce the identity of the computed function. First, the problem of private linear computation (PLC) for linearly encoded DSS is considered. In PLC, a user wishes to privately compute a linear combination over the f messages. For the PLC problem, the PLC capacity, i.e., the maximum achievable PLC rate, is characterized. Next, the problem of private polynomial computation (PPC) for linearly encoded DSS is considered. In PPC, a user wishes to privately compute a multivariate polynomial of degree at most g over f messages. For the PPC problem an outer bound on the PPC rate is derived, and two novel PPC schemes are constructed. The first scheme considers Reed-Solomon coded databases with Lagrange encoding and leverages ideas from recently proposed star-product PIR and Lagrange coded computation. The second scheme considers databases coded with systematic Lagrange encoding. Both schemes yield improved rates compared to known PPC schemes. Finally, the general problem of PC for arbitrary nonlinear functions from a replicated DSS is considered. For this problem, upper and lower bounds on the achievable PC rate are derived and compared. In the second part of this dissertation, a new variant of the PIR problem, denoted as pliable private information retrieval (PPIR) is formulated. In PPIR, the user is pliable, i.e., interested in any message from a desired subset of the available dataset. In the considered setup, f messages are replicated in n noncolluding databases and classified into F classes. The user wishes to retrieve any one or more messages from multiple desired classes, while revealing no information about the identity of the desired classes to the databases. This problem is termed as multi-message PPIR (M-PPIR), and the single-message PPIR (PPIR) problem is introduced as an elementary special case of M-PPIR. In PPIR, the user wishes to retrieve any one message from one desired class. For the two considered scenarios, outer bounds on the M-PPIR rate are derived for arbitrary number of databases. Next, achievable schemes are designed for n replicated databases and arbitrary n. Interestingly, the capacity of PPIR, i.e., the maximum achievable PPIR rate, is shown to match the capacity of PIR from n replicated databases storing F messages. A similar insight is shown to hold for the general case of M-PPIR

Private Computation of Systematically Encoded Data with Colluding Servers

Private Computation (PC), recently introduced by Sun and Jafar, is a generalization of Private Information Retrieval (PIR) in which a user wishes to privately compute an arbitrary function of data stored across several servers. We construct a PC scheme which accounts for server collusion, coded data, and non-linear functions. For data replicated over several possibly colluding servers, our scheme computes arbitrary functions of the data with rate equal to the asymptotic capacity of PIR for this setup. For systematically encoded data stored over colluding servers, we privately compute arbitrary functions of the columns of the data matrix and calculate the rate explicitly for polynomial functions. The scheme is a generalization of previously studied star-product PIR schemes.Comment: Submitted to IEEE International Symposium on Information Theory 2018. Version 2 fixes some typos and adds some clarifying remark

On the Asymptotic Capacity of XX-Secure TT-Private Information Retrieval with Graph Based Replicated Storage

The problem of private information retrieval with graph-based replicated storage was recently introduced by Raviv, Tamo and Yaakobi. Its capacity remains open in almost all cases. In this work the asymptotic (large number of messages) capacity of this problem is studied along with its generalizations to include arbitrary $T$-privacy and $X$-security constraints, where the privacy of the user must be protected against any set of up to $T$ colluding servers and the security of the stored data must be protected against any set of up to $X$ colluding servers. A general achievable scheme for arbitrary storage patterns is presented that achieves the rate $(\rho_{\min}-X-T)/N$, where $N$ is the total number of servers, and each message is replicated at least $\rho_{\min}$ times. Notably, the scheme makes use of a special structure inspired by dual Generalized Reed Solomon (GRS) codes. A general converse is also presented. The two bounds are shown to match for many settings, including symmetric storage patterns. Finally, the asymptotic capacity is fully characterized for the case without security constraints $(X=0)$ for arbitrary storage patterns provided that each message is replicated no more than $T+2$ times. As an example of this result, consider PIR with arbitrary graph based storage ($T=1, X=0$) where every message is replicated at exactly $3$ servers. For this $3$-replicated storage setting, the asymptotic capacity is equal to $2/\nu_2(G)$ where $\nu_2(G)$ is the maximum size of a $2$-matching in a storage graph $G[V,E]$. In this undirected graph, the vertices $V$ correspond to the set of servers, and there is an edge $uv\in E$ between vertices $u,v$ only if a subset of messages is replicated at both servers $u$ and $v$

Private Function Retrieval

The widespread use of cloud computing services raises the question of how one can delegate the processing tasks to the untrusted distributed parties without breeching the privacy of its data and algorithms. Motivated by the algorithm privacy concerns in a distributed computing system, in this paper, we introduce the private function retrieval (PFR) problem, where a user wishes to efficiently retrieve a linear function of $K$ messages from $N$ non-communicating replicated servers while keeping the function hidden from each individual server. The goal is to find a scheme with minimum communication cost. To characterize the fundamental limits of the communication cost, we define the capacity of PFR problem as the size of the message that can be privately retrieved (which is the size of one file) normalized to the required downloaded information bits. We first show that for the PFR problem with $K$ messages, $N=2$ servers and a linear function with binary coefficients the capacity is $C=\frac{1}{2}\Big(1-\frac{1}{2^K}\Big)^{-1}$. Interestingly, this is the capacity of retrieving one of $K$ messages from $N=2$ servers while keeping the index of the requested message hidden from each individual server, the problem known as private information retrieval (PIR). Then, we extend the proposed achievable scheme to the case of arbitrary number of servers and coefficients in the field $GF(q)$ with arbitrary $q$ and obtain $R=\Big(1-\frac{1}{N}\Big)\Big(1+\frac{\frac{1}{N-1}}{(\frac{q^K-1}{q-1})^{N-1}}\Big)$