2,901 research outputs found
How to Quantize Outputs of a Binary Symmetric Channel to Bits?
Suppose that is obtained by observing a uniform Bernoulli random vector
through a binary symmetric channel with crossover probability .
The "most informative Boolean function" conjecture postulates that the maximal
mutual information between and any Boolean function is
attained by a dictator function. In this paper, we consider the "complementary"
case in which the Boolean function is replaced by
, namely, an bit
quantizer, and show that
for any such . Thus, in this case, the optimal function is of the form
.Comment: 5 pages, accepted ISIT 201
Do Distributed Differentially-Private Protocols Require Oblivious Transfer?
We study the cryptographic complexity of two-party differentially-private protocols for a large natural class of boolean functionalities. Information theoretically, McGregor et al. [FOCS 2010] and Goyal et al. [Crypto 2013] demonstrated several functionalities for which the maximal possible accuracy in the distributed setting is significantly lower than that in the client-server setting. Goyal et al. [Crypto 2013] further showed that ``highly accurate\u27\u27 protocols in the distributed setting for any non-trivial functionality in fact imply the existence of one-way functions. However, it has remained an open problem to characterize the exact cryptographic complexity of this class. In particular, we know that semi-honest oblivious transfer helps obtain optimally accurate distributed differential privacy. But we do not know whether the reverse is true.
We study the following question: Does the existence of optimally accurate distributed differentially private protocols for any class of functionalities imply the existence of oblivious transfer? We resolve this question in the affirmative for the class of boolean functionalities that contain an XOR embedded on adjacent inputs.
- We construct a protocol implementing oblivious transfer from any optimally accurate, distributed differentially private protocol for any functionality with a boolean XOR embedded on adjacent inputs.
- While the previous result holds for optimally accurate protocols for any privacy parameter \epsilon > 0, we also give a reduction from oblivious transfer to distributed differentially private protocols computing XOR, for a constant small range of non-optimal accuracies and a constant small range of values of privacy parameter \epsilon.
At the heart of our techniques is an interesting connection between optimally-accurate two-party protocols for the XOR functionality and noisy channels, which were shown by Crepeau and Kilian [FOCS 1988] to be sufficient for oblivious transfer
Public key cryptography and error correcting codes as Ising models
We employ the methods of statistical physics to study the performance of
Gallager type error-correcting codes. In this approach, the transmitted
codeword comprises Boolean sums of the original message bits selected by two
randomly-constructed sparse matrices. We show that a broad range of these codes
potentially saturate Shannon's bound but are limited due to the decoding
dynamics used. Other codes show sub-optimal performance but are not restricted
by the decoding dynamics. We show how these codes may also be employed as a
practical public-key cryptosystem and are of competitive performance to modern
cyptographical methods.Comment: 6 page
The Statistical Physics of Regular Low-Density Parity-Check Error-Correcting Codes
A variation of Gallager error-correcting codes is investigated using
statistical mechanics. In codes of this type, a given message is encoded into a
codeword which comprises Boolean sums of message bits selected by two randomly
constructed sparse matrices. The similarity of these codes to Ising spin
systems with random interaction makes it possible to assess their typical
performance by analytical methods developed in the study of disordered systems.
The typical case solutions obtained via the replica method are consistent with
those obtained in simulations using belief propagation (BP) decoding. We
discuss the practical implications of the results obtained and suggest a
computationally efficient construction for one of the more practical
configurations.Comment: 35 pages, 4 figure
Guessing with a Bit of Help
What is the value of a single bit to a guesser? We study this problem in a
setup where Alice wishes to guess an i.i.d. random vector, and can procure one
bit of information from Bob, who observes this vector through a memoryless
channel. We are interested in the guessing efficiency, which we define as the
best possible multiplicative reduction in Alice's guessing-moments obtainable
by observing Bob's bit. For the case of a uniform binary vector observed
through a binary symmetric channel, we provide two lower bounds on the guessing
efficiency by analyzing the performance of the Dictator and Majority functions,
and two upper bounds via maximum entropy and Fourier-analytic /
hypercontractivity arguments. We then extend our maximum entropy argument to
give a lower bound on the guessing efficiency for a general channel with a
binary uniform input, via the strong data-processing inequality constant of the
reverse channel. We compute this bound for the binary erasure channel, and
conjecture that Greedy Dictator functions achieve the guessing efficiency
- …