Private Information Retrieval with Side Information and Coding for Security

This dissertation studies privacy and security problems from an information-theoretic point of view. We study the privacy problem via the private information retrieval (PIR) problem with a focus on its interactions with available side information. We study the security problem via the wiretap channel with a focus on the design of practical coding schemes to achieve information-theoretically achievable random-coding based secrecy rates. First, we consider the problem of PIR from $N$ non-colluding and replicated databases when the user is equipped with a cache that holds an uncoded fraction $r$ from each of the $K$ stored messages in the databases. We consider the case where the databases are unaware of the cache content. We investigate $D^*(r)$ the optimal download cost normalized with the message size as a function of $K$, $N$, $r$. For a fixed $K$, $N$, we develop converses and achievability schemes for the $D^*(r)$ curve. The largest additive gap between our achievability and the converse bounds is $\frac{1}{6}$. Our results show that the download cost can be reduced beyond memory-sharing if the databases are unaware of the cached content. Second, we consider the same setting under a more restricted model where the databases know the user cache content partially. The user receives an uncoded fraction $r$ from each of the $K$ stored messages, with the $\frac{r}{N}$ fraction of it coming from the $n$th database. The side information obtained from the $n$th database is known by the $n$th database and is unknown by the remaining databases. We investigate the optimal normalized download cost $D^*(r)$, and develop converses and achievability schemes for $D^*(r)$. The largest additive gap between our achievability and the converse bounds is $\frac{5}{32}$ for this case. We observe that the achievable download cost here is larger than that in the previous case due to the partial knowledge of the databases regarding the cache content. Third, we consider the problem of PIR with private side information (PSI) when the cache content is partially known by the databases. Here, a cache-enabled user of cache-size $M$ possesses side information in the form of full messages that are partially known by the databases. The user wishes to download a desired message privately while keeping the identities of the side information messages that the user did not prefetch from a database private against that database. We characterize the exact capacity of PIR with PSI under partially known PSI condition. We show that the capacity of PIR with partially known PSI is the same as the capacity of PIR with fully unknown PSI. Fourth, we consider PIR with PSI under storage constraints where a cache-enabled user of cache-size $S$ possesses side information in the form $M$ messages that are unknown to the databases, where $M>S$. We address the problem of which uncoded parts of $M$ messages the user should keep in its constrained cache of size $S$ in order to minimize the download cost during PIR subject to PSI. We characterize the exact capacity of this PIR-PSI problem under the storage constraint $S$. We show that a uniform caching scheme which caches equal amounts from all messages achieves the lowest normalized download cost. Fifth, we consider the PIR problem from decentralized uncoded caching databases. Here, the contents of the databases are not fixed a priori, and we design the probability distribution adopted by each database in the decentralized caching phase in order to minimize the expected normalized download cost in the retrieval phase. We characterize the exact capacity of this problem, and show that uniform and random caching results in the lowest normalized download cost. Next, we focus on security of communication by designing practical coding schemes to achieve the information-theoretically achievable random-coding based secrecy rates. By applying two recently developed techniques for polar codes, namely, universal polar coding and polar coding for asymmetric channels, we propose a polar coding scheme to achieve the secrecy capacity of the general wiretap channel. We then apply this coding scheme to achieve the best-known secrecy rates for the multiple access wiretap channel, and the broadcast and interference channels with confidential messages

On the Asymptotic Capacity of XX-Secure TT-Private Information Retrieval with Graph Based Replicated Storage

The problem of private information retrieval with graph-based replicated storage was recently introduced by Raviv, Tamo and Yaakobi. Its capacity remains open in almost all cases. In this work the asymptotic (large number of messages) capacity of this problem is studied along with its generalizations to include arbitrary $T$-privacy and $X$-security constraints, where the privacy of the user must be protected against any set of up to $T$ colluding servers and the security of the stored data must be protected against any set of up to $X$ colluding servers. A general achievable scheme for arbitrary storage patterns is presented that achieves the rate $(\rho_{\min}-X-T)/N$, where $N$ is the total number of servers, and each message is replicated at least $\rho_{\min}$ times. Notably, the scheme makes use of a special structure inspired by dual Generalized Reed Solomon (GRS) codes. A general converse is also presented. The two bounds are shown to match for many settings, including symmetric storage patterns. Finally, the asymptotic capacity is fully characterized for the case without security constraints $(X=0)$ for arbitrary storage patterns provided that each message is replicated no more than $T+2$ times. As an example of this result, consider PIR with arbitrary graph based storage ($T=1, X=0$) where every message is replicated at exactly $3$ servers. For this $3$-replicated storage setting, the asymptotic capacity is equal to $2/\nu_2(G)$ where $\nu_2(G)$ is the maximum size of a $2$-matching in a storage graph $G[V,E]$. In this undirected graph, the vertices $V$ correspond to the set of servers, and there is an edge $uv\in E$ between vertices $u,v$ only if a subset of messages is replicated at both servers $u$ and $v$