Editing (Symmetric) Private Information Retrieval
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 4: | Line 4: | ||
==Description== | ==Description== | ||
<!-- Description: A lucid definition of functionality in discussion.--> | <!-- Description: A lucid definition of functionality in discussion.--> | ||
Private information retrieval (PIR) is a classical cryptographic functionality that allows one party (user) to privately retrieve an element from a classical database owned by another party (server), i.e., without revealing to the other party which element is being retrieved (user privacy).<br>< | Private information retrieval (PIR) is a classical cryptographic functionality that allows one party (user) to privately retrieve an element from a classical database owned by another party (server), i.e., without revealing to the other party which element is being retrieved (user privacy).<br><br> | ||
Symmetric private information (SPIR) retrieval is PIR with the additional requirement that throughout and after the protocol, the user remains oblivious to other database elements, i.e., apart from the queried one (data privacy).<br>< | Symmetric private information (SPIR) retrieval is PIR with the additional requirement that throughout and after the protocol, the user remains oblivious to other database elements, i.e., apart from the queried one (data privacy).<br><br> | ||
In the quantum setting, the use of quantum systems is allowed to achieve (S)PIR: this may imply the use of a quantum channel between the user and the server, and the capability to prepare quantum states, apply quantum gates or measure quantum systems by one or both parties. (S)PIR in this setting is known as quantum (symmetric) private information retrieval (Q(S)PIR).<br>< | In the quantum setting, the use of quantum systems is allowed to achieve (S)PIR: this may imply the use of a quantum channel between the user and the server, and the capability to prepare quantum states, apply quantum gates or measure quantum systems by one or both parties. (S)PIR in this setting is known as quantum (symmetric) private information retrieval (Q(S)PIR).<br><br> | ||
Apart from using quantum techniques to enhance the classical functionality (i.e., design better protocols than their classical counterparts in terms of different metrics like e.g., communication complexity), there has also been a recent interest in a ‘fully’ quantum (S)PIR where a user wants to query a quantum database (items are quantum states)[[#References|[1]]].<br></br> | |||
Apart from using quantum techniques to enhance the classical | |||
'''Tags:''' | '''Tags:''' | ||
Line 44: | Line 43: | ||
====Single-database protocols==== | ====Single-database protocols==== | ||
As in the classical setting, in the case of the database being owned by a ''single'' server, the trivial solution (downloading the whole database) is the only way to achieve information-theoretically secure PIR – even in the case of a specious (may deviate from the protocol if its malicious operations are unknown to the user) server [[#References|[2]]]. <br> | As in the classical setting, in the case of the database being owned by a ''single'' server, the trivial solution (downloading the whole database) is the only way to achieve information-theoretically secure PIR – even in the case of a specious (may deviate from the protocol if its malicious operations are unknown to the user) server [[#References|[2]]]. <br> | ||
As for (quantum or classical) SPIR, it is impossible to achieve information-theoretic security with a single-server; this result was proved in the quantum setting by Lo [[#References|[3]]] | As for (quantum or classical) SPIR, it is impossible to achieve information-theoretic security with a single-server; this result was proved in the quantum setting by Lo [[#References|[3]]]. Therefore, to design efficient PIR protocols or to achieve SPIR, several assumptions have been considered; they include: | ||
* Hardness assumptions: PIR protocols with computational security. | * Hardness assumptions: PIR protocols with computational security. | ||
* Assumptions on the adversarial model: | * Assumptions on the adversarial model: | ||
** to achieve SPIR: cheat-sensitive protocols (also known as quantum private queries (QPQ) protocols) where it is assumed that the server will not cheat if there is a non-zero probability that he will be caught cheating. | ** to achieve SPIR: cheat-sensitive protocols (also known as quantum private queries (QPQ) protocols) where it is assumed that the server will not cheat if there is a non-zero probability that he will be caught cheating. | ||
***[[Quantum Private Queries Protocol Based on Quantum Oblivious Key Distribution|QPQ protocols based on quantum oblivious key distribution]] | ***[[Quantum Private Queries Protocol Based on Quantum Oblivious Key Distribution|QPQ protocols based on quantum oblivious key distribution]] | ||
***[[Quantum Private Queries Protocol Based on Quantum | ***[[Quantum Private Queries Protocol Based on Sending Quantum States to an Oracle|QPQ protocols based on sending quantum states to an oracle]] | ||
** to achieve efficient PIR: assuming an honest server. | ** to achieve efficient PIR: assuming an honest server. | ||
***[[Single-Database Quantum Private Information Retrieval in the Honest Server Model|QPIR protocols in the honest server model]] | ***[[Single-Database Quantum Private Information Retrieval in the Honest Server Model|QPIR protocols in the honest server model]] | ||
Line 56: | Line 55: | ||
* Relativistic assumptions: quantum SPIR protocols whose security uses properties from special relativity. | * Relativistic assumptions: quantum SPIR protocols whose security uses properties from special relativity. | ||
**[[Relativistic Quantum Oblivious Transfer|Relativistic QOT protocols]] | **[[Relativistic Quantum Oblivious Transfer|Relativistic QOT protocols]] | ||
Nota bene: single-database (Q)SPIR and one-out-of-n (quantum) [[Oblivious Transfer|oblivious transfer]] ((Q)OT) are similar cryptographic tasks. | |||
====Multi-database protocols==== | ====Multi-database protocols==== | ||
Line 87: | Line 88: | ||
==Further Information== | <!-- ==Further Information== --> | ||
<!-- Any issue that could not be addressed or find a place in the above sections or any review paper discussing a feature of various types of protocols related to the functionality. --> | <!-- Any issue that could not be addressed or find a place in the above sections or any review paper discussing a feature of various types of protocols related to the functionality. --> | ||
==References== | ==References== |