Transcript scws2 6337

New Locally Decodable Codes and
Private Information Retrieval Schemes
Sergey Yekhanin
LDCs and PIRs
Definition: A code C encoding n bits to N bits is called q
LDC if every bit of the message can be recovered (w.h.p.)
by a randomized decoder reading only q bits of the
encoding even after some constant fraction of the
encoding has been corrupted.
Definition: A q server PIR protocol is a protocol between a
user and q non-communicating servers holding an n bit
database D, that allows the user to retrieve any bit Di,
while leaking no information about i to any server.
LDCs: progress
q
1
Lower bound
Upper bound
Do not exist [KT]
2
Exp(n) [KdW]
3
Ω(n3/2) [KT]
Ω(n2/log2 n) [KdW]
Ω(n2/log n) [W]
Exp(n) [Folklore]
• Exp(n1/2) [BIK]
• Exp(n1/32,582,657) [Y]
• Exp(nO(1/log log n)) [Y]
1-ε log n)
O(1/log
• Exp(n
) [Y]
PIRs: progress
q
Lower bound
Θ(n) [CGKS]
1
2
3
Upper bound
5 log n [WdW]
O(n1/3) [CGKS]
• O(n1/3) [CGKS]
• O(n1/5) [A]
• O(n1/5.25) [BIKR]
• O(n1/32,582,658) [Y]
• O(nO(1/log log n)) [Y]
1-ε log n)
O(1/log
• O(n
) [Y]
Proof overview
Goal: 3 query LDCs of length Exp(n1/3)
•
•
•
•
•
Regular Intersecting Families (RIFs)
RIFs yield LDCs
Basic linear-algebraic construction of RIFs
Combinatorial and algebraic niceness of sets
Main construction of RIFs