International Association for Cryptologic Research

International Association
for Cryptologic Research


Lower-Bounds on Public-Key Operations in PIR

Jesko Dujmovic , CISPA Helmholtz Center for Information Security
Mohammad Hajiabadi , University of Waterloo
Search ePrint
Search Google
Presentation: Slides
Conference: EUROCRYPT 2024
Abstract: Private information retrieval (PIR) is a fundamental cryptographic primitive that allows a user to fetch a database entry without revealing to the server which database entry it learns. PIR becomes non-trivial if the server communication is less than the database size. We show that building (even) very weak forms of PIR protocols requires linearly many public-key operations. We then use this bound to examine the related problem of communication efficient oblivious transfer (OT) extension. Oblivious transfer is a crucial building block in secure multi-party computation (MPC). In most MPC protocols, OT invocations are the main bottleneck in terms of computation and communication. OT extension techniques allow one to minimize the number of public-key operations in MPC protocols. One drawback of all existing OT extension protocols is their communication overhead. In particular, the sender’s communication is roughly double what is information-theoretically optimal. We show that OT extension with close to optimal sender communication is impossible, illustrating that the communication overhead is inherent. Our techniques go much further; we can show many lower bounds on communication-efficient MPC. E.g. we prove that to build high-rate string OT with generic groups, the sender needs to do linearly many group operations.
  title={Lower-Bounds on Public-Key Operations in PIR},
  author={Jesko Dujmovic and Mohammad Hajiabadi},