# On Quantum Advantage in Information Theoretic Single-Server PIR

**Authors:** Dorit Aharonov, Zvika Brakerski, Kai-Min Chung, Ayal Green, Ching-Yi, Lai, Or Sattath

arXiv: 1902.09768 · 2020-03-05

## TL;DR

This paper investigates the limits of quantum protocols for private information retrieval, showing that sub-linear communication protocols are insecure under standard models but can be secure under a restricted anchored privacy model.

## Contribution

It introduces anchored privacy, a restricted security notion, and proves that sub-linear quantum PIR protocols are insecure in the standard model but secure under this new notion.

## Key findings

- Input purification is the main adversarial strategy.
- Sub-linear quantum PIR protocols are insecure in the standard model.
- Anchored privacy ensures security for measurement-free protocols.

## Abstract

In (single-server) Private Information Retrieval (PIR), a server holds a large database $DB$ of size $n$, and a client holds an index $i \in [n]$ and wishes to retrieve $DB[i]$ without revealing $i$ to the server. It is well known that information theoretic privacy even against an `honest but curious' server requires $\Omega(n)$ communication complexity. This is true even if quantum communication is allowed and is due to the ability of such an adversarial server to execute the protocol on a superposition of databases instead of on a specific database (`input purification attack'). Nevertheless, there have been some proposals of protocols that achieve sub-linear communication and appear to provide some notion of privacy. Most notably, a protocol due to Le Gall (ToC 2012) with communication complexity $O(\sqrt{n})$, and a protocol by Kerenidis et al. (QIC 2016) with communication complexity $O(\log(n))$, and $O(n)$ shared entanglement.   We show that, in a sense, input purification is the only potent adversarial strategy, and protocols such as the two protocols above are secure in a restricted variant of the quantum honest but curious (a.k.a specious) model. More explicitly, we propose a restricted privacy notion called \emph{anchored privacy}, where the adversary is forced to execute on a classical database (i.e. the execution is anchored to a classical database). We show that for measurement-free protocols, anchored security against honest adversarial servers implies anchored privacy even against specious adversaries.   Finally, we prove that even with (unlimited) pre-shared entanglement it is impossible to achieve security in the standard specious model with sub-linear communication, thus further substantiating the necessity of our relaxation. This lower bound may be of independent interest (in particular recalling that PIR is a special case of Fully Homomorphic Encryption).

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1902.09768/full.md

## Figures

4 figures with captions in the complete paper: https://tomesphere.com/paper/1902.09768/full.md

## References

38 references — full list in the complete paper: https://tomesphere.com/paper/1902.09768/full.md

---
Source: https://tomesphere.com/paper/1902.09768