TY - GEN
T1 - Bloom filters in adversarial environments
AU - Naor, Moni
AU - Yogev, Eylon
N1 - Publisher Copyright: © International Association for Cryptologic Research 2015.
PY - 2015
Y1 - 2015
N2 - Many efficient data structures use randomness, allowing them to improve upon deterministic ones. Usually, their efficiency and/or correctness are analyzed using probabilistic tools under the assumption that the inputs and queries are independent of the internal randomness of the data structure. In this work, we consider data structures in a more robust model, which we call the adversarial model. Roughly speaking, this model allows an adversary to choose inputs and queries adaptively according to previous responses. Specifically, we consider a data structure known as “Bloom filter” and prove a tight connection between Bloom filters in this model and cryptography. A Bloom filter represents a set S of elements approximately, by using fewer bits than a precise representation. The price for succinctness is allowing some errors: for any x ∈ S it should always answer ‘Yes’, and for any x ∉ S it should answer ‘Yes’ only with small probability. In the adversarial model, we consider both efficient adversaries (that run in polynomial time) and computationally unbounded adversaries that are only bounded in the amount of queries they can make. For computationally bounded adversaries, we show that non-trivial (memory-wise) Bloom filters exist if and only if one-way functions exist. For unbounded adversaries we show that there exists a Bloom filter for sets of size n and error ε, that is secure against t queries and uses only O(n log 1/ε +t) bits of memory. In comparison, n log 1/ε is the best possible under a non-adaptive adversary.
AB - Many efficient data structures use randomness, allowing them to improve upon deterministic ones. Usually, their efficiency and/or correctness are analyzed using probabilistic tools under the assumption that the inputs and queries are independent of the internal randomness of the data structure. In this work, we consider data structures in a more robust model, which we call the adversarial model. Roughly speaking, this model allows an adversary to choose inputs and queries adaptively according to previous responses. Specifically, we consider a data structure known as “Bloom filter” and prove a tight connection between Bloom filters in this model and cryptography. A Bloom filter represents a set S of elements approximately, by using fewer bits than a precise representation. The price for succinctness is allowing some errors: for any x ∈ S it should always answer ‘Yes’, and for any x ∉ S it should answer ‘Yes’ only with small probability. In the adversarial model, we consider both efficient adversaries (that run in polynomial time) and computationally unbounded adversaries that are only bounded in the amount of queries they can make. For computationally bounded adversaries, we show that non-trivial (memory-wise) Bloom filters exist if and only if one-way functions exist. For unbounded adversaries we show that there exists a Bloom filter for sets of size n and error ε, that is secure against t queries and uses only O(n log 1/ε +t) bits of memory. In comparison, n log 1/ε is the best possible under a non-adaptive adversary.
UR - http://www.scopus.com/inward/record.url?scp=84943407901&partnerID=8YFLogxK
U2 - https://doi.org/10.1007/978-3-662-48000-7_28
DO - https://doi.org/10.1007/978-3-662-48000-7_28
M3 - منشور من مؤتمر
SN - 9783662479995
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 565
EP - 584
BT - Advances in Cryptology - CRYPTO 2015 - 35th Annual Cryptology Conference, Proceedings
A2 - Gennaro, Rosario
A2 - Robshaw, Matthew
T2 - 35th Annual Cryptology Conference, CRYPTO 2015
Y2 - 16 August 2015 through 20 August 2015
ER -