Single-Server Private Linear Transformation: The Joint Privacy Case
This work addresses privacy in data retrieval and computation for users accessing remote servers, but it is incremental as it extends known problems like private information retrieval.
The paper tackles the problem of Private Linear Transformation (PLT) in a single-server setting, where a user wants to compute linear combinations of a subset of messages while jointly protecting the identities of those messages, and proves that the capacity is L/(K-D+L) for two models based on MDS code properties.
This paper introduces the problem of Private Linear Transformation (PLT) which generalizes the problems of private information retrieval and private linear computation. The PLT problem includes one or more remote server(s) storing (identical copies of) $K$ messages and a user who wants to compute $L$ independent linear combinations of a $D$-subset of messages. The objective of the user is to perform the computation by downloading minimum possible amount of information from the server(s), while protecting the identities of the $D$ messages required for the computation. In this work, we focus on the single-server setting of the PLT problem when the identities of the $D$ messages required for the computation must be protected jointly. We consider two different models, depending on whether the coefficient matrix of the required $L$ linear combinations generates a Maximum Distance Separable (MDS) code. We prove that the capacity for both models is given by $L/(K-D+L)$, where the capacity is defined as the supremum of all achievable download rates. Our converse proofs are based on linear-algebraic and information-theoretic arguments that establish connections between PLT schemes and linear codes. We also present an achievability scheme for each of the models being considered.