Results 1  10
of
56
On the locality of codeword symbols
 IEEE Trans. Inform. Theory
, 2012
"... Consider a linear [n, k, d]q code C. We say that that ith coordinate of C has locality r, if the value at this coordinate can be recovered from accessing some other r coordinates of C. Data storage applications require codes with small redundancy, low locality for information coordinates, large dis ..."
Abstract

Cited by 49 (2 self)
 Add to MetaCart
(Show Context)
Consider a linear [n, k, d]q code C. We say that that ith coordinate of C has locality r, if the value at this coordinate can be recovered from accessing some other r coordinates of C. Data storage applications require codes with small redundancy, low locality for information coordinates, large distance, and low locality for parity coordinates. In this paper we carry out an indepth study of the relations between these parameters. We establish a tight bound for the redundancy n−k in terms of the message length, the distance, and the locality of information coordinates. We refer to codes attaining the bound as optimal. We prove some structure theorems about optimal codes, which are particularly strong for small distances. This gives a fairly complete picture of the tradeoffs between codewords length, worstcase distance and locality of information symbols. We then consider the locality of parity check symbols and erasure correction beyond worst case distance for optimal codes. Using our structure theorem, we obtain a tight bound for the locality of parity symbols possible in such codes for a broad class of parameter settings. We prove that there is a tradeoff between having good locality for parity checks and the ability to correct erasures beyond the minimum distance. 1
Revisiting the Computational Practicality of Private Information Retrieval
, 2010
"... The retrieval of information from a remote database server typically demands providing the server with some search terms to assist with the retrieval task. However, keeping the search terms private withoutunderminingtheserver’s ability to retrieve the desired information is a common requirement for ..."
Abstract

Cited by 31 (5 self)
 Add to MetaCart
The retrieval of information from a remote database server typically demands providing the server with some search terms to assist with the retrieval task. However, keeping the search terms private withoutunderminingtheserver’s ability to retrieve the desired information is a common requirement for many privacypreserving systems. Private information retrieval (PIR) provides a cryptographic means for retrieving data from a database without the database or database administrator learning any information about which particular item was retrieved. In 2007, Sion and Carbunarconsideredthe practicality of singleserver computationalPIR schemes andconcludedthatnoexisting construction isasefficientasthetrivialPIRscheme—theservertransferringitsentiredatabasetotheclient. While oftencitedasevidencethatPIRisimpractical, that paper did notexaminemultiserverinformationtheoretic PIRschemes,whichareordersofmagnitudemorecomputationally efficient; further, a singleserverlatticebased scheme by AguilarMelchor and Gaborit has recentlybeenintroduced, whichisalsomuchmorecomputationally efficient than the schemesexamined by Sion and Carbunar. In this paper, we report on a performance analysis of the above singleserver latticebased PIR scheme as well as two multiserver informationtheoreticPIR schemes by Chor et al. and by Goldberg. Usinganalyticalandexperimentaltechniques, we find the endtoendresponsetimesoftheseschemesto beonetothree orders ofmagnitude(10–1000times) smallerthanthetrivial schemeforrealisticcomputationpowersandnetworkbandwidths. Our result
New constructions for queryefficient locally decodable codes of subexponential length
 IEICE Transactions on Information and Systems
"... is an errorcorrecting code that encodes each message ⃗x = (x1, x2,...,xn) ∈ Fn q to a codeword C(⃗x) ∈ FNq and has the following property: For any ⃗y ∈ FN q such that d(⃗y, C(⃗x)) ≤ δN and each 1 ≤ i ≤ n, the symbol xi of ⃗x can be recovered with probability at least 1−ε by a randomized decoding ..."
Abstract

Cited by 16 (0 self)
 Add to MetaCart
(Show Context)
is an errorcorrecting code that encodes each message ⃗x = (x1, x2,...,xn) ∈ Fn q to a codeword C(⃗x) ∈ FNq and has the following property: For any ⃗y ∈ FN q such that d(⃗y, C(⃗x)) ≤ δN and each 1 ≤ i ≤ n, the symbol xi of ⃗x can be recovered with probability at least 1−ε by a randomized decoding algorithm looking only at k coordinates of ⃗y. The efficiency of a (k, δ, ε)locally decodable code C: Fn q → FN q is measured by the code length N and the Abstract: A (k, δ, ε)locally decodable code C: F n q → FN q number k of queries. For any kquery locally decodable code C: Fn q → FNq, the code length N is conjectured to be exponential of n, i.e., N = exp(nΩ(1)), however, this was disproved. Yekhanin [In Proc. such that of STOC, 2007] showed that there exists a 3query locally decodable code C: Fn 2 → FN2 N = exp(n (1 / log log n) ) assuming that the number of Mersenne primes is infinite. For a 3query locally decodable code C: Fn q → FN q, Efremenko [ECCC Report No.69, 2008] reduced the code length further to N = exp(nO((log log n/log n)1/2)), and also showed that for any integer r> 1, there exists a kquery locally decodable code C: Fn q → FN q such that k ≤ 2r and N = exp(nO((log log n/log n)1−1/r)). In this paper, we present a queryefficient locally decodable code by introducing a technique of “composition of locally decodable codes, ” and show that for any integer r> 1, there exists a kquery locally decodable code C: Fn q → FNq such that k ≤ 3 · 2r−2 and N = exp(nO((log log n/log n)1−1/r)). Keywords: Locally Decodable Codes, SMatching Vectors, SDecoding Polynomials, Composition of Locally Decodable Codes, Perfectly Smooth Decoders, Private Information Retrieval.
Quantum Proofs for Classical Theorems
, 2009
"... Alongside the development of quantum algorithms and quantum complexity theory in recent years, quantum techniques have also proved instrumental in obtaining results in classical (nonquantum) areas. In this paper we survey these results and the quantum toolbox they use. ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
Alongside the development of quantum algorithms and quantum complexity theory in recent years, quantum techniques have also proved instrumental in obtaining results in classical (nonquantum) areas. In this paper we survey these results and the quantum toolbox they use.
QUERYEFFICIENT LOCALLY DECODABLE CODES OF SUBEXPONENTIAL LENGTH
, 2013
"... A kquery locally decodable code (LDC) C: Σn → ΓN encodes each message x into a codeword C(x) such that each symbol of x can be probabilistically recovered by querying only k coordinates of C(x), even after a constant fraction of the coordinates has been corrupted. Yekhanin (in J ACM 55:1–16, 2008 ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
A kquery locally decodable code (LDC) C: Σn → ΓN encodes each message x into a codeword C(x) such that each symbol of x can be probabilistically recovered by querying only k coordinates of C(x), even after a constant fraction of the coordinates has been corrupted. Yekhanin (in J ACM 55:1–16, 2008) constructed a 3query LDC of subexponential length, N = exp(exp(O(logn / log logn))), under the assumption that there are infinitely many Mersenne primes. Efremenko (in Proceedings of the 41st annual ACM symposium on theory of computing, ACM, New York, 2009) constructed a 3query LDC of length N2 = exp(exp(O( log n log logn))) with no assumption, and a 2rquery LDC of length Nr = exp(exp(O ( r logn(log logn)r−1))), for every integer r ≥ 2. Itoh and Suzuki (in IEICE Trans Inform Syst E93D 2:263– 270, 2010) gave a composition method in Efremenko’s framework and
Limits on the rate of locally testable affineinvariant codes
, 2009
"... Despite its many applications, to program checking, probabilistically checkable proofs, locally testable and locally decodable codes, and cryptography, “algebraic property testing ” is not wellunderstood. A significant obstacle to a better understanding, was a lack of a concrete definition that abst ..."
Abstract

Cited by 13 (9 self)
 Add to MetaCart
Despite its many applications, to program checking, probabilistically checkable proofs, locally testable and locally decodable codes, and cryptography, “algebraic property testing ” is not wellunderstood. A significant obstacle to a better understanding, was a lack of a concrete definition that abstracted known testable algebraic properties and reflected their testability. This obstacle was removed by [Kaufman and Sudan, STOC 2008] who considered (linear) “affineinvariant properties”, i.e., properties that are closed under summation, and under affine transformations of the domain. Kaufman and Sudan showed that these two features (linearity of the property and its affineinvariance) play a central role in the testability of many known algebraic properties. However their work does not give a complete characterization of the testability of affineinvariant properties, and several technical obstacles need to be overcome to obtain such a characterization. Indeed, their work left open the tantalizing possibility that locally testable codes of rate dramatically better than that of the family of ReedMuller codes (the most popular form of locally testable codes, which also happen to be affineinvariant) could be found by systematically exploring the space of affineinvariant properties.
Matching Vector Codes
"... An (r, δ, ɛ)locally decodable code encodes a kbit message x to an Nbit codeword C(x), such that for every i ∈ [k], the ith message bit can be recovered with probability 1 − ɛ, by a randomized decoding procedure that queries only r bits, even if the codeword C(x) is corrupted in up to δN location ..."
Abstract

Cited by 11 (4 self)
 Add to MetaCart
(Show Context)
An (r, δ, ɛ)locally decodable code encodes a kbit message x to an Nbit codeword C(x), such that for every i ∈ [k], the ith message bit can be recovered with probability 1 − ɛ, by a randomized decoding procedure that queries only r bits, even if the codeword C(x) is corrupted in up to δN locations. Recently a new class of locally decodable codes, based on families of vectors with restricted dot products has been discovered. We refer to those codes as Matching Vector (MV) codes. Several families of (r, δ, Θ(rδ))locally decodable MV codes have been obtained. While codes in those families were shorter than codes of earlier generations, they suffered from having large values of ɛ = Ω(rδ), which meant that rquery MV codes could only handle errorrates below 1 r. Thus larger query complexity gave shorter length codes but at the price of less errortolerance. No MV codes of superconstant number of queries capable of tolerating a constant fraction of errors were known to exist. In this paper we present a new view of matching vector codes and uncover certain similarities between MV codes and classical Reed Muller codes. Our view allows us to obtain deeper insights into the power and limitations of MV codes. Specifically, 1. We show that existing families of MV codes can be enhanced to tolerate a large constant fraction of errors, independent of the number of queries. Such enhancement comes at a price of a moderate increase in the number of queries; 2. Our construction yields the first families of matching vector codes of superconstant query complexity that can tolerate a constant fraction of errors. Our codes are shorter than Reed Muller LDCs for all values of r ≤ log k/(log log k) c, for some constant c; 3. We show that any MV code encodes messages of length k to codewords of length at least k2 Ω( √ log k). Therefore MV codes do not improve upon Reed Muller LDCs for r ≥ (log k) Ω ( √ log k)
A Quadratic Lower Bound for ThreeQuery Linear Locally Decodable Codes over Any Field
 In Proceedings of RANDOM 2010
"... Abstract. A linear (q, δ, ɛ, m(n))locally decodable code (LDC) C: F n → F m(n) is a linear transformation from the vector space F n to the space F m(n) for which each message symbol xi can be recovered with probability at least 1 F + ɛ from C(x) by a randomized algorithm that queries only q posit ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
(Show Context)
Abstract. A linear (q, δ, ɛ, m(n))locally decodable code (LDC) C: F n → F m(n) is a linear transformation from the vector space F n to the space F m(n) for which each message symbol xi can be recovered with probability at least 1 F + ɛ from C(x) by a randomized algorithm that queries only q positions of C(x), even if up to δm(n) positions of C(x) are corrupted. In a recent work of Dvir, the author shows that lower bounds for linear LDCs can imply lower bounds for arithmetic circuits. He suggests that proving lower bounds for LDCs over the complex or real field is a good starting point for approaching one of his conjectures. Our main result is an m(n) = Ω(n 2) lower bound for linear 3query LDCs over any, possibly infinite, field. The constant in the Ω(·) depends only on ε and δ. This is the first lower bound better than the trivial m(n) = Ω(n) for arbitrary fields and more than two queries.
Locally Updatable and Locally Decodable Codes
, 2013
"... We introduce the notion of locally updatable and locally decodable codes (LULDCs). While, intuitively, updatability and errorcorrection seem to be contrasting goals, we show that for a suitable, yet meaningful, metric (which we call the Prefix Hamming metric), one can construct such codes. Informal ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
We introduce the notion of locally updatable and locally decodable codes (LULDCs). While, intuitively, updatability and errorcorrection seem to be contrasting goals, we show that for a suitable, yet meaningful, metric (which we call the Prefix Hamming metric), one can construct such codes. Informally, the Prefix Hamming metric allows the adversary to corrupt an arbitrary (constant fraction of) bits of the codeword subject to the constraint that he does not corrupt more than a δ fraction of the t “mostrecently changed ” bits of the codeword (for all 1 ≤ t ≤ n, where n is the length of the codeword). We first construct binary LULDCs for messages in {0, 1} k with constant rate, update locality of O(log 2 k), and read locality of O(k ɛ) for any constant ɛ < 1. Next, we consider the case where the encoder and decoder share a secret state and the adversary is computationally bounded. Here too, we obtain local decodability for the Prefix Hamming metric. Furthermore, we also ensure that the local decoding algorithm never outputs an incorrect message – even when the adversary can corrupt an arbitrary number of bits of the codeword. We call such codes locally updatable locally decodabledetectable codes (LULDDCs) and obtain dramatic improvements in the parameters (over the informationtheoretic setting) by constructing binary LULDDCs for messages in {0, 1} k. Our codes have constant rate, an update locality of O(λ log k) and a read locality of O(λ log 2 k), where λ is the security parameter. Finally, we show how our techniques apply to the setting of dynamic proofs of retrievability (DPoR) and show a construction of this primitive with better parameters than existing constructions. In particular, we construct a DPoR scheme with linear storage, O(log k) write complexity, and O(λ log k) read and audit complexity.
Highrate codes with sublineartime decoding
, 2010
"... Locally decodable codes are errorcorrecting codes that admit efficient decoding algorithms; any bit of the original message can be recovered by looking at only a small number of locations of a corrupted codeword. The tradeoff between the rate of a code and the locality/efficiency of its decoding al ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
(Show Context)
Locally decodable codes are errorcorrecting codes that admit efficient decoding algorithms; any bit of the original message can be recovered by looking at only a small number of locations of a corrupted codeword. The tradeoff between the rate of a code and the locality/efficiency of its decoding algorithms has been well studied, and it has widely been suspected that nontrivial locality must come at the price of low rate. A particular setting of potential interest in practice is codes of constant rate. For such codes, decoding algorithms with locality O(k ɛ) were known only for codes of rate exp(1/ɛ), where k is the length of the message. Furthermore, for codes of rate> 1/2, no nontrivial locality has been achieved. In this paper we construct a new family of locally decodable codes that have very efficient local decoding algorithms, and at the same time have rate approaching 1. We show that for every ɛ> 0 and α> 0, for infinitely many k, there exists a code C which encodes messages of length k with rate 1 − α, and is locally decodable from a constant fraction of errors using O(k ɛ) queries and time. The high rate and local decodability are evident even in concrete settings (and not just in asymptotic behavior), giving hope that local decoding techniques may have practical implications. These codes, which we call multiplicity codes, are based on evaluating high degree multivariate polynomials and their derivatives. Multiplicity codes extend traditional multivariate polynomial based codes; they inherit the localdecodability of these codes, and at the same time achieve better tradeoffs and flexibility in their rate and distance.