Oblivious decision program evaluation

In this study, the authors design efficient protocols for a number of ‘oblivious decision program (DP) evaluation’ problems. Consider a general form of the problem where a client who holds a private input interacts with a server who holds a private DP (e.g. a decision tree or a branching program) with the goal of evaluating his input on the DP without learning any additional information. Many known private database query problems such as symmetric private information retrieval and private keyword search can be formulated as special cases of this problem. Most of the existing works on the same problem focus on optimising communication. However, in some environments (supported by a few experimental studies), it is the computation and not the communication that may be the performance bottleneck. In this study, we design ‘computationally efficient’ protocols for the above general problem, and a few of its special cases. In addition to being one‐round and requiring a small amount of work by the client (in the RAM model), the proposed protocols only require a small number of exponentiations (independent of the server's input) by both parties. The proposed constructions are, in essence, efficient and black‐box reductions of the above problem to 1‐out‐of‐2 oblivious transfer. It is proved that the proposed protocols secure (private) against ‘malicious’ adversaries in the standard ideal/real‐world simulation‐based paradigm.