Private and Secure Distributed Matrix Multiplication Schemes for Replicated or MDS-Coded Servers

In this paper, we study the problem of <italic>private and secure distributed matrix multiplication (PSDMM)</italic>, where a user having a private matrix <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> and <inline-formula> <tex-math notation="LaTeX">$N$ </tex-math></inline-formula> non-colluding servers sharing a library of <inline-formula> <tex-math notation="LaTeX">$L$ </tex-math></inline-formula> (<inline-formula> <tex-math notation="LaTeX">$L&gt;1$ </tex-math></inline-formula>) matrices <inline-formula> <tex-math notation="LaTeX">$B^{(0)}, B^{(1)},\ldots,B^{(L-1)}$ </tex-math></inline-formula>, for which the user wishes to compute <inline-formula> <tex-math notation="LaTeX">$AB^{(\theta)}$ </tex-math></inline-formula> for some <inline-formula> <tex-math notation="LaTeX">$\theta \in [0, L$ </tex-math></inline-formula>) without revealing any information of the matrix <inline-formula> <tex-math notation="LaTeX">$A$ </tex-math></inline-formula> to the servers, and keeping the index <inline-formula> <tex-math notation="LaTeX">$\theta $ </tex-math></inline-formula> private to the servers. Previous work is limited to the case that the shared library (<italic>i.e.,</italic> the matrices <inline-formula> <tex-math notation="LaTeX">$B^{(0)}, B^{(1)},\ldots,B^{(L-1)}$ </tex-math></inline-formula>) is stored across the servers in a replicated form and schemes are very scarce in the literature, there is still much room for improvement. In this paper, we propose two PSDMM schemes, where one is limited to the case that the shared library is stored across the servers in a replicated form but has a better performance than state-of-the-art schemes in that it can achieve a smaller recovery threshold and download cost. The other one focuses on the case that the shared library is stored across the servers in an MDS-coded form, which requires less storage in the servers. The second PSDMM code does not subsume the first one even if the underlying MDS code is degraded to a repetition code as they are totally two different schemes.