Deceptive Information Retrieval

Abstract

We introduce the problem of deceptive information retrieval (DIR), in which a user wishes to download a required file out of multiple independent files stored in a system of databases while deceiving the databases by making the databases’ predictions on the user-required file index incorrect with high probability. Conceptually, DIR is an extension of private information retrieval (PIR). In PIR, a user downloads a required file without revealing its index to any of the databases. The metric of deception is defined as the probability of error of databases’ prediction on the user-required file, minus the corresponding probability of error in PIR. The problem is defined on time-sensitive data that keep updating from time to time. In the proposed scheme, the user deceives the databases by sending real queries to download the required file at the time of the requirement and dummy queries at multiple distinct future time instances to manipulate the probabilities of sending each query for each file requirement, using which the databases’ make the predictions on the user-required file index. The proposed DIR scheme is based on a capacity achieving probabilistic PIR scheme, and achieves rates lower than the PIR capacity due to the additional downloads made to deceive the databases. When the required level of deception is zero, the proposed scheme achieves the PIR capacity.

1. Introduction

Information is generally retrieved from a data storage system by directly requesting what is required. This is the most efficient form of information retrieval in terms of the download cost, as the user only downloads exactly what is required. However, if the user does not want to reveal the required information to the data storage system from which the information is retrieved, extra information must be requested to increase the uncertainty of the databases’ knowledge on the user’s requirement. This is the core idea of private information retrieval (PIR) [1,2,3,4,5,6,7,8,9,10,11,12,13,14,15], where the user downloads a required file out of K independent files stored in N non-colluding databases without revealing the required file index. In PIR, the databases’ prediction of the user-required file based on the received queries is uniformly distributed across all files. Hence, the probability of error of the databases’ predictions in a PIR setting with K files is $1-\frac{1}{K}$. In weakly private information retrieval [16,17], a certain amount of information on the user-required file index is revealed to the databases to reduce the download cost. In such cases, as the databases have more information on the file index that the user requests, the error probability of the databases’ prediction is less than $1-\frac{1}{K}$. In this work, we study the case where the error probability of databases’ prediction is larger than $1-\frac{1}{K}$.

Note that with no information received by the user at all, the databases can make a random guess on the user-required file index, and reach an error probability of $1-\frac{1}{K}$. Therefore, to result in a prediction error that is larger than $1-\frac{1}{K}$, the user has to deceive the databases by sending fake information on the required file index. The goal of this work is to generate a scheme that allows a user to download a required file k, while forcing the databases’ prediction on the user-required file index to be ℓ, where $k\ne \ell$, for as many cases as possible. This is coined as deceptive information retrieval (DIR). DIR is achieved by sending dummy queries to databases to manipulate the probabilities of sending each query for each file requirement, which results in incorrect predictions at the databases. However, sending dummy queries increases the download cost compared to PIR. Figure 1 shows the behavior of the prediction error probability and the corresponding download costs for different types of information retrieval. (The regions marked as “weakly PIR” and “DIR” in Figure 1 show the points that are conceptually valid for the two cases, and this does not imply that every point in those regions is achievable. The achievable points corresponding to “weakly PIR”, and “DIR” lies within the marked regions.)

Figure 1.

Download costs and prediction error probabilities for different types of information retrieval.

The concept of deception has been studied as a tool for cyber defense [18,19,20,21,22], where the servers deceive attackers, adversaries, and eavesdroppers to eliminate any harmful activities. In all such cases, the deceiver (servers in this case) gains nothing from the deceived, i.e., attackers, adversaries, and eavesdroppers. In contrast, the main challenge in DIR is that what needs to be deceived is the same source of information that the user retrieves the required data from. This limits the freedom that a DIR scheme could employ to deceive the databases. To this end, we formulate the problem of DIR based on the key concepts used in PIR, while also incorporating a time dimension to aid deception.

The problem of DIR introduced in this paper considers a system of non-colluding databases storing K independent files that are time-sensitive, i.e., files that keep updating from time to time. We assume that the databases only store the latest version of the files. A given user wants to download arbitrary files at arbitrary time instances. The correctness condition ensures that the user receives the required file, right at the time of the requirement, while the condition for deception requires the databases’ prediction on the user-required file to be incorrect with a probability that is greater than $1-\frac{1}{K}$, specified by the predetermined level of deception required in the system.

The scheme that we propose for DIR deceives the databases by sending dummy queries to the databases for each file requirement, at distinct time instances. From the user’s perspective, each query is designed to play two roles as real and dummy queries, with two different probability distributions. This allows the user to manipulate the overall probability of sending each query for each message requirement, which is known by the databases. The databases make predictions based on the received queries and the globally known probability distribution of the queries used for each file requirement. These predictions are incorrect with probability $>1-\frac{1}{K}$ as the probability distributions based on which the real queries sent are different from the globally known overall distribution. This is the basic idea used in the proposed scheme, which allows a user to deceive the databases while also downloading the required file. The download cost of the proposed DIR scheme increases with the required level of deception d, and achieves the PIR capacity when $d=0$.

2. Problem Formulation and System Model

We consider N non-colluding databases storing K independent files, each consisting of L uniformly distributed symbols from a finite field ${\mathbb{F}}_q$, i.e.,

$$\begin{array}{c}\hfill H(W_1,\dots ,W_K)=\sum _{i=1}^{K}H\left(W_i\right)=KL,\end{array}$$ (1)

where $W_i$ is the ith file. The files keep updating from time to time, and a given user wants to download an arbitrary file at arbitrary time instances $T_i$, $i\in \mathbb{N}$. We assume that all files are equally probable to be requested by the user.

The user sends queries at arbitrary time instances to download the required file while deceiving the databases. We assume that the databases are unaware of being deceived, which is fundamental to the concept of deception. Moreover, we assume that the databases are only able to store data (files, queries from users, time stamps of received queries, etc.) corresponding to the current time instance, and that the file updates at distinct time instances are mutually independent. Therefore, the user’s file requirements and the queries sent are independent of the stored files at all time instances, i.e.,

$$\begin{array}{c}\hfill I({\theta }^{\left[t\right]},Q_n^{\left[t\right]};W_{1:K}^{\left[t\right]})=0,n\in \{1,\dots ,N\},\forall t,\end{array}$$ (2)

where ${\theta }^{\left[t\right]}$ is the user’s file requirement, $Q_n^{\left[t\right]}$ is the query sent by the user to database n, and $W_{1:K}^{\left[t\right]}$ is the set of K files, all at times t (The notation $1:K$ indicates all integers from 1 to K). At any given time t when each database n, $n\in \{1,\dots ,N\}$, receives a query from the user, it sends the corresponding answer as a function of the received query and the stored files; thus,

$$\begin{array}{c}\hfill H\left(A_n^{\left[t\right]}\right|Q_n^{\left[t\right]},W_{1:K}^{\left[t\right]})=0,n\in \{1,\dots ,N\},\end{array}$$ (3)

where $A_n^{\left[t\right]}$ is the answer received by the user from database n at time t. At each time $T_i$, $i\in \mathbb{N}$, the user must be able to correctly decode the required file, that is,

$$\begin{array}{c}\hfill H\left(W_{{\theta }^{\left[T_i\right]}}\right|Q_{1:N}^{\left[T_i\right]},A_{1:N}^{\left[T_i\right]})=0,i\in \mathbb{N}.\end{array}$$ (4)

At any given time t when each database n, $n\in \{1,\dots ,N\}$, receives a query from the user, it makes a prediction on the user-required file index using the maximum a posteriori probability (MAP) estimate as follows,

$$\begin{array}{c}\hfill {\widehat{\theta }}_{\tilde{Q}}^{\left[t\right]}=arg\underset{i}{max}P({\theta }^{\left[t\right]}=i|Q_n^{\left[t\right]}=\tilde{Q}),n\in \{1,\dots ,N\},\end{array}$$ (5)

where ${\widehat{\theta }}_{\tilde{Q}}^{\left[t\right]}$ is the predicted user-required file index based on the realization of the received query $\tilde{Q}$ at time t. The probability of error of each database’s prediction is defined as

$$\begin{array}{c}\hfill P_e=\mathbb{E}\left[P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})\right],\end{array}$$ (6)

where the expectation is taken across all $\tilde{Q}$ and $T_i$. Note that in PIR, $P({\theta }_{\tilde{Q}}^{\left[t\right]}=i|Q_n^{\left[t\right]}=\tilde{Q})=P({\theta }_{\tilde{Q}}^{\left[t\right]}=j|Q_n^{\left[t\right]}=\tilde{Q})$ for all $i,j\in \{1,\dots ,N\}$, any ${\tilde{Q}}^{\left[t\right]}$, which results in $P_e^{\mathrm{PIR}}=1-\frac{1}{K}$. Based on this information, we define the metric of deception as

$$\begin{array}{c}\hfill D=P_e-\left(1-\frac{1}{K}\right).\end{array}$$ (7)

For PIR, the amount of deception is $D=0$, and for weakly PIR, where some amount of information is leaked on the user-required file index, the amount of deception takes a negative value, as the probability of error is smaller than $1-\frac{1}{K}$. The goal of this work is to generate schemes that meet a given level of deception $D=d>0$, while minimizing the normalized download cost, defined as

$$\begin{array}{c}\hfill D_L=\frac{H\left(A_{1:N}\right)}{L},\end{array}$$ (8)

where $A_{1:N}$ represents all the answers received by all N databases, corresponding to a single file requirement of the user. The DIR rate is defined as the reciprocal of $D_L$.

3. Main Result

In this section, we present the main result of this paper, along with some remarks. Consider a system of N non-colluding databases containing K identical files. A user is able to retrieve any file k, while deceiving the databases by leaking information about some other file $k^{\prime }$ to the databases.

Theorem 1. 

Consider a system of N non-colluding databases storing K independent files. A required level of deception d, satisfying $0\le d<\frac{(K-1)(N-1)}{K(N^K-N)}$, is achievable at a DIR rate

$$\begin{array}{c}\hfill R={\left(\frac{1+\left(\frac{N^K-N}{N-1}\right)e^{ϵ}}{1+(N^{K-1}-1)e^{ϵ}}+\left(\frac{N}{N-1}\right)(2u-u(u+1)\alpha )\right)}^{-1},\end{array}$$ (9)

where

$$\begin{array}{c}\hfill ϵ=ln\left(\frac{dKN+(K-1)(N-1)}{dKN+(K-1)(N-1)-dK{N}^K}\right),\alpha =\frac{N+(N^K-N)e^{ϵ}}{(N-1)e^{2ϵ}+(N^K-N)e^{ϵ}+1},u=\lfloor \frac{1}{\alpha }\rfloor \end{array}$$ (10)

Remark 1. 

For given N and K, $ϵ\ge 0$ is a one-to-one continuous function of d, the required level of deception, and $\alpha \in (0,1]$ is a one-to-one continuous function of ϵ. For a given $u\in {\mathbb{Z}}^{+}$, there exists a range of values of α, specified by $\frac{1}{u+1}<\alpha \le \frac{1}{u}$, which corresponds to a unique range of values of ϵ, for which (9) is valid. Since $(0,1]=\cup \left\{\alpha :\frac{1}{u+1}<\alpha \le \frac{1}{u},u\in {\mathbb{Z}}^{+}\right\}$, there exists an achievable rate (as well as an achievable scheme) for any $ϵ\ge 0$ as well as for any d in the range $0\le d<\frac{(K-1)(N-1)}{K(N^K-N)}$.

Remark 2. 

When the user-specified amount of deception is zero, i.e., $d=0$, the corresponding values of α and u are $\alpha =1$ and $u=1$. The achievable rate for this case is $\frac{1-\frac{1}{N}}{1-\frac{1}{N^K}}$, which is equal to the PIR capacity.

Remark 3. 

The achievable DIR rate monotonically decreases with increasing amount of deception d for any given N and K.

Remark 4. 

The variation in the achievable DIR rate with the level of deception for different numbers of databases when the number of files fixed at $K=3$ is shown in Figure 2. The achievable rate for different numbers of files when the number of databases is fixed at $N=2$ is shown in Figure 3. For any given N and K, the rate decreases exponentially when the level of deception is close to the respective upper bound, i.e., $d<\frac{(K-1)(N-1)}{K(N^K-N)}$.

Figure 2.

Achievable DIR rate for varying levels of deception and different numbers of databases when $K=3$.

Figure 3.

Achievable DIR rate for varying levels of deception and different numbers of files when $N=2$.

4. DIR Scheme

The DIR scheme introduced in this section is designed for a system of N non-colluding databases containing K independent files, with a pre-determined amount of deception $d>0$ required. For each file requirement at time $T_i$, $i\in \mathbb{N}$, the user chooses a set of $M+1$ queries to be sent to database n, $n\in \{1,\dots ,N\}$, at time $T_i$ as well as at future time instances $t_{i,j}$, $j\in \{1,\dots ,M\}$, such that each $t_{i,j}>T_i$. The query sent at time $T_i$ is used to download the required file, while the rest of the M queries are sent to deceive the databases. The queries sent at times $T_i$, $i\in \mathbb{N}$ and $t_{i,j}$, $j\in \{1,\dots ,M\}$, $i\in \mathbb{N}$ are known as real and dummy queries, respectively. The binary random variable R is used to specify whether a query sent by the user is real or dummy, i.e., $R=1$ corresponds to a real query sent at time $T_i$, and $R=0$ corresponds to a dummy query sent at time $t_{i,j}$. Next, we define another classification of queries used in the proposed scheme.

Definition 1 

($ϵ$-deceptive query). An ϵ-deceptive query $\tilde{Q}$ with respect to file k is defined as a query that always satisfies

$$\begin{array}{c}\hfill \frac{P(Q_n=\tilde{Q}|\theta =k,R=1)}{P(Q_n=\tilde{Q}|\theta =\ell ,R=1)}=e^{-ϵ},\frac{P(\theta =k|Q_n=\tilde{Q})}{P(\theta =\ell |Q_n=\tilde{Q})}=e^{ϵ},\forall \ell \in \{1,\dots ,K\},\ell \ne k,\end{array}$$ (11)

for some $ϵ>0$, where $Q_n$ and θ are the random variables representing a query sent to database n, $n\in \{1,\dots ,N\}$, and the user-required file index. An equivalent representation of (11) is given by

$$\begin{array}{c}\hfill \frac{P(R=1|\theta =\ell )+\frac{P(Q_n=\tilde{Q}|\theta =\ell ,R=0)}{P(Q_n=\tilde{Q}|\theta =\ell ,R=1)}P(R=0|\theta =\ell )}{P(R=1|\theta =k)+\frac{P(Q_n=\tilde{Q}|\theta =k,R=0)}{P(Q_n=\tilde{Q}|\theta =k,R=1)}P(R=0|\theta =k)}=e^{-2ϵ},\forall \ell \in \{1,\dots ,K\},\ell \ne k.\end{array}$$ (12)

Definition 2 

(PIR query). A query $\tilde{Q}$ that satisfies (11) with $ϵ=0$ for all $k\in \{1,\dots ,K\}$, i.e., a 0-deceptive query, is known as a PIR query.

Remark 5. 

The intuition behind the definition of an ϵ-deceptive query with respect to message k in Definition 1 is as follows. Note that the second equation in (11) fixes the databases’ prediction on the user’s requirement as $W_k$ for the query $\tilde{Q}$. This is because the a posteriori probability corresponding to message k, when $\tilde{Q}$ is received by the databases, is greater than that of any other message ℓ, $\ell \ne k$. However, the first equation in (11), which is satisfied at the same time, ensures that the user sends the query $\tilde{Q}$ with the least probability when the user needs to download message k, compared to the probabilities of sending $\tilde{Q}$ for other message requirements. In other words, since we assume equal priors, the query $\tilde{Q}$ is mostly sent when the user needs to download $W_{\ell }$ for $\ell \ne k$, and is rarely sent to download $W_k$, while the databases’ prediction on the user-required message upon receiving query $\tilde{Q}$ is fixed at $W_k$, which is incorrect with high probability, hence, the deception.

At a given time t, there exists a set of queries consisting of both deceptive and PIR queries, sent to the N databases. Database n, $n\in \{1,\dots ,N\}$, is aware of the probability of receiving each query, for each file requirement, i.e., $P(Q_n=\tilde{Q}|\theta =k)$, for $k\in \{1,\dots ,K\}$, $\tilde{Q}\in \mathcal{Q}$, where $\mathcal{Q}$ is the set of all queries. However, the databases are unaware of being deceived, and are unable to determine whether the received query $\tilde{Q}$ is real or dummy or deceptive or PIR. The proposed scheme generates a list of real and dummy queries for a given N and K along with the probabilities of using them as $ϵ$-deceptive and PIR queries, based on the required level of deception d. The scheme also characterizes the optimum number of dummy queries M to be sent to the databases for each file requirement, to minimize the download cost. As an illustration of the proposed scheme, consider the following representative examples.

4.1. Example 1: Two Databases and Two Files, $N=K=2$

In this example, we present how the proposed DIR scheme is applied in a system of two databases containing two files each. In the proposed scheme, the user generates $M+1$ queries for any given file requirement which consists of one real query and M dummy queries. The user sends the real query at the time of the requirement $T_i$, and the rest of the M dummy queries at M different future time instances $t_{i,j}$. Table 1 and Table 2 give possible pairs of real queries that are sent to the two databases to retrieve $W_1$ and $W_2$, respectively, at time $T_i$, $i\in \mathbb{N}$. The probability of using each pair of queries is indicated in the first columns of Table 1 and Table 2. Note that the correctness condition in (4) is satisfied at each time $T_i$, as each row of Table 1 and Table 2 decodes files $W_1$ and $W_2$, respectively, with no error.

Table 1.

Real query table—$W_1$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=1,\mathit{R}=1)$	DB 1	DB 2
p	$W_1$	$\varphi$
p	$\varphi$	$W_1$
$p^{\prime }$	$W_2$	$W_1+W_2$
$p^{\prime }$	$W_1+W_2$	$W_2$

Table 2.

Real query table—$W_2$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=2,\mathit{R}=1)$	DB 1	DB 2
p	$W_2$	$\varphi$
p	$\varphi$	$W_2$
$p^{\prime }$	$W_1$	$W_1+W_2$
$p^{\prime }$	$W_1+W_2$	$W_1$

The dummy queries sent to each database at time $t_{i,j}$ are given in Table 3 and Table 4. The purpose of the dummy queries sent at future time instances is to deceive the databases by manipulating the a posteriori probabilities, which impact their predictions. For example, if the user wants to download $W_1$ at time $T_i$, the user selects one of the four query options in Table 1 based on the probabilities in column 1 (The values of p and $p^{\prime }$ are derived later in this section), and sends the corresponding queries to databases 1 and 2 at time $T_i$. Based on the information in Table 3, the user sends the query $W_1$ to both databases at M distinct future time instances $t_{i,j}$, $j\in \{1,\dots ,M\}$.

Table 3.

Dummy query table—$W_1$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=1,\mathit{R}=0)$	DB 1	DB 2
1	$W_1$	$W_1$

Table 4.

Dummy query table—$W_2$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=2,\mathit{R}=0)$	DB 1	DB 2
1	$W_2$	$W_2$

Based on the information in Table 1, Table 2, Table 3 and Table 4, when the user-required file is $W_1$, the probability of each query being received by database n, $n\in \{1,2\}$, at an arbitrary time instance t is calculated as follows. Let $P(R=1|\theta =i)=\alpha$ for $i\in \{1,2\}$. (The intuition behind $P(R=1|\theta =i)$ is the probability of a query received by any database being real when the user-required file index is i. For a fixed M, $P(R=1|\theta =i)=\frac{1}{M+1}$). Then,

$$\begin{array}{cc}\hfill P(Q_n=W_1|\theta =1)& =P(Q_n=W_1|\theta =1,R=1)P(R=1|\theta =1)\hfill \end{array}$$

$$\begin{array}{cc}\hfill \hspace{1em}& \hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em} +P(Q_n=W_1|\theta =1,R=0)P(R=0|\theta =1)\hfill \end{array}$$ (13)

$$\begin{array}{cc}\hfill \hspace{1em}& =p\alpha +1-\alpha \hfill \end{array}$$ (14)

$$\begin{array}{cc}P(Q_n=W_2|\theta =1)\hfill & =P(Q_n=W_2|\theta =1,R=1)P(R=1|\theta =1)\hfill \end{array}$$

$$\begin{array}{cc}\hfill & \hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em} +P(Q_n=W_2|\theta =1,R=0)P(R=0|\theta =1)\hfill \end{array}$$ (15)

$$\begin{array}{cc}\hfill \hspace{1em}& =p^{\prime }\alpha \hfill \end{array}$$ (16)

$$\begin{array}{cc}P(Q_n=W_1+W_2|\theta =1)& =P(Q_n=W_1+W_2|\theta =1,R=1)P(R=1|\theta =1)\end{array}$$

$$\begin{array}{cc}\hfill & \hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em} +P(Q_n=W_1+W_2|\theta =1,R=0)P(R=0|\theta =1)\hfill \end{array}$$ (17)

$$\begin{array}{cc}\hfill & =p^{\prime }\alpha \hfill \end{array}$$ (18)

$$\begin{array}{ll}\hfill P(Q_n=\varphi |\theta =1)& =P(Q_n=\varphi |\theta =1,R=1)P(R=1|\theta =1)\hfill \end{array}$$

$$\begin{array}{cc}\hfill & \hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em}\hspace{1em} +P(Q_n=\varphi |\theta =1,R=0)P(R=0|\theta =1)\hfill \end{array}$$ (19)

$$\begin{array}{cc}\hfill & =p\alpha \hfill \end{array}$$ (20)

Thus, writing these probabilities compactly, we have

$$\begin{array}{cc}\hfill P(Q_n=W_1|\theta =1)& =p\alpha +1-\alpha \hfill \end{array}$$ (21)

$$\begin{array}{cc}\hfill P(Q_n=W_2|\theta =1)& =p^{\prime }\alpha \hfill \end{array}$$ (22)

$$\begin{array}{cc}\hfill P(Q_n=W_1+W_2|\theta =1)& =p^{\prime }\alpha \hfill \end{array}$$ (23)

$$\begin{array}{cc}\hfill P(Q_n=\varphi |\theta =1)& =p\alpha .\hfill \end{array}$$ (24)

Similarly, when the user-required file is $W_2$, the corresponding probabilities are

$$\begin{array}{cc}\hfill P(Q_n=W_1|\theta =2)& =p^{\prime }\alpha \hfill \end{array}$$ (25)

$$\begin{array}{cc}\hfill P(Q_n=W_2|\theta =2)& =p\alpha +1-\alpha \hfill \end{array}$$ (26)

$$\begin{array}{cc}\hfill P(Q_n=W_1+W_2|\theta =2)& =p^{\prime }\alpha \hfill \end{array}$$ (27)

$$\begin{array}{cc}\hfill P(Q_n=\varphi |\theta =2)& =p\alpha .\hfill \end{array}$$ (28)

These queries and the corresponding probabilities of sending them to each database for each message requirement are known to the databases. However, the decomposition of these probabilities based on whether the query is real or dummy, i.e., Table 1, Table 2, Table 3 and Table 4, is not known by the databases. When database n, $n\in \{1,\dots ,N\}$, receives a query $\tilde{Q}$ at time t, it calculates the a posteriori probability distribution of the user-required file index, to predict the user’s requirement using (5). The a posteriori probabilities corresponding to the four queries received by database n, $n\in \{1,2\}$, are calculated as follows:

$$\begin{array}{cc}\hfill P(\theta =i|Q_n=\tilde{Q})& =\frac{P(Q_n=\tilde{Q}|\theta =i)P(\theta =i)}{P(Q_n=\tilde{Q})}.\hfill \end{array}$$ (29)

Then, the explicit a posteriori probabilities are given by

$$\begin{array}{cc}\hfill P(\theta =1|Q_n=W_1)& =\frac{\frac{1}{2}(p\alpha +1-\alpha )}{P(Q_n=W_1)}\hfill \end{array}$$ (30)

$$\begin{array}{cc}\hfill P(\theta =2|Q_n=W_1)& =\frac{\frac{1}{2}{p}^{\prime }\alpha }{P(Q_n=W_1)}\hfill \end{array}$$ (31)

$$\begin{array}{cc}\hfill P(\theta =1|Q_n=W_2)& =\frac{\frac{1}{2}{p}^{\prime }\alpha }{P(Q_n=W_2)}\hfill \end{array}$$ (32)

$$\begin{array}{cc}\hfill P(\theta =2|Q_n=W_2)& =\frac{\frac{1}{2}(p\alpha +1-\alpha )}{P(Q_n=W_2)}\hfill \end{array}$$ (33)

$$\begin{array}{cc}\hfill P(\theta =1|Q_n=W_1+W_2)& =\frac{\frac{1}{2}{p}^{\prime }\alpha }{P(Q_n=W_1+W_2)}\hfill \end{array}$$ (34)

$$\begin{array}{cc}\hfill P(\theta =2|Q_n=W_1+W_2)& =\frac{\frac{1}{2}{p}^{\prime }\alpha }{P(Q_n=W_1+W_2)}\hfill \end{array}$$ (35)

$$\begin{array}{cc}\hfill P(\theta =1|Q_n=\varphi )& =\frac{\frac{1}{2}p\alpha }{P(Q_n=\varphi )}\hfill \end{array}$$ (36)

$$\begin{array}{cc}\hfill P(\theta =2|Q_n=\varphi )& =\frac{\frac{1}{2}p\alpha }{P(Q_n=\varphi )}.\hfill \end{array}$$ (37)

While queries $\varphi$ and $W_1+W_2$ are PIR queries as stated in Definition 2, queries $W_1$ and $W_2$ are $ϵ$-deceptive with respect to file indices 1 and 2, respectively, for an $ϵ$ that depends on the required amount of deception d. The values of p and $p^{\prime }$ in Table 1, Table 2, Table 3 and Table 4 are calculated based on the requirements in Definition 1 as follows. It is straightforward to see that $p^{\prime }=p{e}^{ϵ}$ follows from the first part of (11) for each query $\tilde{Q}=W_1$ and $\tilde{Q}=W_2$, which also gives $p=\frac{1}{2(1+e^{ϵ})}$. The second part of (11) (as well as (12)) results in $\alpha =\frac{2}{1+e^{ϵ}}$ for both $ϵ$-deceptive queries $W_1$ and $W_2$. Based on the a posteriori probabilities (30)–(37) calculated by the databases using the information in (21)–(28), each database predicts the user’s requirement at each time it receives a query from the user. The predictions corresponding to each query received by database n, $n=1,2$, which are computed using (5), are shown in Table 5.

Table 5.

Probabilities of each database predicting the user-required file in Example 1.

Query $\tilde{\mathit{Q}}$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=1)$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=2)$
$W_1$	1	0
$W_2$	0	1
$W_1+W_2$	$\frac{1}{2}$	$\frac{1}{2}$
$\varphi$	$\frac{1}{2}$	$\frac{1}{2}$

Based on this information, when a database receives query $Q=W_1$, it always decides that the requested message is $W_1$, and when it receives query $Q=W_2$, it always decides that the requested message is $W_2$. For queries $Q=\varphi$ and $Q=W_1+W_2$, the databases flip a coin to choose either $W_1$ or $W_2$ as the requested message.

As the queries are symmetric across all databases, the probability of error corresponding to some query $\tilde{Q}$ received by database n at time $T_i$ is given by

$$\begin{array}{c}P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})\hfill \end{array}$$

$$\begin{array}{cc}\hfill & =P({\theta }^{\left[T_i\right]}=1,{\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}=2|Q_n^{\left[T_i\right]}=\tilde{Q})+P({\theta }^{\left[T_i\right]}=2,{\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}=1|Q_n^{\left[T_i\right]}=\tilde{Q})\hfill \end{array}$$ (38)

$$\begin{array}{cc}\hfill & =\frac{1}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\left(P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}=2|{\theta }^{\left[T_i\right]}=1,Q_n^{\left[T_i\right]}=\tilde{Q})P(Q_n^{\left[T_i\right]}=\tilde{Q}|{\theta }^{\left[T_i\right]}=1)P({\theta }^{\left[T_i\right]}=1)\right.\hfill \end{array}$$

$$\begin{array}{cc}\hfill & \left.+P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}=1|{\theta }^{\left[T_i\right]}=2,Q_n^{\left[T_i\right]}=\tilde{Q})P(Q_n^{\left[T_i\right]}=\tilde{Q}|{\theta }^{\left[T_i\right]}=2)P({\theta }^{\left[T_i\right]}=2)\right)\hfill \end{array}$$ (39)

$$\begin{array}{cc}\hfill & =\frac{1}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\left(P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}=2|Q_n^{\left[T_i\right]}=\tilde{Q})P(Q_n^{\left[T_i\right]}=\tilde{Q}|{\theta }^{\left[T_i\right]}=1)P({\theta }^{\left[T_i\right]}=1)\right.\hfill \end{array}$$

$$\begin{array}{cc}\hfill & \left.+P({\widehat{\theta }}_{\tilde{Q}}=1|Q_n^{\left[T_i\right]}=\tilde{Q})P(Q_n^{\left[T_i\right]}=\tilde{Q}|{\theta }^{\left[T_i\right]}=2)P({\theta }^{\left[T_i\right]}=2)\right),\hfill \end{array}$$ (40)

as the predictions only depend on the received queries. The explicit probabilities corresponding to the four queries are (Note that $P(Q_n=\tilde{Q}|{\theta }^{\left[T_i\right]}=i)$ implies $P(Q_n=\tilde{Q}|\theta =i,R=1)$, as only real queries are sent at time $T_i$).

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{W_1}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =\frac{1}{P(Q_n^{\left[T_i\right]}=W_1)}\frac{e^{ϵ}}{4(1+e^{ϵ})}\hfill \end{array}$$ (41)

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{W_2}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =\frac{1}{P(Q_n^{\left[T_i\right]}=W_2)}\frac{e^{ϵ}}{4(1+e^{ϵ})}\hfill \end{array}$$ (42)

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{W_1+W_2}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =\frac{1}{P(Q_n^{\left[T_i\right]}=W_1+W_2)}\frac{e^{ϵ}}{4(1+e^{ϵ})}\hfill \end{array}$$ (43)

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{\varphi }^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =\frac{1}{P(Q_n^{\left[T_i\right]}=\varphi )}\frac{1}{4(1+e^{ϵ})}.\hfill \end{array}$$ (44)

As the same scheme is used for all user requirements at all time instances, the probability of error of each database’s prediction for this example is calculated using (6) as

$$\begin{array}{cc}\hfill P_e& =\sum _{\tilde{Q}\in \mathcal{Q}}P(Q_n^{\left[T_i\right]}=\tilde{Q})P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})\hfill \end{array}$$ (45)

$$\begin{array}{cc}\hfill & =\frac{3e^{ϵ}+1}{4(1+e^{ϵ})}\hfill \end{array}$$ (46)

where $\mathcal{Q}=\{W_1,W_2,W_1+W_2,\varphi \}$, which results in a deception of $D=\frac{3e^{ϵ}+1}{4(1+e^{ϵ})}-\frac{1}{2}=\frac{e^{ϵ}-1}{4(1+e^{ϵ})}$. Therefore, for a required amount of deception $d<\frac{1}{4}$, the value of $ϵ$ is chosen as $ϵ=ln\left(\frac{4d+1}{1-4d}\right)$.

The download cost of this scheme is computed as follows. As the scheme is symmetric across all file retrievals, and since the a priori probability distribution of the files is uniform, without loss of generality, we can calculate the download cost of retrieving $W_1$. The download cost of retrieving $W_1$ for a user specified amount of deception d is given by

$$\begin{array}{cc}\hfill D_L& =\frac{1}{L}\left(2Lp+2\left(2L\right)p{e}^{ϵ}+2L\sum _{m=0}^{\infty }{p}_{m}m\right)\hfill \end{array}$$ (47)

$$\begin{array}{cc}\hfill & =\frac{1+2e^{ϵ}}{1+e^{ϵ}}+2\mathbb{E}\left[M\right]\hfill \end{array}$$ (48)

where $p_m$ is the probability of sending m dummy queries per each file requirement. To minimize the download cost, we need to find the probability mass function (PMF) of M which minimizes $\mathbb{E}\left[M\right]$ such that $P(R=1|\theta =i)=\alpha =\frac{2}{1+e^{ϵ}}$ is satisfied for any i. Note that for any i, $P(R=1|\theta =i)$ can be written as

$$\begin{array}{c}\hfill P(R=1|\theta =i)=\alpha =\sum _{m=0}^{\infty }{p}_m\frac{1}{m+1}=\mathbb{E}\left[\frac{1}{M+1}\right],\end{array}$$ (49)

where M is the random variable representing the number of dummy queries sent to each database per file requirement. Thus, the following optimization problem needs to be solved, for a given $ϵ$, that is a function of the given value of d:

$$\begin{array}{cc}\hfill min& \mathbb{E}\left[M\right]\hfill \\ \hfill \mathrm{s}.\mathrm{t}.& \mathbb{E}\left[\frac{1}{M+1}\right]=\frac{2}{1+e^{ϵ}}=\alpha .\hfill \end{array}$$ (50)

The solution to this problem is given in Lemma 1, and the resulting minimum download cost is given by

$$\begin{array}{cc}\hfill D_L& =\frac{1+2e^{ϵ}}{1+e^{ϵ}}+4u-2u(u+1)\alpha ,\hfill \end{array}$$ (51)

where $u=\lfloor \frac{1}{\alpha }\rfloor$. When $d=0$, it follows that $ϵ=0$ and $u=1$, and the achievable rate is $\frac{2}{3}$, which is the same as the PIR capacity for $N=2$ and $K=2$.

4.2. Example 2: Three Databases and Three Files, $N=K=3$

Similar to the previous example, the user sends real queries at time $T_i$ and dummy queries at times $t_{i,j}$, $j\in \{1,\dots ,M\}$, for each $i\in \mathbb{N}$, based on the probabilities shown in Table 6, Table 7, Table 8, Table 9, Table 10 and Table 11. The notation $W_i^j$ in these tables corresponds to the jth segment of $W_i$, where each file $W_i$ is divided into $N-1=2$ segments of equal size. Database n, $n\in \{1,\dots ,N\}$, only knows the overall probabilities of receiving each query for each file requirement of the user shown in Table 12. These overall probabilities, which are calculated using

$$\begin{array}{cc}\hfill P(Q_n=\tilde{Q}|\theta =k)& =P(Q_n=\tilde{Q}|\theta =k,R=1)P(R=1|\theta =k)\hfill \\ \hfill & +P(Q_n=\tilde{Q}|\theta =k,R=0)P(R=0|\theta =k),k\in \{1,\dots ,K\}\hfill \end{array}$$ (52)

where $P(R=1|\theta =i)=\alpha$ for any $i=1,2,3$, are the same for each database, as the scheme is symmetric across all databases. The entry “other queries” in Table 12 includes all queries that have sums of two or three elements. Based on this available information, each database calculates the a posteriori probability of the user-required file index conditioned on each received query $\tilde{Q}$ using (29). Each query of the form $W_k^j$ is an $ϵ$-deceptive query with respect to file k, where $ϵ$ is a function of the required amount of deception, which is derived towards the end of this section. All other queries including the null query and all sums of two or three elements are PIR queries. As all $ϵ$-deceptive queries must satisfy (11), the value of $p^{\prime }$ is given by $p^{\prime }=p{e}^{ϵ}$, which results in $p=\frac{1}{3(1+8e^{ϵ})}$, based on the same arguments used in the previous example. Using (11) and (29) for any given deceptive query, the value of $\alpha$ is calculated as follows. Note that for a query of the form $W_k^j$, for each database n, $n\in \{1,\dots ,N\}$, using $P(\theta =k)=\frac{1}{K}$, we have

$$\begin{array}{cc}\hfill \frac{P(\theta =k|Q_n=W_k^j)}{P(\theta =\ell |Q=W_k^j)}& =\frac{P(Q_n=W_k^j|\theta =k)}{P(Q_n=W_k^j|\theta =\ell )}=\frac{p\alpha +\frac{1}{2}(1-\alpha )}{p^{\prime }\alpha },\hfill \end{array}$$ (53)

The value of $\alpha$ is computed as $\alpha =\frac{1}{2p(e^{2ϵ}-1)+1}$, using (11) and (53) by solving $\frac{p\alpha +\frac{1}{2}(1-\alpha )}{p^{\prime }\alpha }=e^{ϵ}$.

Table 6.

Real query table—$W_1$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=1,\mathit{R}=1)$	Database 1	Database 2	Database 3
p	$W_1^1$	$W_1^2$	$\varphi$
p	$W_1^2$	$\varphi$	$W_1^1$
p	$\varphi$	$W_1^1$	$W_1^2$
$p^{\prime }$	$W_1^1+W_2^1$	$W_1^2+W_2^1$	$W_2^1$
$p^{\prime }$	$W_1^2+W_2^1$	$W_2^1$	$W_1^1+W_2^1$
$p^{\prime }$	$W_2^1$	$W_1^1+W_2^1$	$W_1^2+W_2^1$
$p^{\prime }$	$W_1^1+W_2^2$	$W_1^2+W_2^2$	$W_2^2$
$p^{\prime }$	$W_1^2+W_2^2$	$W_2^2$	$W_1^1+W_2^2$
$p^{\prime }$	$W_2^2$	$W_1^1+W_2^2$	$W_1^2+W_2^2$
$p^{\prime }$	$W_1^1+W_3^1$	$W_1^2+W_3^1$	$W_3^1$
$p^{\prime }$	$W_1^2+W_3^1$	$W_3^1$	$W_1^1+W_3^1$
$p^{\prime }$	$W_3^1$	$W_1^1+W_3^1$	$W_1^2+W_3^1$
$p^{\prime }$	$W_1^1+W_3^2$	$W_1^2+W_3^2$	$W_3^2$
$p^{\prime }$	$W_1^2+W_3^2$	$W_3^2$	$W_1^1+W_3^2$
$p^{\prime }$	$W_3^2$	$W_1^1+W_3^2$	$W_1^2+W_3^2$
$p^{\prime }$	$W_1^1+W_2^1+W_3^1$	$W_1^2+W_2^1+W_3^1$	$W_2^1+W_3^1$
$p^{\prime }$	$W_1^2+W_2^1+W_3^1$	$W_2^1+W_3^1$	$W_1^1+W_2^1+W_3^1$
$p^{\prime }$	$W_2^1+W_3^1$	$W_1^1+W_2^1+W_3^1$	$W_1^2+W_2^1+W_3^1$
$p^{\prime }$	$W_1^1+W_2^2+W_3^1$	$W_1^2+W_2^2+W_3^1$	$W_2^2+W_3^1$
$p^{\prime }$	$W_1^2+W_2^2+W_3^1$	$W_2^2+W_3^1$	$W_1^1+W_2^2+W_3^1$
$p^{\prime }$	$W_2^2+W_3^1$	$W_1^1+W_2^2+W_3^1$	$W_1^2+W_2^2+W_3^1$
$p^{\prime }$	$W_1^1+W_2^1+W_3^2$	$W_1^2+W_2^1+W_3^2$	$W_2^1+W_3^2$
$p^{\prime }$	$W_1^2+W_2^1+W_3^2$	$W_2^1+W_3^2$	$W_1^1+W_2^1+W_3^2$
$p^{\prime }$	$W_2^1+W_3^2$	$W_1^1+W_2^1+W_3^2$	$W_1^2+W_2^1+W_3^2$
$p^{\prime }$	$W_1^1+W_2^2+W_3^2$	$W_1^2+W_2^2+W_3^2$	$W_2^2+W_3^2$
$p^{\prime }$	$W_1^2+W_2^2+W_3^2$	$W_2^2+W_3^2$	$W_1^1+W_2^2+W_3^2$
$p^{\prime }$	$W_2^2+W_3^2$	$W_1^1+W_2^2+W_3^2$	$W_1^2+W_2^2+W_3^2$

Table 7.

Dummy query table—$W_1$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=1,\mathit{R}=0)$	DB 1	$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=1,\mathit{R}=0)$	DB 2	$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=1,\mathit{R}=0)$	DB 3
$\frac{1}{2}$	$W_1^1$	$\frac{1}{2}$	$W_1^1$	$\frac{1}{2}$	$W_1^1$
$\frac{1}{2}$	$W_1^2$	$\frac{1}{2}$	$W_1^2$	$\frac{1}{2}$	$W_1^2$

Table 8.

Real query table—$W_2$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=2,\mathit{R}=1)$	Database 1	Database 2	Database 3
p	$W_2^1$	$W_2^2$	$\varphi$
p	$W_2^2$	$\varphi$	$W_2^1$
p	$\varphi$	$W_2^1$	$W_2^2$
$p^{\prime }$	$W_1^1+W_2^1$	$W_1^1+W_2^2$	$W_1^1$
$p^{\prime }$	$W_1^1+W_2^2$	$W_1^1$	$W_1^1+W_2^1$
$p^{\prime }$	$W_1^1$	$W_1^1+W_2^1$	$W_1^1+W_2^2$
$p^{\prime }$	$W_1^2+W_2^1$	$W_1^2+W_2^2$	$W_1^2$
$p^{\prime }$	$W_1^2+W_2^2$	$W_1^2$	$W_1^2+W_2^1$
$p^{\prime }$	$W_1^2$	$W_1^2+W_2^1$	$W_1^2+W_2^2$
$p^{\prime }$	$W_2^1+W_3^1$	$W_2^2+W_3^1$	$W_3^1$
$p^{\prime }$	$W_2^2+W_3^1$	$W_3^1$	$W_2^1+W_3^1$
$p^{\prime }$	$W_3^1$	$W_2^1+W_3^1$	$W_2^2+W_3^1$
$p^{\prime }$	$W_2^1+W_3^2$	$W_2^2+W_3^2$	$W_3^2$
$p^{\prime }$	$W_2^2+W_3^2$	$W_3^2$	$W_2^1+W_3^2$
$p^{\prime }$	$W_3^2$	$W_2^1+W_3^2$	$W_2^2+W_3^2$
$p^{\prime }$	$W_1^1+W_2^1+W_3^1$	$W_1^1+W_2^2+W_3^1$	$W_1^1+W_3^1$
$p^{\prime }$	$W_1^1+W_2^2+W_3^1$	$W_1^1+W_3^1$	$W_1^1+W_2^1+W_3^1$
$p^{\prime }$	$W_1^1+W_3^1$	$W_1^1+W_2^1+W_3^1$	$W_1^1+W_2^2+W_3^1$
$p^{\prime }$	$W_1^1+W_2^1+W_3^2$	$W_1^1+W_2^2+W_3^2$	$W_1^1+W_3^2$
$p^{\prime }$	$W_1^1+W_2^2+W_3^2$	$W_1^1+W_3^2$	$W_1^1+W_2^1+W_3^2$
$p^{\prime }$	$W_1^1+W_3^2$	$W_1^1+W_2^1+W_3^2$	$W_1^1+W_2^2+W_3^2$
$p^{\prime }$	$W_1^2+W_2^1+W_3^1$	$W_1^2+W_2^2+W_3^1$	$W_1^2+W_3^1$
$p^{\prime }$	$W_1^2+W_2^2+W_3^1$	$W_1^2+W_3^1$	$W_1^2+W_2^1+W_3^1$
$p^{\prime }$	$W_1^2+W_3^1$	$W_1^2+W_2^1+W_3^1$	$W_1^2+W_2^2+W_3^1$
$p^{\prime }$	$W_1^2+W_2^1+W_3^2$	$W_1^2+W_2^2+W_3^2$	$W_1^2+W_3^2$
$p^{\prime }$	$W_1^2+W_2^2+W_3^2$	$W_1^2+W_3^2$	$W_1^2+W_2^1+W_3^2$
$p^{\prime }$	$W_1^2+W_3^2$	$W_1^2+W_2^1+W_3^2$	$W_1^2+W_2^2+W_3^2$

Table 9.

Dummy query table—$W_2$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=2,\mathit{R}=0)$	DB 1	$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=2,\mathit{R}=0)$	DB 2	$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=2,\mathit{R}=0)$	DB 3
$\frac{1}{2}$	$W_2^1$	$\frac{1}{2}$	$W_2^1$	$\frac{1}{2}$	$W_2^1$
$\frac{1}{2}$	$W_2^2$	$\frac{1}{2}$	$W_2^2$	$\frac{1}{2}$	$W_2^2$

Table 10.

Real query table—$W_3$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=3,\mathit{R}=1)$	Database 1	Database 2	Database 3
p	$W_3^1$	$W_3^2$	$\varphi$
p	$W_3^2$	$\varphi$	$W_3^1$
p	$\varphi$	$W_3^1$	$W_3^2$
$p^{\prime }$	$W_1^1+W_3^1$	$W_1^1+W_3^2$	$W_1^1$
$p^{\prime }$	$W_1^1+W_3^2$	$W_1^1$	$W_1^1+W_3^1$
$p^{\prime }$	$W_1^1$	$W_1^1+W_3^1$	$W_1^1+W_3^2$
$p^{\prime }$	$W_1^2+W_3^1$	$W_1^2+W_3^2$	$W_1^2$
$p^{\prime }$	$W_1^2+W_3^2$	$W_1^2$	$W_1^2+W_3^2$
$p^{\prime }$	$W_1^2$	$W_1^2+W_3^2$	$W_1^2+W_3^1$
$p^{\prime }$	$W_2^1+W_3^1$	$W_2^1+W_3^2$	$W_2^1$
$p^{\prime }$	$W_2^1+W_3^2$	$W_3^1$	$W_2^1+W_3^1$
$p^{\prime }$	$W_2^1$	$W_2^1+W_3^1$	$W_2^1+W_3^2$
$p^{\prime }$	$W_2^2+W_3^1$	$W_2^2+W_3^2$	$W_2^2$
$p^{\prime }$	$W_2^2+W_3^2$	$W_2^2$	$W_2^2+W_3^1$
$p^{\prime }$	$W_2^2$	$W_2^2+W_3^1$	$W_2^2+W_3^2$
$p^{\prime }$	$W_1^1+W_2^1+W_3^1$	$W_1^1+W_2^1+W_3^2$	$W_1^1+W_2^1$
$p^{\prime }$	$W_1^1+W_2^1+W_3^2$	$W_1^1+W_2^1$	$W_1^1+W_2^1+W_3^1$
$p^{\prime }$	$W_1^1+W_2^1$	$W_1^1+W_2^1+W_3^1$	$W_1^1+W_2^1+W_3^2$
$p^{\prime }$	$W_1^2+W_2^1+W_3^1$	$W_1^2+W_2^1+W_3^2$	$W_1^2+W_2^1$
$p^{\prime }$	$W_1^2+W_2^1+W_3^2$	$W_1^2+W_2^1$	$W_1^2+W_2^1+W_3^1$
$p^{\prime }$	$W_1^2+W_2^1$	$W_1^2+W_2^1+W_3^1$	$W_1^2+W_2^1+W_3^2$
$p^{\prime }$	$W_1^1+W_2^2+W_3^1$	$W_1^1+W_2^2+W_3^2$	$W_1^1+W_2^2$
$p^{\prime }$	$W_1^1+W_2^2+W_3^2$	$W_1^1+W_2^2$	$W_1^1+W_2^2+W_3^1$
$p^{\prime }$	$W_1^1+W_2^2$	$W_1^1+W_2^2+W_3^1$	$W_1^1+W_2^2+W_3^2$
$p^{\prime }$	$W_1^2+W_2^2+W_3^1$	$W_1^2+W_2^2+W_3^2$	$W_1^2+W_2^2$
$p^{\prime }$	$W_1^2+W_2^2+W_3^2$	$W_1^2+W_2^2$	$W_1^2+W_2^2+W_3^1$
$p^{\prime }$	$W_1^2+W_2^2$	$W_1^2+W_2^2+W_3^1$	$W_1^2+W_2^2+W_3^2$

Table 11.

Dummy query table—$W_3$.

$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=3,\mathit{R}=0)$	DB 1	$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=3,\mathit{R}=0)$	DB 2	$\mathit{P}\left(\mathit{Q}\right|\mathit{\theta }=3,\mathit{R}=0)$	DB 3
$\frac{1}{2}$	$W_3^1$	$\frac{1}{2}$	$W_3^1$	$\frac{1}{2}$	$W_3^1$
$\frac{1}{2}$	$W_3^2$	$\frac{1}{2}$	$W_3^2$	$\frac{1}{2}$	$W_3^2$

Table 12.

Queries received by database n, $n\in \{1,\dots ,N\}$, at a given time t for each file requirement, and the corresponding probabilities.

Query $\tilde{\mathit{Q}}$	$\mathit{P}({\mathit{Q}}_{\mathit{n}}=\tilde{\mathit{Q}}|\mathit{\theta }=1)$	$\mathit{P}({\mathit{Q}}_{\mathit{n}}=\tilde{\mathit{Q}}|\mathit{\theta }=2)$	$\mathit{P}({\mathit{Q}}_{\mathit{n}}=\tilde{\mathit{Q}}|\mathit{\theta }=3)$
$\varphi$	$p\alpha$	$p\alpha$	$p\alpha$
$W_1^1$	$p\alpha +\frac{1}{2}(1-\alpha )$	$p^{\prime }\alpha$	$p^{\prime }\alpha$
$W_1^2$	$p\alpha +\frac{1}{2}(1-\alpha )$	$p^{\prime }\alpha$	$p^{\prime }\alpha$
$W_2^1$	$p^{\prime }\alpha$	$p\alpha +\frac{1}{2}(1-\alpha )$	$p^{\prime }\alpha$
$W_2^2$	$p^{\prime }\alpha$	$p\alpha +\frac{1}{2}(1-\alpha )$	$p^{\prime }\alpha$
$W_3^1$	$p^{\prime }\alpha$	$p^{\prime }\alpha$	$p\alpha +\frac{1}{2}(1-\alpha )$
$W_3^2$	$p^{\prime }\alpha$	$p^{\prime }\alpha$	$p\alpha +\frac{1}{2}(1-\alpha )$
other queries	$p^{\prime }\alpha$	$p^{\prime }\alpha$	$p^{\prime }\alpha$

Assume that the user wants to download $W_2$ at some time $T_i$. Then, at time $T_i$, the user picks a row of queries from Table 8 based on the probabilities in the first column, and sends them to each of the three databases. Note that correctness is satisfied, as it is possible to decode $W_2$ from any row of Table 8. Next, the user picks M future time instances $t_{i,j}$, $j\in \{1,\dots ,M\}$, and at each time $t_{i,j}$ the user independently and randomly picks a row from Table 9 and sends the queries to the databases. This completes the scheme, and the value of M that minimizes the download cost is calculated at the end of this example.

The databases make predictions with the received query at each time t, based on the information available in Table 12. As the a posteriori probabilities $P(\theta =k|Q_n=\tilde{Q})$ are proportional to the corresponding probabilities given by $P(Q_n=\tilde{Q}|\theta =k)$ from (29), the databases’ predictions (using (5)) and the corresponding probabilities are shown in Table 13.

Table 13.

Probabilities of each database predicting the user-required file in Example 2.

Query $\tilde{\mathit{Q}}$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=1)$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=2)$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=3)$
$W_1^1$	1	0	0
$W_1^2$	1	0	0
$W_2^1$	0	1	0
$W_2^2$	0	1	0
$W_3^1$	0	0	1
$W_3^2$	0	0	1
other queries	$\frac{1}{3}$	$\frac{1}{3}$	$\frac{1}{3}$

The probability of error for each type of query is calculated as follows. First, consider the $ϵ$-deceptive queries with respect to file k, given by $W_k^j$, $j\in \{1,2\}$. For these queries, the error probability from the perspective of database n, $n\in \{1,\dots ,N\}$, is given by

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{W_k^j}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =P({\theta }^{\left[T_i\right]}\ne k|Q_n^{\left[T_i\right]}=W_k^j)\hfill \end{array}$$ (54)

$$\begin{array}{cc}\hfill & =\sum _{\ell =1,\ell \ne k}^{3}P({\theta }^{\left[T_i\right]}=\ell |Q_n^{\left[T_i\right]}=W_k^j)\hfill \end{array}$$ (55)

$$\begin{array}{cc}\hfill & =\frac{{\sum }_{\ell =1,\ell \ne k}^{3}P(Q_n^{\left[T_i\right]}=W_k^j|{\theta }^{\left[T_i\right]}=\ell )P({\theta }^{\left[T_i\right]}=\ell )}{P(Q_n^{\left[T_i\right]}=W_k^j)}\hfill \end{array}$$ (56)

$$\begin{array}{cc}\hfill & =\frac{1}{P(Q_n^{\left[T_i\right]}=W_k^j)}\frac{2}{3}p{e}^{ϵ},\hfill \end{array}$$ (57)

where (54) follows from the fact that the databases’ prediction on a received query of the form $W_k^j$ is file k with probability 1 from Table 13, and the probabilities in (57) are obtained from real query tables as they correspond to queries sent at time $T_i$. Next, the probability of error corresponding to each of the the other queries, i.e., PIR queries that include the null query and sums of two or three elements, is given by

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =P({\widehat{\theta }}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]}|Q_n^{\left[T_i\right]}=\tilde{Q})\hfill \end{array}$$ (58)

$$\begin{array}{cc}\hfill & =\frac{{\sum }_{j=1}^3{\sum }_{m=1,m\ne j}^{3}P({\widehat{\theta }}^{\left[T_i\right]}=m,{\theta }^{\left[T_i\right]}=j,Q_n^{\left[T_i\right]}=\tilde{Q})}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\hfill \end{array}$$ (59)

$$\begin{array}{cc}\hfill & =\frac{{\sum }_{j=1}^3{\sum }_{m=1,m\ne j}^{3}P({\widehat{\theta }}^{\left[T_i\right]}=m|{\theta }^{\left[T_i\right]}=j,Q_n^{\left[T_i\right]}=\tilde{Q})P(Q_n^{\left[T_i\right]}=\tilde{Q}|{\theta }^{\left[T_i\right]}=j)P({\theta }^{\left[T_i\right]}=j)}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\hfill \end{array}$$ (60)

$$\begin{array}{cc}\hfill & =\frac{1}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\left\{\begin{array}{cc}\frac{2p}{3},\hfill & \mathrm{if}\tilde{Q}=\varphi \hfill \\ \frac{2p{e}^{ϵ}}{3},\hfill & \mathrm{if}\tilde{Q}\mathrm{if}\mathrm{of}\mathrm{the}\mathrm{form}{\sum }_{s=1}^{\ell }{W}_{k_s}^{j_s}\mathrm{for}\ell \in \{2,3\}\hfill \end{array}\right.\hfill \end{array}$$ (61)

where (61) follows from the fact that ${\widehat{\theta }}^{\left[T_i\right]}$ is conditionally independent of ${\theta }^{\left[T_i\right]}$ given $Q_n$, from (5). The probability of error at each time $T_i$, $i\in \mathbb{N}$, is the same, as the scheme is identical at each $T_i$, and across all file requirements. Therefore, the probability of error of each database’s prediction using (6) is given by

$$\begin{array}{cc}\hfill P_e& =P({\widehat{\theta }}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})\hfill \end{array}$$ (62)

$$\begin{array}{cc}\hfill & =\sum _{\tilde{Q}\in \mathcal{Q}}P(Q_n=\tilde{Q})P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})\hfill \end{array}$$ (63)

$$\begin{array}{cc}\hfill & ={\displaystyle \sum _{k=1}^3}{\displaystyle \sum _{j=1}^2}P(Q_n=W_k^j)\frac{1}{P(Q_n^{\left[T_i\right]}=W_k^j)}\frac{2}{3}p{e}^{ϵ}+P(Q_n=\varphi )\frac{1}{P(Q_n=\varphi )}\frac{2p}{3}\hfill \end{array}$$

$$\begin{array}{cc}\hfill & +20P(Q_n=\widehat{Q})\frac{1}{P(Q_n=\widehat{Q})}\frac{2p{e}^{ϵ}}{3}\hfill \end{array}$$ (64)

$$\begin{array}{cc}\hfill & =4p{e}^{ϵ}+\frac{2p}{3}+\frac{40p{e}^{ϵ}}{3}\hfill \end{array}$$ (65)

$$\begin{array}{cc}\hfill & =\frac{52e^{ϵ}+2}{9(8e^{ϵ}+1)}.\hfill \end{array}$$ (66)

where $\mathcal{Q}$ is the set of all queries and $\widehat{Q}$ is a query of the form ${\sum }_{s=1}^{\ell }{W}_{k_s}^{j_s}$ for $\ell \in \{2,3\}$. The resulting amount of deception is,

$$\begin{array}{cc}\hfill D& =P_e-\left(1-\frac{1}{K}\right)=\frac{52e^{ϵ}+2}{9(8e^{ϵ}+1)}-\frac{2}{3}=\frac{4(e^{ϵ}-1)}{9(8e^{ϵ}+1)}.\hfill \end{array}$$ (67)

Therefore, for a required amount of deception $d<\frac{1}{18}$, $ϵ$ is chosen as $ϵ=ln\left(\frac{9d+4}{4(1-18d)}\right)$.

Without loss of generality, consider the cost of downloading $W_1$, which is the same as the expected download cost, as the scheme is symmetric across all file retrievals.

$$\begin{array}{cc}\hfill D_L& =\frac{1}{L}\left(L\times 3p+\frac{3L}{2}\times 24p{e}^{ϵ}+\frac{3L}{2}\sum _{m=0}^{\infty }{p}_{m}m\right)=\frac{1+12e^{ϵ}}{1+8e^{ϵ}}+\frac{3}{2}\mathbb{E}\left[M\right]\hfill \end{array}$$ (68)

To find the scheme that achieves the minimum $D_L$, we need to find the minimum $\mathbb{E}\left[M\right]$ that satisfies $P(R=1|\theta =i)=\alpha =\mathbb{E}\left[\frac{1}{M+1}\right]=\frac{3(1+8e^{ϵ})}{2e^{2ϵ}+24e^{ϵ}+1}$, i.e., the following optimization problem needs to be solved.

$$\begin{array}{cc}\hfill min& \mathbb{E}\left[M\right]\hfill \\ \hfill \mathrm{s}.\mathrm{t}.& \mathbb{E}\left[\frac{1}{M+1}\right]=\frac{3e^{-2ϵ}(1+8e^{ϵ})}{2+e^{-2ϵ}+24e^{-ϵ}}.\hfill \end{array}$$ (69)

The solution to this problem is given in Lemma 1. The resulting minimum download cost for a given value of $ϵ$, i.e., required level of deception d, is given by

$$\begin{array}{cc}\hfill \frac{D_{ϵ}}{L}& =\frac{1+12e^{ϵ}}{1+8e^{ϵ}}+\frac{3}{2}(2u-u(u+1)\alpha ),\alpha =\frac{3e^{-2ϵ}(1+8e^{ϵ})}{2+e^{-2ϵ}+24e^{-ϵ}},\hfill \end{array}$$ (70)

where $u=\lfloor \frac{1}{\alpha }\rfloor$. When $d=0$, it follows that $ϵ=0$, $\alpha =1$, and $u=1$, and the achievable rate is $\frac{9}{13}$, which is equal to the PIR capacity for the case $N=3,K=3$.

4.3. Generalized DIR Scheme for Arbitrary N and K

In the general DIR scheme proposed in this work, at each time $T_i$, $i\in \mathbb{N}$, when the user needs to download some file $W_k$, the user sends a set of real queries to each of the N databases. These queries are picked based on a certain probability distribution, defined on all possible sets of real queries. For the same file requirement, the user sends M dummy queries at future time instances $t_{i,j}$, $j\in \{1,\dots ,M\}$, where $t_{i,j}>T_i$. The dummy queries sent at each time $t_{i,j}$ are randomly selected from a subset of real queries. We assume that the databases are unaware of being deceived, and treat both real and dummy queries the same when calculating their predictions on the user-required file index at each time they receive a query. The overall probabilities of a given user sending each query for each file requirement are known by the databases. However, the decomposition of these probabilities based on whether each query is used as a real or a dummy query is not known by the databases. It is also assumed that the databases only store the queries received at the current time instance.

The main components of the general scheme include (1) $N^K$ possible sets of real queries to be sent to the N databases for each file requirement and their probabilities, (2) $N-1$ possible sets of dummy queries and their probabilities, (3) overall probabilities of sending each query for each of the K file requirements of the user. Note that (1) and (2) are only known by the user, while (3) is known by the databases.

As shown in the examples considered, the set of all possible real queries takes the form of the queries in the probabilistic PIR scheme in [23,24], with a non-uniform probability distribution, unlike in PIR. The real query table used when retrieving $W_k$ consists of the following queries:

1. Single blocks: $W_k$ is divided into $N-1$ parts, and each part is requested from $N-1$ databases, while requesting nothing $\varphi$ from the remaining database. All cyclic shifts of these queries are considered in the real query table.

2. Sums of two blocks/Single block: One database is used to download $W_j^l$, $l\in \{1,\dots ,N-1\},j\ne k$ and each one in the rest of the $N-1$ databases is used to download $W_k^r+W_j^l$ for each $r\in \{1,\dots ,N-1\}$. All cyclic shifts of these queries are also considered as separate possible sets of queries.

3. Sums of three/Two blocks: One database is used to download $W_{j_1}^{{\ell }_1}+W_{j_2}^{{\ell }_2}$, ${\ell }_1,{\ell }_2\in \{1,\dots ,N-1\}$ and $j_1\ne j_2\ne k$. Each one in the rest of the $N-1$ databases is used to download $W_{j_1}^{l_1}+W_{j_2}^{l_2}+W_k^r$ for each $r\in \{1,\dots ,N-1\}$. All cyclic shifts of these queries are also considered as separate possible sets of queries.

4. Sums of $\mathbf{K}$ and $\mathbf{K}-\mathbf{1}$ blocks: The above process is repeated for all sums of blocks until K/$K-1$.

Out of the $N^K$ different sets of queries described above in the real query table, all queries except $\varphi$ in single blocks, i.e., queries of the form $W_k^{\ell }$, $\ell \in \{1,\dots ,N-1\}$, are chosen as $ϵ$-deceptive ones with respect to file k, for each $k\in \{1,\dots ,K\}$, and are included in the set of dummy queries sent to databases when the user-required file index is k. The $N-1$$ϵ$-deceptive queries $W_k^r$, $r\in \{1,\dots ,N-1\}$, corresponding to the kth file requirement, must guarantee the condition in (11). For that, we assign

$$\begin{array}{c}\hfill P(Q_n=W_k^r|\theta =k,R=1)=p,r\in \{1,\dots ,N-1\}\end{array}$$ (71)

and

$$\begin{array}{c}\hfill P(Q_n=W_k^r|\theta =j,R=1)=p{e}^{ϵ},r\in \{1,\dots ,N-1\},j\ne k,\end{array}$$ (72)

for each database n, $n\in \{1,\dots ,N\}$. The rest of the queries, i.e., $\varphi$ and sums of ℓ blocks where $\ell \in \{2,\dots ,K\}$, are PIR queries in the proposed scheme. Note that the query $\varphi$ is always coupled with the $ϵ$-deceptive queries with respect to file index k (required file) for correctness (see Table 6, Table 8 and Table 10). Thus, $\varphi$ is assigned the corresponding probability given by

$$\begin{array}{c}\hfill P(Q_n=\varphi |\theta =m,R=1)=p,m\in \{1,\dots ,K\},n\in \{1,\dots ,N\}.\end{array}$$ (73)

Similarly, as the rest of the PIR queries are coupled with $ϵ$-deceptive queries with respect to file indices j, $j\ne k$, or with other PIR queries, they are assigned the corresponding probability given by

$$\begin{array}{c}\hfill P(Q_n=\widehat{Q}|\theta =m,R=1)=p{e}^{ϵ},m\in \{1,\dots ,K\},n\in \{1,\dots ,N\},\end{array}$$ (74)

where $\widehat{Q}$ is any PIR query in the form of ℓ-sums with $\ell \in \{2,\dots ,K\}$. Since the probabilities of the real queries sent for each file requirement must add up to one, i.e., ${\sum }_{\tilde{Q}\in \mathcal{Q}}P(Q_n=\tilde{Q}|\theta =m,R=1)=1$ for each $m\in \{1,\dots ,K\}$, p is given by

$$\begin{array}{c}\hfill p=\frac{1}{N+(N^K-N)e^{ϵ}},\end{array}$$ (75)

as there are N query sets in the real query table with probability p, and $N^K-N$ sets with probability $p{e}^{ϵ}$. Each $ϵ$-deceptive query with respect to file index k is chosen with equal probability to be sent to the databases as dummy queries at times $t_{i,j}$ when the file requirement at the corresponding time $T_i$ is $W_k$. Since there are $N-1$ deceptive queries,

$$\begin{array}{c}\hfill P(Q_n=W_k^r|\theta =k,R=0)=\frac{1}{N-1},r\in \{1,\dots ,N-1\}\end{array}$$ (76)

and

$$\begin{array}{c}\hfill P(Q_n=W_k^r|\theta =j,R=0)=0,r\in \{1,\dots ,N-1\},j\ne k\end{array}$$ (77)

for each database n, $n\in \{1,\dots ,N\}$. Therefore, for all $ϵ$-deceptive queries with respect to file index k of the form $W_k^i$, the condition in (12) can be written as

$$\begin{array}{cc}\hfill \frac{\alpha }{\alpha +\frac{1}{p(N-1)}(1-\alpha )}& =e^{-2ϵ}\hfill \end{array}$$ (78)

thus,

$$\begin{array}{cc}\hfill \alpha & =\frac{1}{p(N-1)(e^{2ϵ}-1)+1}=\frac{N+(N^K-N)e^{ϵ}}{(N-1)e^{2ϵ}+(N^K-N)e^{ϵ}+1},\hfill \end{array}$$ (79)

which characterizes $\alpha =\mathbb{E}\left[\frac{1}{M+1}\right]$. The information available to database n, $n\in \{1,\dots ,N\}$, is the overall probability of receiving each query for each file requirement of the user $P(Q_n=\tilde{Q}|\theta =k)$, $k\in \{1,\dots ,K\}$, given by

$$\begin{array}{cc}\hfill P(Q_n=\tilde{Q}|\theta =k)& =P(Q_n=\tilde{Q}|\theta =k,R=1)P(R=1|\theta =k)\hfill \\ \hfill & +P(Q_n=\tilde{Q}|\theta =k,R=0)P(R=0|\theta =k).\hfill \end{array}$$ (80)

For $ϵ$-deceptive queries with respect to file index k, i.e., $W_k^j$, $j\in \{1,\dots ,N-1\}$, the overall probability in (80) from the perspective of database n, $n\in \{1,\dots ,N\}$, is given by

$$\begin{array}{cc}\hfill P(Q_n=W_k^j|\theta =\ell )& =\left\{\begin{array}{cc}\alpha p+\frac{1-\alpha }{N-1}=\frac{e^{2ϵ}}{(N-1)(e^{2ϵ}-1)+N+(N^K-N)e^{ϵ}},\hfill & \ell =k\hfill \\ \alpha p{e}^{ϵ}=\frac{e^{ϵ}}{(N-1)(e^{2ϵ}-1)+N+(N^K-N)e^{ϵ}},\hfill & \ell \ne k.\hfill \end{array}\right.\hfill \end{array}$$ (81)

The probability of sending the null query $\varphi$ to database n, $n\in \{1,\dots ,N\}$, for each file requirement k, $k\in \{1,\dots ,K\}$, is

$$\begin{array}{c}\hfill P(Q_n=\varphi |\theta =k)=\alpha p=\frac{1}{(N-1)(e^{2ϵ}-1)+N+(N^K-N)e^{ϵ}}.\end{array}$$ (82)

For the rest of the PIR queries denoted by $\widehat{Q}$, i.e., queries of the form ${\sum }_{s=1}^{\ell }{W}_{i_s}^{j_s}$ for $\ell \in \{2,\dots ,K\}$, the overall probability in (80), known by each database n, $n\in \{1,\dots ,N\}$ for each file requirement k, $k\in \{1,\dots ,K\}$, is given by

$$\begin{array}{c}\hfill P(Q_n=\widehat{Q}|\theta =k)=\alpha p{e}^{ϵ}=\frac{e^{ϵ}}{(N-1)(e^{2ϵ}-1)+N+(N^K-N)e^{ϵ}}.\end{array}$$ (83)

Based on the query received at a given time t, each database n, $n\in \{1,\dots ,N\}$, calculates the a posteriori probability of the user-required file index being k, $k\in \{1,\dots ,K\}$, using

$$\begin{array}{cc}\hfill P(\theta =k|Q_n=\tilde{Q})& =\frac{P(Q_n=\tilde{Q}|\theta =k)P(\theta =k)}{P(Q_n=\tilde{Q})}.\hfill \end{array}$$ (84)

Since we assume uniform priors, i.e., $P(\theta =k)=\frac{1}{K}$ for all $k\in \{1,\dots ,K\}$, the posteriors are directly proportional to $P(Q_n=\tilde{Q}|\theta =k)$ for each $\tilde{Q}$. Therefore, the databases predict the user-required file index for each query received using (5) and (81)–(83). For example, when the query $W_1^1$ is received, it is clear that the maximum $P(\theta =k|Q_n=W_1^1)$ in (5) is obtained for $k=1$ from (81) and (84). The prediction corresponding to any query received is given in Table 14 along with the corresponding probability of choosing the given prediction (The superscript j in the first column of Table 14 corresponds to any index in the set $\{1,\dots .N-1\}$).

Table 14.

Probabilities of each database predicting the user-required file.

Query $\tilde{\mathit{Q}}$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=1)$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=2)$	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=3)$	…	$\mathit{P}({\widehat{\mathit{\theta }}}_{\tilde{\mathit{Q}}}=\mathit{K})$
$W_1^j$	1	0	0	…	0
$W_2^j$	0	1	0	…	0
$W_3^j$	0	0	1	…	0
⋮	⋮	⋮	⋮	⋮	⋮
$W_K^j$	0	0	0	…	1
other queries	$\frac{1}{K}$	$\frac{1}{K}$	$\frac{1}{K}$	…	$\frac{1}{K}$

Based on the information in Table 14, the probability of error when a database n, $n\in \{1,\dots ,N\}$, receives the query $W_k^{\ell }$ at some time $T_i$ is given by

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{W_k^{\ell }}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =P({\theta }^{\left[T_i\right]}\ne k|Q_n^{\left[T_i\right]}=W_k^{\ell })\hfill \end{array}$$ (85)

$$\begin{array}{cc}\hfill & =\sum _{j=1,j\ne k}^{K}P({\theta }^{\left[T_i\right]}=j|Q_n^{\left[T_i\right]}=W_k^{\ell })\hfill \end{array}$$ (86)

$$\begin{array}{cc}\hfill & =\frac{{\sum }_{j=1,j\ne k}^{K}P(Q_n^{\left[T_i\right]}=W_k^{\ell }|{\theta }^{\left[T_i\right]}=j)P({\theta }^{\left[T_i\right]}=j)}{P(Q_n^{\left[T_i\right]}=W_k^{\ell })}\hfill \end{array}$$ (87)

$$\begin{array}{cc}\hfill & =\frac{\frac{1}{K}p{e}^{ϵ}(K-1)}{P(Q_n^{\left[T_i\right]}=W_k^{\ell })},\hfill \end{array}$$ (88)

where (88) follows from the fact that the user sends real queries based on the probabilities $P(Q_n=\tilde{Q}|\theta =k,R=1)$ at time $T_i$.

For all other queries $\tilde{Q}$, the corresponding probability of error is given by

$$\begin{array}{cc}\hfill P({\widehat{\theta }}_{\tilde{Q}}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]})& =P({\widehat{\theta }}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]}|Q_n^{\left[T_i\right]}=\tilde{Q})\hfill \end{array}$$ (89)

$$\begin{array}{cc}\hfill & =\frac{{\sum }_{j=1}^K{\sum }_{m=1,m\ne j}^{K}P({\widehat{\theta }}^{\left[T_i\right]}=m,{\theta }^{\left[T_i\right]}=j,Q_n^{\left[T_i\right]}=\tilde{Q})}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\hfill \end{array}$$ (90)

$$\begin{array}{cc}\hfill & =\frac{{\sum }_{j=1}^K{\sum }_{m=1,m\ne j}^{K}P({\widehat{\theta }}^{\left[T_i\right]}=m|{\theta }^{\left[T_i\right]}=j,Q_n^{\left[T_i\right]}=\tilde{Q})P(Q_n^{\left[T_i\right]}=\tilde{Q}|{\theta }^{\left[T_i\right]}=j)P({\theta }^{\left[T_i\right]}=j)}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\hfill \end{array}$$ (91)

$$\begin{array}{cc}\hfill & =\frac{1}{P(Q_n^{\left[T_i\right]}=\tilde{Q})}\left\{\begin{array}{cc}\frac{(K-1)p}{K},\hfill & \mathrm{if}\tilde{Q}=\varphi \hfill \\ \frac{(K-1)p{e}^{ϵ}}{K},\hfill & \mathrm{if}\tilde{Q}\mathrm{of}\mathrm{the}\mathrm{form}{\sum }_{s=1}^{\ell }{W}_{i_s}^{j_s},\ell \in \{2,\dots ,K\}\hfill \end{array}\right.\hfill \end{array}$$ (92)

where (92) follows from the fact that ${\widehat{\theta }}^{\left[T_i\right]}$ is conditionally independent of ${\theta }^{\left[T_i\right]}$ given Q from (5). The probability of error of each database’s prediction is given by

$$\begin{array}{cc}\hfill P_e& =\sum _{\tilde{Q}}P(Q_n^{\left[T_i\right]}=\tilde{Q})P({\widehat{\theta }}^{\left[T_i\right]}\ne {\theta }^{\left[T_i\right]}|Q^{\left[T_i\right]}=\tilde{Q})\hfill \end{array}$$ (93)

$$\begin{array}{cc}\hfill & ={\displaystyle \sum _{k=1}^K}{\displaystyle \sum _{\ell =1}^{N-1}}P(Q_n^{\left[T_i\right]}=W_k^{\ell })\frac{\frac{1}{K}p{e}^{ϵ}(K-1)}{P(Q_n^{\left[T_i\right]}=W_k^{\ell })}+P(Q_n^{\left[T_i\right]}=\varphi )\frac{\frac{1}{K}(K-1)p}{P(Q_n^{\left[T_i\right]}=\varphi )}\hfill \end{array}$$

$$\begin{array}{cc}\hfill & +(N^K-1-K(N-1))P\left(P(Q_n^{\left[T_i\right]}=\widehat{Q})\frac{\frac{1}{K}(K-1)p{e}^{ϵ}}{P(Q_n^{\left[T_i\right]}=\widehat{Q})}\right)\hfill \end{array}$$ (94)

$$\begin{array}{cc}\hfill & =p{e}^{ϵ}(K-1)(N-1)+\frac{(K-1)p}{K}+\frac{(K-1)p{e}^{ϵ}(N^K-1-K(N-1))}{K}\hfill \end{array}$$ (95)

$$\begin{array}{cc}\hfill & =\frac{(K-1)(1+e^{ϵ}(N^K-1))}{K(N+(N^K-N)e^{ϵ})},\hfill \end{array}$$ (96)

where $\widehat{Q}$ in (94) represents the queries of the form ${\sum }_{s=1}^{\ell }{W}_{i_s}^{j_s}$ for $\ell \in \{2,\dots ,K\}$. Note that $P(Q_n^{\left[T_i\right]}=\widehat{Q})$ is the same for each $\widehat{Q}$ as $P(Q_n^{\left[T_i\right]}=\widehat{Q}|\theta =j)=p{e}^{ϵ}$ for each $\widehat{Q}$ and all $j\in \{1,\dots ,K\}$ from (74). Thus, the amount of deception achieved by this scheme for a given $ϵ$ is given by

$$\begin{array}{c}\hfill D=P_e-\left(1-\frac{1}{K}\right)=\frac{(K-1)(N-1)(e^{ϵ}-1)}{K(N+(N^K-N)e^{ϵ})}.\end{array}$$ (97)

Therefore, for a required amount of deception d, satisfying $d<\frac{(K-1)(N-1)}{K(N^K-N)}$, the value of $ϵ$ must be chosen as

$$\begin{array}{c}\hfill ϵ=ln\left(\frac{dKN+(K-1)(N-1)}{dKN+(K-1)(N-1)-dK{N}^K}\right).\end{array}$$ (98)

The download cost of the general scheme is

$$\begin{array}{cc}\hfill D_L& =\frac{1}{L}\left(NpL+(N^K-N)p{e}^{ϵ}\frac{NL}{N-1}+\frac{NL}{N-1}\mathbb{E}\left[M\right]\right)\hfill \end{array}$$ (99)

$$\begin{array}{cc}\hfill D_L& =Np+\frac{N(N^K-N)}{N-1}p{e}^{ϵ}+\left(\frac{N}{N-1}\right)\mathbb{E}\left[M\right]\hfill \end{array}$$ (100)

$$\begin{array}{cc}\hfill D_L& =\frac{N}{N-1}\left(1-\frac{1}{N+(N^K-N)e^{ϵ}}+\mathbb{E}\left[M\right]\right).\hfill \end{array}$$ (101)

The following optimization problem needs to be solved to minimize the download cost while satisfying $\alpha =\frac{N+(N^K-N)e^{ϵ}}{(N-1)e^{2ϵ}+(N^K-N)e^{ϵ}+1}$, from (49):

$$\begin{array}{cc}\hfill min& \mathbb{E}\left[M\right]\hfill \\ \hfill \mathrm{s}.\mathrm{t}.& \mathbb{E}\left[\frac{1}{M+1}\right]=\frac{N+(N^K-N)e^{ϵ}}{(N-1)e^{2ϵ}+(N^K-N)e^{ϵ}+1}=\alpha .\hfill \end{array}$$ (102)

Lemma 1. 

The solution to the optimization problem in (102) is given by

$$\begin{array}{c}\hfill \mathbb{E}\left[M\right]=2u-u(u+1)\alpha ,\end{array}$$ (103)

where $u=\lfloor \frac{1}{\alpha }\rfloor$ for a given value of α, which is specified by the required level of deception d.

The proof of Lemma 1 is given in Appendix A. The minimum download cost for the general case with N databases, K files, and a deception requirement d is obtained by (101) and (103). The corresponding maximum achievable rate is given in (9).

5. Discussion and Conclusions

We introduced the problem of deceptive information retrieval (DIR), in which a user retrieves a file from a set of independent files stored in multiple databases, while revealing fake information about the required file to the databases, which makes the probability of error of the databases’ prediction on the user-required file index high. The proposed scheme achieves rates lower than the PIR capacity when the required level of deception is positive, as it sends dummy queries at distinct time instances to deceive the databases. When the required level of deception is zero, the achievable DIR rate is the same as the PIR capacity.

The probability of error of the databases’ prediction on the user-required file index is calculated at the time of the user’s requirement, as defined in Section 2. In the proposed scheme, the user sends dummy queries at other (future) time instances as well. As the databases are unaware of being deceived, and are unable to distinguish between the times corresponding to real and dummy queries, they make predictions on the user-required file indices every time a query is received. Note that whenever a query of the form $W_k^{\ell }$ is received, the databases’ prediction is going to be $\widehat{\theta }=k$ from Table 14. Although this is an incorrect prediction with high probability at times corresponding to the user’s real requirements, these predictions are correct when $W_k^{\ell }$ is used as a dummy query, as $W_k^{\ell }$ is only sent as a dummy query when the user needs to download file k. However, the databases are only able to obtain these correct predictions at future time instances, after which the user has already downloaded the required file while also deceiving the databases.

The reason for the requirement of the time dimension is also explained as follows. An alternative approach to using the time dimension is to select a subset of databases to send the dummy queries and to send the real queries to the rest of the databases. As explained above, whenever a database receives a query of the form $W_k^{\ell }$ as a dummy query, the database predicts the user-required file correctly. Therefore, this approach leaks information about the required file to a subset of databases, right at the time of the retrieval, while deceiving the rest. Hence, to deceive all databases at the time of retrieval, we exploit the time dimension that is naturally present in information retrieval applications that are time-sensitive.

A potential future direction of this work is an analysis on the time dimension. Note that, in this work, we assume that the databases do not keep track of the previous queries and only store the information corresponding to the current time instance. Therefore, as long as the dummy queries are sent at distinct time instances that are also different from the time of the user’s requirement, the calculations presented in this paper are valid. An extension of basic DIR can be formulated by assuming that the databases keep track of all queries received and their time stamps. This imposes additional constraints on the problem, as the databases now have extra information along the time dimension, which requires the scheme to choose the time instances at which the dummy queries are sent, in such a way that they do not leak any information about the existence of the two types (real and dummy) of queries. Another direction is to incorporate the freshness and age of information into DIR, where the user may trade the age of the required file for a reduced download cost, by making use of the previous dummy downloads present in DIR.

Appendix A. Proof of Lemma 1

The solution to the optimization problem in (102) for the general case with N databases and K files is as follows. The optimization problem in (102), for a required amount of deception d and the corresponding $ϵ$ with $\alpha =\frac{N+(N^K-N)e^{ϵ}}{(N-1)e^{2ϵ}+(N^K-N)e^{ϵ}+1}$, is given by

$$\begin{array}{cc}\hfill min& \mathbb{E}\left[M\right]={\displaystyle \sum _{m=0}^{\infty }}m{p}_m\hfill \\ \hfill \mathrm{s}.\mathrm{t}.& \mathbb{E}\left[\frac{1}{m+1}\right]={\displaystyle \sum _{m=0}^{\infty }}\left(\frac{1}{m+1}\right)p_m=\alpha \hfill \\ \hfill & {\displaystyle \sum _{m=0}^{\infty }}{p}_m=1\hfill \end{array}$$

$$\begin{array}{cc}\hfill & p_m\ge 0,m\in \{0,1,\dots \}.\hfill \end{array}$$ (A1)

We need to determine the optimum PMF of M that minimizes $\mathbb{E}\left[M\right]$ while satisfying the given condition. The Lagrangian L of this optimization problem is given by

$$\begin{array}{c}\hfill L=\sum _{m=0}^{\infty }m{p}_m+{\lambda }_1\left(\sum _{m=0}^{\infty }\left(\frac{1}{m+1}\right)p_m-\alpha \right)+{\lambda }_2\left(\sum _{m=0}^{\infty }{p}_m-1\right)-\sum _{m=0}^{\infty }{\mu }_m{p}_m.\end{array}$$ (A2)

Then, the following set of equations need to be solved to find the minimum $\mathbb{E}\left[M\right]$:

$$\begin{array}{cc}\hfill \frac{\partial L}{\partial p_m}=m+{\lambda }_1\left(\frac{1}{m+1}\right)+{\lambda }_2-{\mu }_m& =0,m\in \{0,1,\dots \}\hfill \end{array}$$ (A3)

$$\begin{array}{cc}\hfill \sum _{m=0}^{\infty }\left(\frac{1}{m+1}\right)p_m& =\alpha \hfill \end{array}$$ (A4)

$$\begin{array}{cc}\hfill \sum _{m=0}^{\infty }{p}_m& =1\hfill \end{array}$$ (A5)

$$\begin{array}{cc}\hfill {\mu }_m{p}_m& =0,m\in \{0,1,\dots \}\hfill \end{array}$$ (A6)

$$\begin{array}{cc}\hfill {\mu }_m,p_m& \ge 0,m\in \{0,1,\dots \}.\hfill \end{array}$$ (A7)

Case 1: Assume that the PMF of M contains at most two non-zero probabilities, i.e., $p_0,p_1\ge 0$ and $p_i=0$, $i\in \{2,3,\dots \}$. Then, the conditions in (A3)–(A7) are simplified as

$$\begin{array}{cc}\hfill \frac{\partial L}{\partial p_0}={\lambda }_1+{\lambda }_2-{\mu }_0& =0\hfill \end{array}$$ (A8)

$$\begin{array}{cc}\hfill \frac{\partial L}{\partial p_1}=\frac{1}{2}{\lambda }_1+{\lambda }_2-{\mu }_1& =-1\hfill \end{array}$$ (A9)

$$\begin{array}{cc}\hfill p_0+\frac{1}{2}{p}_1& =\alpha \hfill \end{array}$$ (A10)

$$\begin{array}{cc}\hfill p_0+p_1& =1\hfill \end{array}$$ (A11)

$$\begin{array}{cc}\hfill {\mu }_0{p}_0& =0\hfill \end{array}$$ (A12)

$$\begin{array}{cc}\hfill {\mu }_1{p}_1& =0\hfill \end{array}$$ (A13)

$$\begin{array}{cc}\hfill {\mu }_0,{\mu }_1,p_0,p_1& \ge 0.\hfill \end{array}$$ (A14)

From (A10) and (A11), we obtain

$$\begin{array}{cc}\hfill p_0+\frac{1}{2}(1-p_0)& =\alpha \hfill \end{array}$$ (A15)

and thus,

$$\begin{array}{c}\hfill p_0=2\alpha -1,p_1=2-2\alpha ,\end{array}$$ (A16)

which along with (A14) implies that this solution is only valid for $\frac{1}{2}\le \alpha \le 1$. The corresponding optimum value of $\mathbb{E}\left[M\right]$ is given by

$$\begin{array}{c}\hfill \mathbb{E}\left[M\right]=1-p_0=2-2\alpha ,\frac{1}{2}\le \alpha \le 1.\end{array}$$ (A17)

Case 2: Now consider the case where at most three probabilities of the PMF of M are allowed to be non-zero, i.e., $p_0,p_1,p_2\ge 0$ and $p_i=0$, $i\in \{3,4,\dots \}$. The set of conditions in (A3)–(A7) for this case is

$$\begin{array}{cc}\hfill \frac{\partial L}{\partial p_m}=m+{\lambda }_1\left(\frac{1}{m+1}\right)+{\lambda }_2-{\mu }_m& =0,m\in \{0,1,2\}\hfill \end{array}$$ (A18)

$$\begin{array}{cc}\hfill \sum _{m=0}^2\left(\frac{1}{m+1}\right)p_m& =\alpha \hfill \end{array}$$ (A19)

$$\begin{array}{cc}\hfill \sum _{m=0}^2{p}_m& =1\hfill \end{array}$$ (A20)

$$\begin{array}{cc}\hfill {\mu }_m{p}_m& =0,m\in \{0,1,2\}\hfill \end{array}$$ (A21)

$$\begin{array}{cc}\hfill {\mu }_m,p_m& \ge 0,m\in \{0,1,2\}.\hfill \end{array}$$ (A22)

The set of conditions in (A18)–(A22) can be written in a matrix form as

$$\begin{array}{c}\hfill \left[\begin{array}{cccccccc}1& 1& -1& 0& 0& 0& 0& 0\\ \frac{1}{2}& 1& 0& -1& 0& 0& 0& 0\\ \frac{1}{3}& 1& 0& 0& -1& 0& 0& 0\\ 0& 0& 0& 0& 0& 1& \frac{1}{2}& \frac{1}{3}\\ 0& 0& 0& 0& 0& 1& 1& 1\end{array}\right]\left[\begin{array}{c}{\lambda }_1\\ {\lambda }_2\\ {\mu }_0\\ {\mu }_1\\ {\mu }_2\\ p_0\\ p_1\\ p_2\end{array}\right]=\left[\begin{array}{c}0\\ -1\\ -2\\ \alpha \\ 1\end{array}\right].\end{array}$$ (A23)

Three of the above eight variables, i.e., either ${\mu }_i$ or $p_i$ for each i, are always zero according to (A21). We consider all choices of $\{{\mu }_i,p_i\}$ pairs such that one element of the pair is equal to zero, and the other one is a positive variable, and solve the system for the non-zero variables. Then we calculate the resulting $\mathbb{E}\left[M\right]$, along with the corresponding regions of u for which the solutions are applicable. For each region of u, we find the solution to (A23) that results in the minimum $\mathbb{E}\left[M\right]$. Based on this process, the optimum values of $p_i$, $i\in \{0,1,2\}$, the corresponding ranges of u, and the minimum values of $\mathbb{E}\left[M\right]$ are given in Table A1.

Table A1.

Solution to Case 2: Optimum PMF of M, valid ranges of $\alpha$, and minimum $\mathbb{E}\left[M\right]$.

Range of $\mathit{\alpha }$	${\mathit{p}}_0$	${\mathit{p}}_1$	${\mathit{p}}_2$	$\mathbb{E}\left[\mathit{M}\right]$
$\frac{1}{3}\le \alpha \le \frac{1}{2}$	0	$6\alpha -2$	$3-6\alpha$	$4-6\alpha$
$\frac{1}{2}\le \alpha \le 1$	$2\alpha -1$	$2-2\alpha$	0	$2-2\alpha$

As an example, consider the calculations corresponding to the case where ${\mu }_0>0$, ${\mu }_1={\mu }_2=0$, which implies $p_0=0$, $p_1,p_2>0$. Note that for this case, (A23) simplifies to

$$\begin{array}{c}\hfill \left[\begin{array}{ccccc}1& 1& -1& 0& 0\\ \frac{1}{2}& 1& 0& 0& 0\\ \frac{1}{3}& 1& 0& 0& 0\\ 0& 0& 0& \frac{1}{2}& \frac{1}{3}\\ 0& 0& 0& 1& 1\end{array}\right]\left[\begin{array}{c}{\lambda }_1\\ {\lambda }_2\\ {\mu }_0\\ p_1\\ p_2\end{array}\right]=\left[\begin{array}{c}0\\ -1\\ -2\\ \alpha \\ 1\end{array}\right].\end{array}$$ (A24)

The values of $p_1$ and $p_2$, from the solution of the above system, and the corresponding range of $\alpha$, from (A22), along with the resulting $\mathbb{E}\left[M\right]$, are given by

$$\begin{array}{c}\hfill p_1=6\alpha -2,p_2=3-6\alpha ,\frac{1}{3}\le \alpha \le \frac{1}{2},\mathbb{E}\left[M\right]=4-6\alpha .\end{array}$$ (A25)

Case 3: At most four non-zero elements of the PMF of M are considered in this case, i.e., $p_0,p_1,p_2,p_3\ge 0$ and $p_i=0$, $i\in \{4,5,\dots \}$. The conditions in (A3)–(A7) can be written in a matrix form as

$$\begin{array}{c}\hfill \left[\begin{array}{cccccccccc}1& 1& -1& 0& 0& 0& 0& 0& 0& 0\\ \frac{1}{2}& 1& 0& -1& 0& 0& 0& 0& 0& 0\\ \frac{1}{3}& 1& 0& 0& -1& 0& 0& 0& 0& 0\\ \frac{1}{4}& 1& 0& 0& 0& -1& 0& 0& 0& 0\\ 0& 0& 0& 0& 0& 0& 1& \frac{1}{2}& \frac{1}{3}& \frac{1}{4}\\ 0& 0& 0& 0& 0& 0& 1& 1& 1& 1\end{array}\right]\left[\begin{array}{c}{\lambda }_1\\ {\lambda }_2\\ {\mu }_0\\ {\mu }_1\\ {\mu }_2\\ {\mu }_3\\ p_0\\ p_1\\ p_2\\ p_3\end{array}\right]=\left[\begin{array}{c}0\\ -1\\ -2\\ -3\\ \alpha \\ 1\end{array}\right].\end{array}$$ (A26)

Using the same method described in Case 2, the optimum values of $p_i$, $i\in \{0,1,2,3\}$, corresponding ranges of $\alpha$, and the resulting minimum $\mathbb{E}\left[M\right]$ for Case 3 are given in Table A2.

Table A2.

Solution to Case 3: Optimum PMF of M, valid ranges of $\alpha$ and minimum $\mathbb{E}\left[M\right]$.

Range of $\mathit{\alpha }$	${\mathit{p}}_0$	${\mathit{p}}_1$	${\mathit{p}}_2$	${\mathit{p}}_3$	$\mathbb{E}\left[\mathit{M}\right]$
$\frac{1}{4}\le \alpha \le \frac{1}{3}$	0	0	$12\alpha -3$	$4-12\alpha$	$6-12\alpha$
$\frac{1}{3}\le \alpha \le \frac{1}{2}$	0	$6\alpha -2$	$3-6\alpha$	0	$4-6\alpha$
$\frac{1}{2}\le \alpha \le 1$	$2\alpha -1$	$2-2\alpha$	0	0	$2-2\alpha$

Case 4: At most five non-zero elements of the PMF of M are considered in this case, i.e., $p_0,p_1,p_2,p_3,p_4\ge 0$ and $p_i=0$, $i\in \{5,6,\dots \}$. The conditions in (A3)–(A7) can be written in a matrix form as

$$\begin{array}{c}\hfill \left[\begin{array}{cccccccccc}1& 1& -1& 0& 0& 0& 0& 0& \dots & 0\\ \frac{1}{2}& 1& 0& -1& 0& 0& 0& 0& \dots & 0\\ \frac{1}{3}& 1& 0& 0& -1& 0& 0& 0& \dots & 0\\ \frac{1}{4}& 1& 0& 0& 0& -1& 0& 0& \dots & 0\\ \frac{1}{5}& 1& 0& 0& 0& 0& -1& 0& \dots & 0\\ 0& \dots & 0& 0& 0& 1& \frac{1}{2}& \frac{1}{3}& \frac{1}{4}& \frac{1}{5}\\ 0& \dots & 0& 0& 0& 1& 1& 1& 1& 1\end{array}\right]\left[\begin{array}{c}{\lambda }_1\\ {\lambda }_2\\ {\mu }_0\\ {\mu }_1\\ {\mu }_2\\ {\mu }_3\\ {\mu }_4\\ p_0\\ p_1\\ p_2\\ p_3\\ p_4\end{array}\right]=\left[\begin{array}{c}0\\ -1\\ -2\\ -3\\ -4\\ \alpha \\ 1\end{array}\right].\end{array}$$ (A27)

Using the same method as before, the optimum values of $p_i$, $i\in \{0,1,2,3,4\}$, the corresponding ranges of $\alpha$, and the resulting minimum $\mathbb{E}\left[M\right]$ for Case 4 are given in Table A3.

Table A3.

Solution to Case 4: Optimum PMF of M, valid ranges of $\alpha$, and minimum $\mathbb{E}\left[M\right]$.

Range of $\mathit{\alpha }$	${\mathit{p}}_0$	${\mathit{p}}_1$	${\mathit{p}}_2$	${\mathit{p}}_3$	${\mathit{p}}_4$	$\mathbb{E}\left[\mathit{M}\right]$
$\frac{1}{5}\le \alpha \le \frac{1}{4}$	0	0	0	$20\alpha -4$	$5-20\alpha$	$8-20\alpha$
$\frac{1}{4}\le \alpha \le \frac{1}{3}$	0	0	$12\alpha -3$	$4-12\alpha$	0	$6-12\alpha$
$\frac{1}{3}\le \alpha \le \frac{1}{2}$	0	$6\alpha -2$	$3-6\alpha$	0	0	$4-6\alpha$
$\frac{1}{2}\le \alpha \le 1$	$2\alpha -1$	$2-2\alpha$	0	0	0	$2-2\alpha$

Note that the PMF of M and the resulting $\mathbb{E}\left[M\right]$ are the same for a given $\alpha$ in all cases (see Table A1, Table A2 and Table A3) irrespective of the support of the PMF of M considered. Therefore, we observe from the above cases that, for a given $\alpha$ in the range $\frac{1}{\ell +1}\le \alpha \le \frac{1}{\ell }$, $\mathbb{E}\left[M\right]$ is minimized when the PMF of M is such that

$$\begin{array}{c}\hfill p_{\ell },p_{\ell -1}>0,\mathrm{and}{p}_i=0\mathrm{for}i\in {\mathbb{Z}}^{+}\setminus \{\ell ,\ell -1\},\end{array}$$ (A28)

which requires $p_{\ell }$ and $p_{\ell -1}$ to satisfy

$$\begin{array}{cc}\hfill p_{\ell }+p_{\ell -1}& =1\hfill \end{array}$$ (A29)

$$\begin{array}{cc}\hfill \mathbb{E}\left[\frac{1}{M+1}\right]=p_{\ell }\frac{1}{\ell +1}+p_{\ell -1}\frac{1}{\ell }& =\alpha .\hfill \end{array}$$ (A30)

Therefore, for a given $\alpha$ in the range $\frac{1}{\ell +1}\le \alpha \le \frac{1}{\ell }$, the optimum PMF of M and the resulting minimum $\mathbb{E}\left[M\right]$ are given by

$$\begin{array}{c}\hfill p_{\ell }=(\ell +1)(1-\ell \alpha ),p_{\ell -1}=\ell ((\ell +1)\alpha -1),\mathbb{E}\left[M\right]=2\ell -\alpha \ell (\ell +1).\end{array}$$ (A31)

Author Contributions

Formal analysis, S.V.; Investigation, S.V.; Writing—original draft, S.V.; Writing—review & editing, S.U.; Supervision, S.U.; Project administration, S.U. All authors have read and agreed to the published version of the manuscript.

Institutional Review Board Statement

Not applicable.

Data Availability Statement

No new data were created or analyzed in this study. Data sharing is not applicable to this article.

Conflicts of Interest

The authors declare no conflicts of interest.

Funding Statement

This research received no external funding.