XPIR : Private Information Retrieval for Everyone

Open access


A Private Information Retrieval (PIR) scheme is a protocol in which a user retrieves a record from a database while hiding which from the database administrators. PIR can be achieved using mutuallydistrustful replicated databases, trusted hardware, or cryptography. In this paper we focus on the later setting which is known as single-database computationally- Private Information Retrieval (cPIR). Classic cPIR protocols require that the database server executes an algorithm over all the database content at very low speeds which impairs their usage. In [1], given certain assumptions, realistic at the time, Sion and Carbunar showed that cPIR schemes were not practical and most likely would never be. To this day, this conclusion is widely accepted by researchers and practitioners. Using the paradigm shift introduced by lattice-based cryptography, we show that the conclusion of Sion and Carbunar is not valid anymore: cPIR is of practical value. This is achieved without compromising security, using standard crytosystems, and conservative parameter choices.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] R. Sion and B. Carbunar “On the Computational Practicality of Private Information Retrieval” in 14th ISOC Network and Distributed Systems Security Symposium (NDSS’07) San Diego CA USA 2007.

  • [2] B. Chor O. Goldreich E. Kushilevitz and M. Sudan “Private Information Retrieval” in 46th IEEE Symposium on Foundations of Computer Science (FOCS’95) Pittsburgh PA USA pp. 41-50 IEEE Computer Society Press 1995.

  • [3] W. Gasarch “A Survey on Private Information Retrieval” Bulletin of the European Association for Theoretical Computer Science vol. 82 pp. 72-107 Feb. 2004. Columns: Computational Complexity.

  • [4] A. Kiayias and M. Yung “Secure Games with Polynomial Expressions” in ICALP: Annual International Colloquium on Automata Languages and Programming 2001.

  • [5] C. Aguilar Melchor and P. Gaborit “A Fast Private Information Retrieval Protocol” in The 2008 IEEE International Symposium on Information Theory (ISIT’08) Toronto Ontario Canada pp. 1848-1852 IEEE Computer Society Press 2008.

  • [6] J. T. Trostle and A. Parrish “Efficient computationally private information retrieval from anonymity or trapdoor groups” in ISC (M. Burmester G. Tsudik S. S. Magliveras and I. Ilic eds.) vol. 6531 of Lecture Notes in Computer Science pp. 114-128 Springer 2010.

  • [7] J. P. Stern “A New Efficient All-Or-Nothing Disclosure of Secrets Protocol.” in 13th Annual International Conference on the Theory and Application of Cryptology & Information Security (ASIACRYPT’98) Beijing China vol. 1514 of Lecture Notes in Computer Science pp. 357-371 Springer 1998.

  • [8] H. Lipmaa “First cpir protocol with data-dependent computation” in Proceedings of the 12th International Conference on Information Security and Cryptology ICISC’09 (Berlin Heidelberg) pp. 193-210 Springer-Verlag 2010.

  • [9] R. Ostrovsky and W. E. Skeith III “Private Searching on Streaming Data” in Advances in Cryptology - CRYPTO 2005: 25th Annual International Cryptology Conference Santa Barbara California USA August 14-18 2005 Proceedings vol. 3621 of Lecture Notes in Computer Science pp. 223-240 Springer 2005.

  • [10] D. Bleichenbacher A. Kiayias and M. Yung “Decoding of Interleaved Reed Solomon Codes over Noisy Data” in Automata Languages and Programming 30th International Colloquium ICALP 2003 Eindhoven The Netherlands June 30 - July 4 2003. Proceedings (J. C. M. Baeten J. K. Lenstra J. Parrow and G. J. Woeginger eds.) vol. 2719 of Lecture Notes in Computer Science pp. 97-108 Springer 2003.

  • [11] D. Coppersmith and M. Sudan “Reconstructing curves in three (and higher) dimensional space from noisy data” in Proceedings of the 35th Annual ACM Symposium on Theory of Computing STOC’2003 (San Diego California USA June 9-11 2003) (New York) pp. 136-142 ACM Press 2003.

  • [12] S. Arora and R. Ge “New algorithms for learning in presence of errors” in Automata Languages and Programming 30th International Colloquium ICALP 2003 Eindhoven The Netherlands June 30 - July 4 2003. Proceedings pp. 403-415 Springer 2011.

  • [13] J. Bi M. Liu and X. Wangi “Cryptanalysis of a homomorphic encryption scheme from isit 2008” in Information Theory Proceedings (ISIT) 2012 IEEE International Symposium on pp. 2152-2156 2012.

  • [14] T. Lepoint and M. Tibouchi “Cryptanalysis of a (somewhat) additively homomorphic encryption scheme used in pir” in WAHC’15 - 3rd Workshop on Encrypted Computing and Applied Homomorphic Cryptography 2015.

  • [15] C. Aguilar Melchor B. Crespin P. Gaborit V. Jolivet and P. Rousseau “High-speed Private Information Retrieval Computation on GPU” in Second International Conference on Emerging Security Information Systems and Technologies (SECURWARE’08) Cap Esterel France pp. 263-272 IEEE Computer Society Press 2008.

  • [16] P. Mittal F. G. Olumofin C. Troncoso N. Borisov and I. Goldberg “Pir-tor: Scalable anonymous communication using private information retrieval.” in USENIX Security Symposium 2011.

  • [17] R. Henry Y. Huang and I. Goldberg “One (block) size fits all: Pir and spir with variable-length records via multi-block queries” Proceedings of NDSS 2013.

  • [18] T. Mayberry E.-O. Blass and A. H. Chan “Efficient private file retrieval by combining ORAM and PIR” in Proceedings of Annual Network & Distributed System Security Symposium pp. 1-11 Citeseer 2014.

  • [19] E.-O. Blass R. Di Pietro R. Molva and M. Önen “Prism - privacy-preserving search in mapreduce” in Privacy Enhancing Technologies (S. Fischer-Hübner and M. Wright eds.) vol. 7384 of Lecture Notes in Computer Science pp. 180-200 Springer Berlin Heidelberg 2012.

  • [20] F. Olumofin P. Tysowski I. Goldberg and U. Hengartner “Achieving efficient query privacy for location based services” in Privacy Enhancing Technologies (M. Atallah and N. Hopper eds.) vol. 6205 of Lecture Notes in Computer Science pp. 93-110 Springer Berlin Heidelberg 2010.

  • [21] F. Olumofin and I. Goldberg “Privacy-preserving queries over relational databases” in Privacy Enhancing Technologies (M. Atallah and N. Hopper eds.) vol. 6205 of Lecture Notes in Computer Science pp. 75-92 Springer Berlin Heidelberg 2010.

  • [22] C. Devet and I. Goldberg “The best of both worlds: Combining information-theoretic and computational pir for communication efficiency” in Privacy Enhancing Technologies pp. 63-82 Springer 2014.

  • [23] V. Lyubashevsky C. Peikert and O. Regev “On ideal lattices and learning with errors over rings” in EUROCRYPT’ 2010 vol. 6110 of Lecture Notes in Computer Science pp. 1-23 Springer 2010.

  • [24] W. Gasarch and A. Yerukhimovich “Computational inexpensive PIR” 2006. Draft available online at http://www.cs.umd.edu/~arkady/pir/pirComp.pdf.

  • [25] O. Regev “New lattice based cryptographic constructions” Journal of the ACM vol. 51 no. 6 pp. 899-942 2004.

  • [26] S. W. Smith and D. Safford “Practical server privacy with secure coprocessors” IBM Systems Journal vol. 40 no. 3 pp. 683-695 2001.

  • [27] E. Kushilevitz and R. Ostrovsky “Replication is not needed: Single database computationally-private information retrieval (extended abstract)” in FOCS: IEEE Symposium on Foundations of Computer Science (FOCS) pp. 364-373 1997.

  • [28] F. Olumofin and I. Goldberg “Revisiting the computational practicality of private information retrieval” in Financial Cryptography and Data Security (G. Danezis ed.) vol. 7035 of Lecture Notes in Computer Science pp. 158-172 Springer Berlin Heidelberg 2012.

  • [29] Gilles Brassard and Claude Crépeau and Jean-Marc Robert “All-or-Nothing Disclosure of Secrets” in CRYPTO (A. M. Odlyzko ed.) vol. 263 of Lecture Notes in Computer Science pp. 234-238 Springer 1986.

  • [30] Z. Brakerski and V. Vaikuntanathan “Fully homomorphic encryption from ring-lwe and security for key dependent messages” in Advances in Cryptology - CRYPTO 2011 -31st Annual Cryptology Conference vol. 6841 p. 501 2011.

  • [31] Y. Doröz B. Sunar and G. Hammouri “Bandwidth efficient pir from ntru” in 2nd Workshop on Applied Homomorphic Cryptography and Encrypted Computing - WAHC’14 pp. 195-207 Springer 2014.

  • [32] A. Kiayias N. Leonardos H. Lipmaa K. Pavlyk and Q. Tang “Optimal rate private information retrieval from homomorphic encryption” PoPETs vol. 2015 no. 2 pp. 222-243 2015.

  • [33] D. Pointcheval “Le chiffrement asymétrique et la sécurité prouvée” Habilitation à diriger des recherches Université Paris VII 2002.

  • [34] S. Goldwasser and S. Micali “Probabilistic encryption” Journal of Computer and System Sciences vol. 28 no. 2 pp. 270-299 1984.

  • [35] R. Lindner and C. Peikert “Better key sizes (and attacks) for lwe-based encryption” in CT-RSA (A. Kiayias ed.) vol. 6558 of Lecture Notes in Computer Science pp. 319-339 Springer 2011.

  • [36] H. Lipmaa “An oblivious transfer protocol with log-squared communication” in 8th Information Security Conference (ISC’05) Singapore vol. 3650 of Lecture Notes in Computer Science pp. 314-328 Springer 2005.

  • [37] M. J. Freedman Y. Ishai B. Pinkas and O. Reingold “Keyword Search and Oblivious Pseudorandom Functions” vol. 3378 of Lecture Notes in Computer Science pp. 303-324 Springer 2005.

  • [38] R. Ostrovsky and W. E. Skeith III “Private searching on streaming data” J. Cryptology vol. 20 no. 4 pp. 397-430 2007.

  • [39] M. Finiasz and K. Ramchandran “Private Stream Search at the same communication cost as a regular search: Role of LDPC codes” in Information Theory Proceedings (ISIT) 2012 IEEE International Symposium on pp. 2556-2560 2012.

  • [40] P. Paillier “Public-key cryptosystems based on composite degree residuosity classes” in 18th Annual Eurocrypt Conference (EUROCRYPT’99) Prague Czech Republic vol. 1592 of Lecture Notes in Computer Science pp. 223-238 Springer 1999.

  • [41] N. Göttert T. Feller M. Schneider J. Buchmann and S. Huss “On the design of hardware building blocks for modern lattice-based encryption schemes” in Cryptographic Hardware and Embedded Systems - CHES 2012 (E. Prouff and P. Schaumont eds.) vol. 7428 of Lecture Notes in Computer Science pp. 512-529 Springer Berlin Heidelberg 2012.

  • [42] S. Halevi and V. Shoup “Design and implementation of a homomorphic-encryption library” 2013.

  • [43] Z. Brakerski C. Gentry and V. Vaikuntanathan “(leveled) fully homomorphic encryption without bootstrapping” in Proceedings of the 3rd Innovations in Theoretical Computer Science Conference ITCS ’12 (New York NY USA) pp. 309-325 ACM 2012.

  • [44] D. Harvey “Faster arithmetic for number-theoretic transforms” J. Symb. Comput. vol. 60 pp. 113-119 2014.

  • [45] T. Güneysu T. Oder T. Pöppelmann and P. Schwabe “Software speed records for lattice-based signatures” in Post-Quantum Cryptography (P. Gaborit ed.) vol. 7932 of Lecture Notes in Computer Science pp. 67-82 Springer-Verlag Berlin Heidelberg 2013. Document ID: d67aa537a6de60813845a45505c313 http://cryptojedi.org/papers/#lattisigns.

  • [46] ISO/IEC “High efficiency coding and media delivery in heterogeneous environments - part 2: High efficiency video coding” Tech. Rep. ISO/IEC 23008-2:2013 International Standards Organization Publication 2013.

  • [47] J. Ohm G. Sullivan H. Schwarz T. K. Tan and T. Wiegand “Comparison of the coding efficiency of video coding standards;including high efficiency video coding (hevc)” Circuits and Systems for Video Technology IEEE Transactions on vol. 22 pp. 1669-1684 Dec 2012.

  • [48] T. Gupta N. Crooks S. Setty L. Alvisi and M. Walfish “Scalable and private media consumption with popcorn.” Cryptology ePrint Archive Report 2015/489 2015. http: //eprint.iacr.org/.

  • [49] R. Sinha C. Papadopoulos and J. Heidemann “Internet packet size distributions: Some observations” Tech. Rep. ISI-TR-2007-643 USC/Information Sciences Institute May 2007. Orignally released October 2005 as web page http://netweb.usc.edu/~rsinha/pkt-sizes/.

Journal information
Cited By
All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 661 384 9
PDF Downloads 367 221 7