Lower-Cost ∈-Private Information Retrieval

Raphael R. Toledo 1 , George Danezis 1  and Ian Goldberg 2
  • 1 University College London
  • 2 University of Waterloo


Private Information Retrieval (PIR), despite being well studied, is computationally costly and arduous to scale. We explore lower-cost relaxations of information-theoretic PIR, based on dummy queries, sparse vectors, and compositions with an anonymity system. We prove the security of each scheme using a flexible differentially private definition for private queries that can capture notions of imperfect privacy. We show that basic schemes are weak, but some of them can be made arbitrarily safe by composing them with large anonymity systems.

If the inline PDF is not rendering correctly, you can download the PDF file here.

  • [1] Aguilar-Melchor, C., Barrier, J., Fousse, L., Killijian, M.O.: XPIR: Private Information Retrieval for Everyone. Proceedings on Privacy Enhancing Technologies 2016(2), 155-174 (2016)

  • [2] Aguilar Melchor, C., Gaborit, P.: A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol. In: Western European Workshop on Research in Cryptology (2007)

  • [3] Andres, M.E., Bordenabe, N.E., Chatzikokolakis, K., Palamidessi, C.: Geo-indistinguishability: differential privacy for location-based systems. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. pp. 901-914 (2013)

  • [4] Asonov, D., Freytag, J.C.: Almost optimal private information retrieval. In: Dingledine, R., Syverson, P.F. (eds.) Privacy Enhancing Technologies, Second International Workshop, PET 2002, San Francisco, CA, USA, April 14-15, 2002, Revised Papers. Lecture Notes in Computer Science, vol. 2482, pp. 209-223. Springer (2002), http://dx.doi.org/10.1007/3-540-36467-6_16

  • [5] Balsa, E., Troncoso, C., Diaz, C.: OB-PWS: Obfuscation- Based Private Web Search. In: Security and Privacy (SP), 2012 IEEE Symposium on. pp. 491-505. IEEE (2012)

  • [6] Beimel, A., Stahl, Y.: Robust Information-Theoretic Private Information Retrieval. In: 3rd Conference on Security in Communication Networks. pp. 326-341 (2002)

  • [7] Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free mix routes and how to overcome them. In: Designing Privacy Enhancing Technologies. pp. 30-45. Springer (2001)

  • [8] Borisov, N., Danezis, G., Goldberg, I.: DP5: A private presence service. PoPETs 2015(2), 4-24 (2015), http://www.degruyter.com/view/j/popets.2015.2015.issue-2/popets-2015-0008/popets-2015-0008.xml

  • [9] Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communication of the ACM 24(2) (1981)

  • [10] Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. Presented at the 36th Annual IEEE Symposium on Foundations of Computer Science (1995)

  • [11] Danezis, G., Syverson, P.F.: Bridging and fingerprinting: Epistemic attacks on route selection. In: Borisov, N., Goldberg, I. (eds.) Privacy Enhancing Technologies, 8th International Symposium, PETS 2008, Leuven, Belgium, July 23-25, 2008, Proceedings. Lecture Notes in Computer Science, vol. 5134, pp. 151-166. Springer (2008), http://dx.doi.org/10.1007/978-3-540-70630-4_10

  • [12] Demmler, D., Herzberg, A., Schneider, T.: RAID-PIR: Practical Multi-Server PIR. In: 6th ACM Workshop on Cloud Computing Security (CCSW). pp. 45-56 (2014)

  • [13] Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The second-generation onion router. In: USENIX Security Symposium, August 9-13, 2004, USA. pp. 303-320 (2004)

  • [14] Dwork, C.: Differential privacy. International Colloquium on Automata, Languages and Programming (2006)

  • [15] Ghinita, G., Kalnis, P., Skiadopoulos, S.: Privé: Anonymous Location-Based Queries in Distributed Mobile Systems. In: 16th International Conference on World Wide Web. pp. 371-380. ACM (2007)

  • [16] Goldberg, I.: Improving the Robustness of Private Information Retrieval. In: 28th IEEE Symposium on Security and Privacy. pp. 131- 148 (2007)

  • [17] Henry, R., Huang, Y., Goldberg, I.: One (Block) Size Fits All: PIR and SPIR Over Arbitrary-Length Records via Multiblock PIR Queries. In: 20th Network and Distributed System Security Symposium (2013)

  • [18] Herrmann, D., Maaß, M., Federrath, H.: Evaluating the security of a DNS query obfuscation scheme for private web surfing. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Kalam, A.A.E., Sans, T. (eds.) ICT Systems Security and Privacy Protection - 29th IFIP TC 11 International Conference, SEC 2014, Marrakech, Morocco, June 2-4, 2014. Proceedings. IFIP Advances in Information and Communication Technology, vol. 428, pp. 205-219. Springer (2014), http://dx.doi.org/10.1007/978-3-642-55415-5_17

  • [19] Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: 2nd international conference on Mobile systems, applications, and services. pp. 177-189 (2004)

  • [20] Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Batch codes and their applications. Proceedings of the 36th Annual ACM Symposium on Theory of Computing (2004)

  • [21] Kido, H., Yanagisawa, Y., Satoh, T.: An anonymous communication technique using dummies for location-based services. In: Pervasive Services, 2005. ICPS’05. pp. 88-97. IEEE (2005)

  • [22] Laurie, B., Langley, A., Kasper, E.: Certificate transparency. RFC 6962 (June 2013)

  • [23] Lueks, W., Goldberg, I.: Sublinear Scaling for Multi-Client Private Information Retrieval. In: 19th International Conference on Financial Cryptography and Data Security (2015)

  • [24] Mittal, P., Olumofin, F., Troncoso, C., Borisov, N., Goldberg, I.: PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval. In: 20th USENIX Security Symposium. pp. 475-490 (2011)

  • [25] Olumofin, F., Goldberg, I.: Revisiting the Computational Practicality of Private Information Retrieval. In: 15th International Conference on Financial Cryptography and Data Security. pp. 158-172 (2011)

  • [26] Ostrovsky, R., Kushilevitz, E.: Replication is not needed: single database, computationally-private information retrieval. Proceedings of the 38th Annual Symposium on Foundations of Computer Science (1997)

  • [27] Roy, I., Setty, S.T.V., Kilzer, A., Shmatikov, V., Wichel, E.: Airavat: Security and privacy for mapreduce. Symposium on Networked Systems Design and Implementation (2010)

  • [28] Saint-Jean, F., Johnson, A., Boneh, D., Feigenbaum, J.: Private web search. In: Ning, P., Yu, T. (eds.) Proceedings of the 2007 ACM Workshop on Privacy in the Electronic Society, WPES 2007, Alexandria, VA, USA, October 29, 2007. pp. 84-90. ACM (2007), http://doi.acm.org/10.1145/1314333.1314351

  • [29] Sarwate, D.: http://math.stackexchange.com/questions/82841/probability-that-a-n-frac12-binomial-random-variableis-even (2011)

  • [30] Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. ACM Conference on Computer and Communications Security (2015)

  • [31] Sion, R., Carbunar, B.: On the practicality of private information retrieval. Proceedings of the Network and Distributed System Security Symposium (2007)

  • [32] Wang, T., Cai, X., Nithyanand, R., Johnson, R., Goldberg, I.: Effective attacks and provable defenses for website fingerprinting. In Proceedings of the 23rd UNESIX Security Symposium (2014)

  • [33] Zhao, F., Hori, Y., Sakurai, K.: Analysis of privacy disclosure in DNS query. In: 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE 2007), 26-28 April 2007, Seoul, Korea. pp. 952-957. IEEE Computer Society (2007), http://dx.doi.org/10.1109/MUE.2007.84


Journal + Issues