Polynomial Batch Codes for Efficient IT-PIR

Open access


Private information retrieval (PIR) is a way for clients to query a remote database without the database holder learning the clients’ query terms or the responses they generate. Compelling applications for PIR are abound in the cryptographic and privacy research literature, yet existing PIR techniques are notoriously inefficient. Consequently, no such PIRbased application to date has seen real-world at-scale deployment. This paper proposes new “batch coding” techniques to help address PIR’s efficiency problem. The new techniques exploit the connection between ramp secret sharing schemes and efficient information-theoretically secure PIR (IT-PIR) protocols. This connection was previously observed by Henry, Huang, and Goldberg (NDSS 2013), who used ramp schemes to construct efficient “batch queries” with which clients can fetch several database records for the same cost as fetching a single record using a standard, non-batch query. The new techniques in this paper generalize and extend those of Henry et al. to construct “batch codes” with which clients can fetch several records for only a fraction the cost of fetching a single record using a standard non-batch query over an unencoded database. The batch codes are highly tuneable, providing a means to trade off (i) lower server-side computation cost, (ii) lower server-side storage cost, and/or (iii) lower uni- or bi-directional communication cost, in exchange for a comparatively modest decrease in resilience to Byzantine database servers.

[1] Carlos Aguilar-Melchor and Philippe Gaborit. A fast private information retrieval protocol. In Proceedings of ISIT 2008, pages 1848-1852, Toronto, ON, Canada (July 2008).

[2] Amos Beimel, Yuval Ishai, Eyal Kushilevitz, and Jean-François Raymond. Breaking the O(n1/(2k−1) ) barrier for information-theoretic private information retrieval. In Proceedings of FOCS2002, pages 261-270, Vancouver, BC, Canada (November 2002).

[3] Amos Beimel, Yuval Ishai, and Tal Malkin. Reducing the servers’ computation in private information retrieval: PIR with preprocessing. Journal of Cryptology, 17(2):125-151 (March 2004).

[4] Amos Beimel and Yoav Stahl. Robust information-theoretic private information retrieval. In Proceedings of SCN2002, volume 2576 of LNCS, pages 326-341, Amalfi, Italy (September 2002).

[5] Amos Beimel and Yoav Stahl. Robust information-theoretic private information retrieval. Journal of Cryptology, 20(3):295-321 (July 2007).

[6] Michael Ben-Or, Shafi Goldwasser, and Avi Wigderson. Completeness theorems for non-cryptographic fault-tolerant distributed computation (Extended abstract). In Proceedings of STOC1988, pages 1-10, Chicago, IL, USA (May 1988).

[7] George R. Blakley and Catherine Meadows. Security of ramp schemes. In Advances in Cryptology: Proceedings of CRYPTO1984, volume 196 of LNCS, pages 242-268, Santa Barbara, CA, USA (August 1984).

[8] Dan Boneh, Craig Gentry, Shai Halevi, Frank Wang, and David J. Wu. Private database queries using somewhat homomorphic encryption. In Proceedings of ACNS2013, volume 7954 of LNCS, pages 102-118, Banff, AB, Canada (June 2013).

[9] Christian Cachin, Silvio Micali, and Markus Stadler. Computationally private information retrieval with polylogarithmic communication. In Advances in Cryptology: Proceedings of EUROCRYPT 1999, volume 1592 of LNCS, pages 402-414, Prague, Czech Republic (May 1999).

[10] Jan Camenisch, Gregory Neven, and abhi shelat. Simulatable adaptive oblivious transfer. In Advances in Cryptology: Proceedings of EUROCRYPT 2007, volume 4515 of LNCS, pages 573-590, Barcelona, Spain (May 2007).

[11] Yan-Cheng Chang. Single database private information retrieval with logarithmic communication. In Proceedings of ACISP 2004, volume 3108 of LNCS, pages 50-61, Sydney, Australia (July 2004).

[12] David Chaum. Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM (CACM), 24(2):84-88 (February 1981).

[13] David Chaum, Richard Carback, Jeremy Clark, Aleksander Essex, Stefan Popoveniuc, Ronald L. Rivest, Peter Y. A. Ryan, Emily Shen, Alan T. Sherman, and Poorvi L. Vora. Scantegrity II: End-to-end verifiability by voters of optical scan elections through confirmation codes. IEEE Transactions on Forensics and Security (TIFS), 4(4):611-627 (December 2009).

[14] Benny Chor and Niv Gilboa. Computationally private information retrieval (Extended abstract). In Proceedings of STOC1997, pages 304-313, El Paso, TX, USA (May 1997).

[15] Benny Chor, Niv Gilboa, and Moni Naor. Private information retrieval by keywords. Technical Report CS0917, Technion-Israel Institute of Technology, Haifa, Israel (February 1997).

[16] Benny Chor, Oded Goldreich, Eyal Kushilevitz, and Madhu Sudan. Private information retrieval. In Proceedings of FOCS1995, pages 41-50, Milwaukee, WI, USA (October 1995).

[17] Benny Chor, Eyal Kushilevitz, Oded Goldreich, and Madhu Sudan. Private information retrieval. Journal of the ACM (JACM), 45(6):965-981 (November 1998).

[18] Henry Cohn and Nadia Heninger. Approximate common divisors via lattices. In Proceedings of ANTS X (2012), volume 1, number 1 of The Open Book Series, pages 271-293, San Diego, CA, USA (July 2012).

[19] Ivan Damgård and Mads Jurik. A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In Proceedings of PKC2001, volume 1992 of LNCS, pages 119-136, Jeju Island, South Korea (February 2001).

[20] George Danezis, Roger Dingledine, and Nick Mathewson. Mixminion: Design of a type III anonymous remailer protocol. In Proceedings of IEEE S&P2003, pages 2-15, Oakland, CA, USA (May 2003).

[21] Danniel Demmler, Amir Herzberg, and Thomas Schneider. RAIDPIR: Practical multi-server PIR. In Proceedings of CCSW2014, pages 45-56, Scottsdale, AZ, USA (November 2014).

[22] Casey Devet, Ian Goldberg, and Nadia Heninger. Optimally robust private information retrieval. In Proceedings of USENIX Security 2012, pages 269-283, Bellevue, WA, USA (August 2012).

[23] Roger Dingledine, Nick Mathewson, and Paul F. Syverson. Tor: The second-generation onion router. In Proceedings of USENIX Security 2004, San Diego, CA, USA (August 2004).

[24] Zeev Dvir and Sivakanth Gopi. 2-server PIR with sub-polynomial communication. In Proceedings of STOC2015, pages 577-584, Portland, OR, USA (June 2015).

[25] Giulia C. Fanti and Kannan Ramchandran. Efficient private information retrieval over unsynchronized databases. IEEE Journal of Selected Topics in Signal Processing (J-STSP), 9(7):1229-1239 (October 2015).

[26] Free Software Foundation. GNU multiple precision arithmetic library; version 6.1.0 [computer software]. Available from: http://www.shoup.net/ntl/ (November 2015).

[27] Craig Gentry and Zulfikar Ramzan. Single-database private information retrieval with constant communication rate. In Proceedings of ICALP 2005, volume 3580 of LNCS, pages 803-815, Lisbon, Portugal (July 2005).

[28] Yael Gertner, Yuval Ishai, Eyal Kushilevitz, and Tal Malkin. Protecting data privacy in private information retrieval schemes. Journal of Computer and System Science (JCSS), 60(3):592-629 (June 2000).

[29] Ian Goldberg. Improving the robustness of private information retrieval. In Proceedings of IEEE S&P2007, pages 131-148, Oakland, CA, USA (May 2007).

[30] Ian Goldberg, Casey Devet, Wouter Lueks, Ann Yang, Paul Hendry, and Ryan Henry. Percy++ / PIR in C++; version 1.0 [computer software]. Available from: git://git-crysp.uwaterloo.ca/percy (October 2014).

[31] Shafi Goldwasser and Silvio Micali. Probabilistic encryption and how to play mental poker keeping secret all partial information. In Proceedings of STOC1982, pages 365-377, San Francisco, CA, USA (May 1982).

[32] Trinabh Gupta, Natacha Crooks, Whitney Mulhern, Srinath T. V. Setty, Lorenzo Alvisi, and Michael Walfish. Scalable and private media consumption with Popcorn. In Proceedings of NSDI 2016, pages 91-107, Santa Clara, CA, USA (March 2016).

[33] Venkatesan Guruswami and Madhu Sudan. Improved decoding of Reed-Solomon and algebraic-geometric codes. In Proceedings of FOCS1998, pages 28-39, Palo Alto, CA, USA (November 1998).

[34] Ryan Henry, Yizhou Huang, and Ian Goldberg. One (block) size fits all: PIR and SPIR with variable-length records via multi-block queries. In Proceedings of NDSS2013, San Diego, CA, USA (February 2013).

[35] Ryan Henry, Femi Olumofin, and Ian Goldberg. Practical PIR for electronic commerce. In Proceedings of CCS2011, pages 677-690, Chicago, IL, USA (October 2011).

[36] Yuval Ishai, Eyal Kushilevitz, Rafail Ostrovsky, and Amit Sahai. Batch codes and their applications. In Proceedings of STOC2004, pages 262-271, Chicago, IL, USA (June 2004).

[37] Aggelos Kiayias, Nikos Leonardos, Helger Lipmaa, Kateryna Pavlyk, and Qiang Tang. Optimal rate private information retrieval from homomorphic encryption. In Proceedings of PETS 2015, volume 2, pages 222-243, Philadelphia, PA, USA (June-July 2015).

[38] Eyal Kushilevitz and Rafail Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In Proceedings of FOCS1997, pages 364-373, Miami Beach, FL, USA (October 1997).

[39] Lichun Li, Michael Militzer, and Anwitaman Datta. rPIR: Ramp secret sharing based communication efficient private information retrieval. IACR Cryptology ePrint Archive, Report 2014/044 (January 2014).

[40] Helger Lipmaa. An oblivious transfer protocol with log-squared communication. In Proceedings of ISC 2005, volume 3650 of LNCS, pages 314-328, Singapore (September 2005).

[41] Wouter Lueks and Ian Goldberg. Sublinear scaling for multi-client private information retrieval. In Proceedings of FC 2015, volume 8975 of LNCS, pages 168-186, San Juan, Puerto Rico (January 2015).

[42] Femi G. Olumofin and Ian Goldberg. Privacy-preserving queries over relational databases. In Proceedings of PETS 2010, volume 6205 of LNCS, pages 75-92, Berlin, Germany (July 2010).

[43] Femi G. Olumofin and Ian Goldberg. Revisiting the computational practicality of private information retrieval. In Proceedings of FC 2011, volume 7035 of LNCS, pages 158-172, Gros Islet, St. Lucia (February 2011).

[44] Pascal Paillier. Public-key cryptosystems based on composite degree residuosity classes. In Advances in Cryptology: Proceedings of EUROCRYPT 1999, volume 1592 of LNCS, pages 223-238, Prague, Czech Republic (May 1999).

[45] Joel Reardon, Jeffrey Pound, and Ian Goldberg. Relationalcomplete private information retrieval. Technical Report CACR2007-34, University of Waterloo, Waterloo, ON, Canada (December 2007).

[46] Peter Y. A. Ryan and Steve A. Schneider. Prêt à voter with reencryption mixes. In Proceedings of ESORICS 2006, volume 4189 of LNCS, pages 313-326, Hamburg, Germany (September 2006).

[47] Nihar B. Shah, K. V. Rashmi, and Kannan Ramchandran. One extra bit of download ensures perfectly private information retrieval. In Proceedings of ISIT 2014, pages 856-860, Honolulu, HI, USA (June-July 2014).

[48] Adi Shamir. How to share a secret. Communications of the ACM (CACM), 22(11):612-613 (November 1979).

[49] Victor Shoup. NTL, a library for doing number theory; version 9.8.1 [computer software]. Available from: http://www.shoup.net/ntl/ (April 2016).

[50] Radu Sion and Bogdan Carbunar. On the practicality of private information retrieval. In Proceedings of NDSS2007, San Diego, CA, USA (March 2007).

[51] Luqin Wang, Trishank Karthik Kuppusamy, Yong Liu, and Justin Cappos. A fast multi-server, multi-block private information retrieval protocol. In Proceedings of GLOBECOM2015, pages 1-6, San Diego, CA, USA (December 2015).

[52] Sergey Yekhanin. New locally decodable codes and private information retrieval schemes. Electronic Colloquium on Computational Complexity (ECCC), 13(127) (October 2006).

Journal Information

Cited By


All Time Past Year Past 30 Days
Abstract Views 0 0 0
Full Text Views 298 270 23
PDF Downloads 136 127 12