A Fast Single Server Private Information Retrieval Protocol with Low Communication Cost

Existing single server Private Information Retrieval (PIR) protocols are far from practical. To be practical, a single server PIR protocol has to be both communicationally and computationally efficient. In this paper, we present a single server PIR protocol that has low communication cost and is much faster than existing protocols. A major building block of the PIR protocol in this paper is a tree-based compression scheme, which we call folding/unfolding. This compression scheme enables us to lower the communication complexity to O(loglogn). The other major building block is the BGV fully homomorphic encryption scheme. We show how we design the protocol to exploit the internal parallelism of the BGV scheme. This significantly reduces the server side computational overhead and makes our protocol much faster than the existing protocols. Our protocol can be further accelerated by utilising hardware parallelism. We have built a prototype of the protocol. We report on the performance of our protocol based on the prototype and compare it with the current most efficient protocols.

[1]  Yuval Ishai,et al.  Breaking the O(n/sup 1/(2k-1)/) barrier for information-theoretic Private Information Retrieval , 2002, The 43rd Annual IEEE Symposium on Foundations of Computer Science, 2002. Proceedings..

[2]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[3]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[4]  Helger Lipmaa,et al.  First CPIR Protocol with Data-Dependent Computation , 2009, ICISC.

[5]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[6]  Yuval Ishai,et al.  Improved upper bounds on information-theoretic private information retrieval (extended abstract) , 1999, STOC '99.

[7]  Radu Sion,et al.  On the Practicality of Private Information Retrieval , 2007, NDSS.

[8]  Craig Gentry,et al.  Fully Homomorphic Encryption over the Integers , 2010, EUROCRYPT.

[9]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2012 , 2012, Lecture Notes in Computer Science.

[10]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[11]  Yan-Cheng Chang,et al.  Single Database Private Information Retrieval with Logarithmic Communication , 2004, ACISP.

[12]  Henri Gilbert,et al.  Advances in Cryptology - EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco / French Riviera, May 30 - June 3, 2010. Proceedings , 2010, EUROCRYPT.

[13]  Kazuo Ohta,et al.  Advances in Cryptology — ASIACRYPT’98 , 2002, Lecture Notes in Computer Science.

[14]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[15]  Xiaoyun Wang,et al.  Cryptanalysis of a homomorphic encryption scheme from ISIT 2008 , 2012, 2012 IEEE International Symposium on Information Theory Proceedings.

[16]  Bart Preneel,et al.  Advances in cryptology - EUROCRYPT 2000 : International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, May 14-18, 2000 : proceedings , 2000 .

[17]  Ian Goldberg,et al.  Improving the Robustness of Private Information Retrieval , 2007 .

[18]  Rafail Ostrovsky,et al.  Cryptography from Anonymity , 2006, 2006 47th Annual IEEE Symposium on Foundations of Computer Science (FOCS'06).

[19]  Philippe Gaborit,et al.  A fast private information retrieval protocol , 2008, 2008 IEEE International Symposium on Information Theory.

[20]  Ran Canetti,et al.  Advances in Cryptology – CRYPTO 2013 , 2013, Lecture Notes in Computer Science.

[21]  Craig Gentry,et al.  Homomorphic Evaluation of the AES Circuit , 2012, IACR Cryptol. ePrint Arch..

[22]  Craig Gentry,et al.  Fully Homomorphic Encryption with Polylog Overhead , 2012, EUROCRYPT.

[23]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[24]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[25]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[26]  Julien P. Stern A new and efficient all-or-nothing disclosure of secrets protocol , 1998 .

[27]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[28]  Rafail Ostrovsky,et al.  Batch codes and their applications , 2004, STOC '04.

[29]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[30]  Craig Gentry,et al.  A fully homomorphic encryption scheme , 2009 .

[31]  Peter Williams,et al.  Usable PIR , 2008, NDSS.

[32]  Kenneth G. Paterson,et al.  Security of Symmetric Encryption in the Presence of Ciphertext Fragmentation , 2012, IACR Cryptol. ePrint Arch..

[33]  Elisa Bertino,et al.  Single-Database Private Information Retrieval from Fully Homomorphic Encryption , 2013, IEEE Transactions on Knowledge and Data Engineering.

[34]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[35]  Frederik Vercauteren,et al.  Fully homomorphic SIMD operations , 2012, Designs, Codes and Cryptography.

[36]  Cyrus Shahabi,et al.  Private Information Retrieval Techniques for Enabling Location Privacy in Location-Based Services , 2009, Privacy in Location-Based Applications.

[37]  Dong Hoon Lee,et al.  Information, Security and Cryptology - ICISC 2009, 12th International Conference, Seoul, Korea, December 2-4, 2009, Revised Selected Papers , 2010, ICISC.

[38]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[39]  Niv Gilboa,et al.  Computationally private information retrieval (extended abstract) , 1997, STOC '97.

[40]  Arto Salomaa,et al.  Public-Key Cryptography , 1991, EATCS Monographs on Theoretical Computer Science.

[41]  Shai Halevi,et al.  Algorithms in HElib , 2014, CRYPTO.

[42]  Rafail Ostrovsky,et al.  A Survey of Single-Database Private Information Retrieval: Techniques and Applications , 2007, Public Key Cryptography.

[43]  Julien P. Stern A New Efficient All-Or-Nothing Disclosure of Secrets Protocol , 1998, ASIACRYPT.

[44]  Brent Waters,et al.  Homomorphic Encryption from Learning with Errors: Conceptually-Simpler, Asymptotically-Faster, Attribute-Based , 2013, CRYPTO.

[45]  Vinod Vaikuntanathan,et al.  Efficient Fully Homomorphic Encryption from (Standard) LWE , 2011, 2011 IEEE 52nd Annual Symposium on Foundations of Computer Science.

[46]  Robert H. Deng,et al.  A new hardware-assisted PIR with O(n) shuffle cost , 2010, International Journal of Information Security.

[47]  Chris Peikert,et al.  On Ideal Lattices and Learning with Errors over Rings , 2010, JACM.

[48]  John E. Savage,et al.  Models of computation - exploring the power of computing , 1998 .

[49]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[50]  Ian Goldberg,et al.  Practical PIR for electronic commerce , 2011, CCS '11.

[51]  Rafail Ostrovsky,et al.  One-Way Trapdoor Permutations Are Sufficient for Non-trivial Single-Server Private Information Retrieval , 2000, EUROCRYPT.