Private Anonymous Data Access

We consider a scenario where a server holds a huge database that it wants to make accessible to a large group of clients. After an initial setup phase, clients should be able to read arbitrary locations in the database while maintaining privacy (the server does not learn which locations are being read) and anonymity (the server does not learn which client is performing each read). This should hold even if the server colludes with a subset of the clients. Moreover, the run-time of both the server and the client during each read operation should be low, ideally only poly-logarithmic in the size of the database and the number of clients. We call this notion Private Anonymous Data Access (PANDA). PANDA simultaneously combines aspects of Private Information Retrieval (PIR) and Oblivious RAM (ORAM). PIR has no initial setup, and allows anybody to privately and anonymously access a public database, but the server’s run-time is linear in the data size. On the other hand, ORAM achieves poly-logarithmic server run-time, but requires an initial setup after which only a single client with a secret key can access the database. The goal of PANDA is to get the best of both worlds: allow many clients to privately and anonymously access the database as in PIR, while having an efficient server as in ORAM.

[1]  Joe Kilian,et al.  A note on efficient zero-knowledge proofs and arguments (extended abstract) , 1992, STOC '92.

[2]  Yuval Ishai,et al.  Reducing the Servers Computation in Private Information Retrieval: PIR with Preprocessing , 2000, CRYPTO.

[3]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[4]  Vinod Vaikuntanathan,et al.  From Selective to Adaptive Security in Functional Encryption , 2015, CRYPTO.

[5]  Jonathan Katz,et al.  On the efficiency of local decoding procedures for error-correcting codes , 2000, STOC '00.

[6]  David P. Woodruff,et al.  A geometric approach to information-theoretic private information retrieval , 2005, 20th Annual IEEE Conference on Computational Complexity (CCC'05).

[7]  Jinsheng Zhang,et al.  MU-ORAM: Dealing with Stealthy Privacy Attacks in Multi-User Data Outsourcing Services , 2016, IACR Cryptol. ePrint Arch..

[8]  Stefan Katzenbeisser,et al.  Blurry-ORAM: A Multi-Client Oblivious Storage Architecture , 2016, IACR Cryptol. ePrint Arch..

[9]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 1: Basic Techniques , 2001 .

[10]  Rafail Ostrovsky,et al.  Private information storage (extended abstract) , 1997, STOC '97.

[11]  Guevara Noubir,et al.  Multi-User Oblivious RAM Secure Against Malicious Servers , 2015, IACR Cryptol. ePrint Arch..

[12]  Irving S. Reed,et al.  A class of multiple-error-correcting codes and the decoding scheme , 1954, Trans. IRE Prof. Group Inf. Theory.

[13]  Craig Gentry,et al.  Fully homomorphic encryption using ideal lattices , 2009, STOC '09.

[14]  Rafail Ostrovsky,et al.  Efficient computation on oblivious RAMs , 1990, STOC '90.

[15]  Oded Goldreich,et al.  The Foundations of Cryptography - Volume 2: Basic Applications , 2001 .

[16]  Yuval Ishai,et al.  Can We Access a Database Both Locally and Privately? , 2017, TCC.

[17]  Guevara Noubir,et al.  Multi-client Oblivious RAM Secure Against Malicious Servers , 2017, ACNS.

[18]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[19]  Ran Canetti,et al.  Towards Doubly Efficient Private Information Retrieval , 2017, TCC.

[20]  David E. Muller,et al.  Application of Boolean algebra to switching circuit design and to error detection , 1954, Trans. I R E Prof. Group Electron. Comput..

[21]  Eli Ben-Sasson,et al.  On the concrete efficiency of probabilistically-checkable proofs , 2013, STOC '13.

[22]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[23]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[24]  George Danezis,et al.  No right to remain silent: Isolating Malicious Mixes , 2017, IACR Cryptol. ePrint Arch..

[25]  Giulio Malavolta,et al.  Privacy and Access Control for Outsourced Personal Records , 2015, 2015 IEEE Symposium on Security and Privacy.

[26]  Ronald L. Rivest,et al.  ON DATA BANKS AND PRIVACY HOMOMORPHISMS , 1978 .

[27]  Rafail Ostrovsky,et al.  Public-Key Locally-Decodable Codes , 2008, CRYPTO.

[28]  Jens Groth,et al.  Efficient Zero-Knowledge Argument for Correctness of a Shuffle , 2012, EUROCRYPT.

[29]  Rafail Ostrovsky,et al.  Public Key Locally Decodable Codes with Short Keys , 2011, APPROX-RANDOM.

[30]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[31]  Oded Goldreich,et al.  Foundations of Cryptography: Volume 2, Basic Applications , 2004 .

[32]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[33]  Oded Regev,et al.  On lattices, learning with errors, random linear codes, and cryptography , 2005, STOC '05.

[34]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[35]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[36]  Christopher Umans,et al.  Fast Modular Composition in any Characteristic , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[37]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .