Private Stateful Information Retrieval

Private information retrieval (PIR) is a fundamental tool for preserving query privacy when accessing outsourced data. All previous PIR constructions have significant costs preventing widespread use. In this work, we present private stateful information retrieval (PSIR), an extension of PIR, allowing clients to be stateful and maintain information between multiple queries. Our design of the PSIR primitive maintains three important properties of PIR: multiple clients may simultaneously query without complex concurrency primitives, query privacy should be maintained if the server colludes with other clients, and new clients should be able to enroll into the system by exclusively interacting with the server. We present a PSIR framework that reduces an online query to performing one single-server PIR on a sub-linear number of database records. All other operations beyond the single-server PIR consist of cryptographic hashes or plaintext operations. In practice, the dominating costs of resources occur due to the public-key operations involved with PIR. By reducing the input database to PIR, we are able to limit expensive computation and avoid transmitting large ciphertexts. We show that various instantiations of PSIR reduce server CPU by up to 10x and online network costs by up to 10x over the previous best PIR construction.

[1]  Irving S. Reed,et al.  A class of multiple-error-correcting codes and the decoding scheme , 1954, Trans. IRE Prof. Group Inf. Theory.

[2]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[3]  Aggelos Kiayias,et al.  Multi-query Computationally-Private Information Retrieval with Constant Communication Rate , 2010, Public Key Cryptography.

[4]  Alfred Menezes,et al.  Handbook Of Applied Cryptography Crc Press , 2015 .

[5]  P. L. Montgomery Modular multiplication without trial division , 1985 .

[6]  Ryan Henry,et al.  Polynomial Batch Codes for Efficient IT-PIR , 2016, Proc. Priv. Enhancing Technol..

[7]  Marc-Olivier Killijian,et al.  XPIR : Private Information Retrieval for Everyone , 2016, Proc. Priv. Enhancing Technol..

[8]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[9]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[10]  Erik D. Demaine,et al.  Tight bounds for the partial-sums problem , 2004, SODA '04.

[11]  George Danezis,et al.  DP5: A Private Presence Service , 2015, Proc. Priv. Enhancing Technol..

[12]  L. Tippett Statistical Tables: For Biological, Agricultural and Medical Research , 1954 .

[13]  Swanand Kadhe,et al.  Private Information Retrieval With Side Information , 2017, IEEE Transactions on Information Theory.

[14]  Jinsheng Zhang,et al.  MU-ORAM: Dealing with Stealthy Privacy Attacks in Multi-User Data Outsourcing Services , 2016, IACR Cryptol. ePrint Arch..

[15]  Phillip Rogaway,et al.  How to Encipher Messages on a Small Domain , 2009, CRYPTO.

[16]  S. Janson Tail bounds for sums of geometric and exponential variables , 2017, 1709.08157.

[17]  Douglas R. Stinson,et al.  Combinatorial batch codes , 2009, Adv. Math. Commun..

[18]  Matthew Green,et al.  A Protocol for Privately Reporting Ad Impressions at Scale , 2016, CCS.

[19]  Markus Jakobsson,et al.  Addition of ElGamal Plaintexts , 2000, ASIACRYPT.

[20]  Martin R. Albrecht,et al.  On the concrete hardness of Learning with Errors , 2015, J. Math. Cryptol..

[21]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[22]  Stefan Katzenbeisser,et al.  Blurry-ORAM: A Multi-Client Oblivious Storage Architecture , 2016, IACR Cryptol. ePrint Arch..

[23]  Vinod Vaikuntanathan,et al.  Fully Homomorphic Encryption from Ring-LWE and Security for Key Dependent Messages , 2011, CRYPTO.

[24]  Srinath T. V. Setty,et al.  Unobservable Communication over Fully Untrusted Infrastructure , 2016, OSDI.

[25]  Guevara Noubir,et al.  Multi-client Oblivious RAM Secure Against Malicious Servers , 2017, ACNS.

[26]  R. A. Fisher,et al.  Statistical Tables for Biological, Agricultural and Medical Research , 1956 .

[27]  Swanand Kadhe,et al.  Private information retrieval with side information: The single server case , 2017, 2017 55th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[28]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[29]  David E. Muller,et al.  Application of Boolean algebra to switching circuit design and to error detection , 1954, Trans. I R E Prof. Group Electron. Comput..

[30]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[31]  Craig Gentry,et al.  (Leveled) fully homomorphic encryption without bootstrapping , 2012, ITCS '12.

[32]  Rafail Ostrovsky,et al.  Private Anonymous Data Access , 2018, IACR Cryptol. ePrint Arch..

[33]  Sarvar Patel,et al.  PanORAMa: Oblivious RAM with Logarithmic Overhead , 2018, 2018 IEEE 59th Annual Symposium on Foundations of Computer Science (FOCS).

[34]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[35]  Yuval Ishai,et al.  Can We Access a Database Both Locally and Privately? , 2017, TCC.

[36]  Thomas Ristenpart,et al.  The Mix-and-Cut Shuffle: Small-Domain Encryption Secure against N Queries , 2013, CRYPTO.

[37]  Srinath T. V. Setty,et al.  Scalable and Private Media Consumption with Popcorn , 2016, NSDI.

[38]  Yuval Ishai,et al.  Reducing the Servers Computation in Private Information Retrieval: PIR with Preprocessing , 2000, CRYPTO.

[39]  Srinath T. V. Setty,et al.  PIR with Compressed Queries and Amortized Query Processing , 2018, 2018 IEEE Symposium on Security and Privacy (SP).

[40]  Giulio Malavolta,et al.  Privacy and Access Control for Outsourced Personal Records , 2015, 2015 IEEE Symposium on Security and Privacy.

[41]  Peter M. Fenwick,et al.  A new data structure for cumulative frequency tables , 1994, Softw. Pract. Exp..

[42]  Michael Luby,et al.  How to Construct Pseudo-Random Permutations from Pseudo-Random Functions (Abstract) , 1986, CRYPTO.

[43]  Ivan Damgård,et al.  A Generalisation, a Simplification and Some Applications of Paillier's Probabilistic Public-Key System , 2001, Public Key Cryptography.

[44]  Rafail Ostrovsky,et al.  Batch codes and their applications , 2004, STOC '04.

[45]  Ran Canetti,et al.  Towards Doubly Efficient Private Information Retrieval , 2017, TCC.