Revisiting the Computational Practicality of Private Information Retrieval

Remote servers need search terms from the user to complete retrieval requests. However, keeping the search terms private or confidential without undermining the server's ability to retrieve the desired information is a problem that private information retrieval (PIR) schemes are designed to address. A study of the computational practicality of PIR by Sion and Carbunar in 2007 concluded that no existing construction is as efficient as the trivial PIR scheme -- the server transferring its entire database to the client. While often cited as evidence that PIR is impractical, that paper did not examine multi-server information-theoretic PIR schemes or recent single-server lattice-based PIR schemes. In this paper, we report on a performance analysis of a single-server lattice-based scheme by Aguilar-Melchor and Gaborit, as well as two multi-server information-theoretic PIR schemes by Chor et al. and by Goldberg. Using analytical and experimental techniques, we find the end-to-end response times of these schemes to be one to three orders of magnitude (10---1000 times) smaller than the trivial scheme for realistic computation power and network bandwidth. Our results extend and clarify the conclusions of Sion and Carbunar for multi-server PIR schemes and single-server PIR schemes that do not rely heavily on number theory.

[1]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[2]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[3]  Andris Ambainis,et al.  On Lower Bounds for the Communication Complexity of Private Information Retrieval ∗ , 2000 .

[4]  Niv Gilboa,et al.  Computationally private information retrieval (extended abstract) , 1997, STOC '97.

[5]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[6]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[7]  Julien P. Stern A New Efficient All-Or-Nothing Disclosure of Secrets Protocol , 1998, ASIACRYPT.

[8]  Moni Naor,et al.  Private Information Retrieval by Keywords , 1998, IACR Cryptol. ePrint Arch..

[9]  G.E. Moore,et al.  Cramming More Components Onto Integrated Circuits , 1998, Proceedings of the IEEE.

[10]  Yuval Ishai,et al.  Protecting data privacy in private information retrieval schemes , 1998, STOC '98.

[11]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[12]  Jacques Stern,et al.  Advances in Cryptology — EUROCRYPT ’99 , 1999, Lecture Notes in Computer Science.

[13]  Charles E. Spurgeon Ethernet: The Definitive Guide , 2000 .

[14]  Sanjeev Kumar Mishra On Symmetrically Private Information Retrieval , 2000, IACR Cryptol. ePrint Arch..

[15]  尚弘 島影 National Institute of Standards and Technologyにおける超伝導研究及び生活 , 2001 .

[16]  Sean W. Smith,et al.  Practical server privacy with secure coprocessors , 2001, IBM Syst. J..

[17]  David Naccache,et al.  Topics in Cryptology — CT-RSA 2001 , 2001, Lecture Notes in Computer Science.

[18]  Ari Juels,et al.  Targeted Advertising ... And Privacy Too , 2001, CT-RSA.

[19]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[20]  Johann-Christoph Freytag,et al.  Repudiative information retrieval , 2002, WPES '02.

[21]  George Danezis,et al.  Mixminion: design of a type III anonymous remailer protocol , 2003, 2003 Symposium on Security and Privacy, 2003..

[22]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[23]  Dmitri Asonov,et al.  Querying Databases Privately , 2004, Lecture Notes in Computer Science.

[24]  Yuval Ishai,et al.  Reducing the Servers’ Computation in Private Information Retrieval: PIR with Preprocessing , 2004, Journal of Cryptology.

[25]  Dmitri Asonov Querying Databases Privately: A New Approach to Private Information Retrieval , 2004, Lecture Notes in Computer Science.

[26]  田端 利宏,et al.  Network and Distributed System Security Symposiumにおける研究動向の調査 , 2004 .

[27]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[28]  Edward Jones,et al.  Introduction to DSL , 2005 .

[29]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[30]  Felipe Saint-Jean Java Implementation of a Single-Database Computationally Symmetric Private Information Retrieval (cSPIR) Protocol , 2005 .

[31]  Christian Wieschebrink,et al.  Two NP-complete Problems in Coding Theory with an Application in Code Based Cryptography , 2006, 2006 IEEE International Symposium on Information Theory.

[32]  Radu Sion,et al.  On the Computational Practicality of Private Information Retrieval , 2006 .

[33]  Robert H. Deng Towards Practical Private Information Retrieval , 2006 .

[34]  Ian Goldberg,et al.  Improving the Robustness of Private Information Retrieval , 2007 .

[35]  Rafail Ostrovsky,et al.  Public Key Encryption That Allows PIR Queries , 2007, CRYPTO.

[36]  A. J. Menezes,et al.  Advances in Cryptology - CRYPTO 2007, 27th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2007, Proceedings , 2007, CRYPTO.

[37]  Amos Beimel,et al.  Robust Information-Theoretic Private Information Retrieval , 2002, Journal of Cryptology.

[38]  Philippe Gaborit,et al.  A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol , 2007, IACR Cryptol. ePrint Arch..

[39]  Peter Williams,et al.  Usable PIR , 2008, NDSS.

[40]  Yang Cui,et al.  The practicality of the keyword search using PIR , 2008, 2008 International Symposium on Information Theory and Its Applications.

[41]  Philippe Gaborit,et al.  High-Speed Private Information Retrieval Computation on GPU , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[42]  Sergey Yekhanin,et al.  Towards 3-query locally decodable codes of subexponential length , 2008, JACM.

[43]  Philippe Gaborit,et al.  A fast private information retrieval protocol , 2008, 2008 IEEE International Symposium on Information Theory.

[44]  Panos Kalnis,et al.  Private queries in location based services: anonymizers are not necessary , 2008, SIGMOD Conference.

[45]  Klim Efremenko,et al.  3-Query Locally Decodable Codes of Subexponential Length , 2008 .

[46]  Andy Parrish,et al.  Efficient Computationally Private Information Retrieval from Anonymity or Trapdoor Groups , 2010, ISC.

[47]  Ian Goldberg,et al.  Privacy-Preserving Queries over Relational Databases , 2010, Privacy Enhancing Technologies.

[48]  P. Cochat,et al.  Et al , 2008, Archives de pediatrie : organe officiel de la Societe francaise de pediatrie.

[49]  Giuseppe Di Battista,et al.  26 Computer Networks , 2004 .