Lower-Cost ∈-Private Information Retrieval

Abstract Private Information Retrieval (PIR), despite being well studied, is computationally costly and arduous to scale. We explore lower-cost relaxations of information-theoretic PIR, based on dummy queries, sparse vectors, and compositions with an anonymity system. We prove the security of each scheme using a flexible differentially private definition for private queries that can capture notions of imperfect privacy. We show that basic schemes are weak, but some of them can be made arbitrarily safe by composing them with large anonymity systems.

[1]  Ian Goldberg,et al.  One (Block) Size Fits All: PIR and SPIR with Variable-Length Records via Multi-Block Queries , 2013, NDSS.

[2]  Marc-Olivier Killijian,et al.  XPIR : Private Information Retrieval for Everyone , 2016, Proc. Priv. Enhancing Technol..

[3]  Rafail Ostrovsky,et al.  Batch codes and their applications , 2004, STOC '04.

[4]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[5]  Ian Goldberg,et al.  Improving the Robustness of Private Information Retrieval , 2007 .

[6]  Arno Fiedler,et al.  Certificate transparency , 2014, Commun. ACM.

[7]  Amir Herzberg,et al.  RAID-PIR: Practical Multi-Server PIR , 2014, CCSW.

[8]  George Danezis,et al.  DP5: A Private Presence Service , 2015, Proc. Priv. Enhancing Technol..

[9]  Tetsuji Satoh,et al.  An anonymous communication technique using dummies for location-based services , 2005, ICPS '05. Proceedings. International Conference on Pervasive Services, 2005..

[10]  Ian Goldberg,et al.  Sublinear Scaling for Multi-Client Private Information Retrieval , 2015, Financial Cryptography.

[11]  Tao Wang,et al.  Effective Attacks and Provable Defenses for Website Fingerprinting , 2014, USENIX Security Symposium.

[12]  Carmela Troncoso,et al.  OB-PWS: Obfuscation-Based Private Web Search , 2012, 2012 IEEE Symposium on Security and Privacy.

[13]  Andreas Pfitzmann,et al.  The Disadvantages of Free MIX Routes and how to Overcome Them , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[14]  Radu Sion,et al.  On the Practicality of Private Information Retrieval , 2007, NDSS.

[15]  Vitaly Shmatikov,et al.  Airavat: Security and Privacy for MapReduce , 2010, NSDI.

[16]  Panos Kalnis,et al.  PRIVE: anonymous location-based queries in distributed mobile systems , 2007, WWW '07.

[17]  Joan Feigenbaum,et al.  Private web search , 2007, WPES '07.

[18]  Nick Mathewson,et al.  Tor: The Second-Generation Onion Router , 2004, USENIX Security Symposium.

[19]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[20]  Ian Goldberg,et al.  Revisiting the Computational Practicality of Private Information Retrieval , 2011, Financial Cryptography.

[21]  Amos Beimel,et al.  Robust Information-Theoretic Private Information Retrieval , 2002, Journal of Cryptology.

[22]  Vitaly Shmatikov,et al.  Privacy-preserving deep learning , 2015, 2015 53rd Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[23]  Hannes Federrath,et al.  Evaluating the Security of a DNS Query Obfuscation Scheme for Private Web Surfing , 2014, SEC.

[24]  James A. Landay,et al.  An architecture for privacy-sensitive ubiquitous computing , 2004, MobiSys '04.

[25]  Kouichi Sakurai,et al.  Analysis of Privacy Disclosure in DNS Query , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[26]  Catuscia Palamidessi,et al.  Geo-indistinguishability: differential privacy for location-based systems , 2012, CCS.

[27]  Philippe Gaborit,et al.  A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol , 2007, IACR Cryptol. ePrint Arch..

[28]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[29]  George Danezis,et al.  Bridging and Fingerprinting: Epistemic Attacks on Route Selection , 2008, Privacy Enhancing Technologies.

[30]  Carmela Troncoso,et al.  PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval , 2011, USENIX Security Symposium.

[31]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[32]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.