Private Information Retrieval with a Trusted Hardware Unit - Revisited

During ISC'2008 Yanjiang Yang, Xuhua Ding, Robert H. Deng, and Feng Bao presented a construction for holding an encrypted database in a cloud so that the access pattern remains hidden. The scheme is designed for the case when a user holds a trusted hardware unit, which serves as an interface between the owner of the database and the untrusted environment where the encrypted database is stored. The scheme is relatively efficient and has some provable privacy properties. In this paper we analyze an idealized version of the above protocol and prove rigorously strong privacy conditions in a model with a powerful adversary observing all operations occurring in the cloud. On the other hand, we show that the full version of the protocol (with some implementation details), as proposed at ISC'2008, leaks some information about the access pattern of the user. This shows that the protocol does not fulfil the property of ideally private information retrieval. While this is not a general full scale attack, at some specific situations information leakage presented might have practical value for an adversary.

[1]  Sorin C. Popescu,et al.  Lidar Remote Sensing , 2011 .

[2]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[3]  Rafail Ostrovsky,et al.  A Survey of Single-Database Private Information Retrieval: Techniques and Applications , 2007, Public Key Cryptography.

[4]  Eyal Kushilevitz,et al.  Private information retrieval , 1995, Proceedings of IEEE 36th Annual Foundations of Computer Science.

[5]  Robert H. Deng,et al.  Private Information Retrieval Using Trusted Hardware , 2006, IACR Cryptol. ePrint Arch..

[6]  Marek Klonowski,et al.  Random Subsets of the Interval and P2P Protocols , 2007, APPROX-RANDOM.

[7]  Sean W. Smith,et al.  Private Information Storage with Logarithm-Space Secure Hardware , 2004, International Information Security Workshops.

[8]  Dieter Gollmann,et al.  Computer Security - ESORICS 2006, 11th European Symposium on Research in Computer Security, Hamburg, Germany, September 18-20, 2006, Proceedings , 2006, ESORICS.

[9]  Robert H. Deng,et al.  An Efficient PIR Construction Using Trusted Hardware , 2008, ISC.

[10]  Jared Saia,et al.  Choosing a random peer , 2004, PODC '04.

[11]  Jacek Cichon,et al.  Uniformity of Improved Versions of Chord , 2010, ICICA.

[12]  William Feller,et al.  An Introduction to Probability Theory and Its Applications , 1967 .

[13]  Maode Ma,et al.  Information Computing and Applications - First International Conference, ICICA 2010, Tangshan, China, October 15-18, 2010. Proceedings , 2010, ICICA.

[14]  Sean W. Smith,et al.  Protecting client privacy with trusted computing at the server , 2005, IEEE Security & Privacy Magazine.