A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol

A PIR scheme is a scheme that allows an user to get an element of a database without giving any information about what part of the database he is interested in. In this paper we present a lattice-based PIR scheme, using an NTRU-like approach, in which the computational cost is a few thousand bit-operations per bit in the database. This improves the protocol computational performance by two orders of magnitude when compared to existing approaches. Our scheme has worse communication performance than other existing protocols, but we show that practical usability of PIR schemes is not as dependent on communication performance as the literature suggests, and that a trade-off between communication and computation leads to much more versatile schemes.

[1]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[2]  Ivan Damgård,et al.  A Length-Flexible Threshold Cryptosystem with Applications , 2003, ACISP.

[3]  Julien P. Stern A New Efficient All-Or-Nothing Disclosure of Secrets Protocol , 1998, ASIACRYPT.

[4]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[5]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[6]  Christian Wieschebrink,et al.  Two NP-complete Problems in Coding Theory with an Application in Code Based Cryptography , 2006, 2006 IEEE International Symposium on Information Theory.

[7]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[8]  Andris Ambainis,et al.  On Lower Bounds for the Communication Complexity of Private Information Retrieval ∗ , 2000 .

[9]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[10]  Yan-Cheng Chang,et al.  Single Database Private Information Retrieval with Logarithmic Communication , 2004, ACISP.

[11]  Niv Gilboa,et al.  Computationally private information retrieval (extended abstract) , 1997, STOC '97.

[12]  Phong Q. Nguyen The Two Faces of Lattices in Cryptology , 2001, Selected Areas in Cryptography.

[13]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.