Jump to ContentJump to Main Navigation
Show Summary Details
More options …

Proceedings on Privacy Enhancing Technologies

4 Issues per year

Open Access
Online
ISSN
2299-0984
See all formats and pricing
More options …

Lower-Cost ∈-Private Information Retrieval

Raphael R. Toledo / George Danezis / Ian Goldberg
Published Online: 2016-07-14 | DOI: https://doi.org/10.1515/popets-2016-0035

Abstract

Private Information Retrieval (PIR), despite being well studied, is computationally costly and arduous to scale. We explore lower-cost relaxations of information-theoretic PIR, based on dummy queries, sparse vectors, and compositions with an anonymity system. We prove the security of each scheme using a flexible differentially private definition for private queries that can capture notions of imperfect privacy. We show that basic schemes are weak, but some of them can be made arbitrarily safe by composing them with large anonymity systems.

Keywords: Private Information Retrieval; Anonymous communications; Private Queries; Differential Privacy

References

  • [1] Aguilar-Melchor, C., Barrier, J., Fousse, L., Killijian, M.O.: XPIR: Private Information Retrieval for Everyone. Proceedings on Privacy Enhancing Technologies 2016(2), 155-174 (2016)Google Scholar

  • [2] Aguilar Melchor, C., Gaborit, P.: A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol. In: Western European Workshop on Research in Cryptology (2007)Google Scholar

  • [3] Andres, M.E., Bordenabe, N.E., Chatzikokolakis, K., Palamidessi, C.: Geo-indistinguishability: differential privacy for location-based systems. In: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. pp. 901-914 (2013)Google Scholar

  • [4] Asonov, D., Freytag, J.C.: Almost optimal private information retrieval. In: Dingledine, R., Syverson, P.F. (eds.) Privacy Enhancing Technologies, Second International Workshop, PET 2002, San Francisco, CA, USA, April 14-15, 2002, Revised Papers. Lecture Notes in Computer Science, vol. 2482, pp. 209-223. Springer (2002), http://dx.doi.org/10.1007/3-540-36467-6_16CrossrefGoogle Scholar

  • [5] Balsa, E., Troncoso, C., Diaz, C.: OB-PWS: Obfuscation- Based Private Web Search. In: Security and Privacy (SP), 2012 IEEE Symposium on. pp. 491-505. IEEE (2012)Google Scholar

  • [6] Beimel, A., Stahl, Y.: Robust Information-Theoretic Private Information Retrieval. In: 3rd Conference on Security in Communication Networks. pp. 326-341 (2002)Google Scholar

  • [7] Berthold, O., Pfitzmann, A., Standtke, R.: The disadvantages of free mix routes and how to overcome them. In: Designing Privacy Enhancing Technologies. pp. 30-45. Springer (2001)Google Scholar

  • [8] Borisov, N., Danezis, G., Goldberg, I.: DP5: A private presence service. PoPETs 2015(2), 4-24 (2015), http://www.degruyter.com/view/j/popets.2015.2015.issue-2/popets-2015-0008/popets-2015-0008.xmlGoogle Scholar

  • [9] Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communication of the ACM 24(2) (1981)Google Scholar

  • [10] Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. Presented at the 36th Annual IEEE Symposium on Foundations of Computer Science (1995)CrossrefGoogle Scholar

  • [11] Danezis, G., Syverson, P.F.: Bridging and fingerprinting: Epistemic attacks on route selection. In: Borisov, N., Goldberg, I. (eds.) Privacy Enhancing Technologies, 8th International Symposium, PETS 2008, Leuven, Belgium, July 23-25, 2008, Proceedings. Lecture Notes in Computer Science, vol. 5134, pp. 151-166. Springer (2008), http://dx.doi.org/10.1007/978-3-540-70630-4_10CrossrefGoogle Scholar

  • [12] Demmler, D., Herzberg, A., Schneider, T.: RAID-PIR: Practical Multi-Server PIR. In: 6th ACM Workshop on Cloud Computing Security (CCSW). pp. 45-56 (2014)Google Scholar

  • [13] Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: The second-generation onion router. In: USENIX Security Symposium, August 9-13, 2004, USA. pp. 303-320 (2004)Google Scholar

  • [14] Dwork, C.: Differential privacy. International Colloquium on Automata, Languages and Programming (2006)Google Scholar

  • [15] Ghinita, G., Kalnis, P., Skiadopoulos, S.: Privé: Anonymous Location-Based Queries in Distributed Mobile Systems. In: 16th International Conference on World Wide Web. pp. 371-380. ACM (2007)Google Scholar

  • [16] Goldberg, I.: Improving the Robustness of Private Information Retrieval. In: 28th IEEE Symposium on Security and Privacy. pp. 131- 148 (2007)Google Scholar

  • [17] Henry, R., Huang, Y., Goldberg, I.: One (Block) Size Fits All: PIR and SPIR Over Arbitrary-Length Records via Multiblock PIR Queries. In: 20th Network and Distributed System Security Symposium (2013)Google Scholar

  • [18] Herrmann, D., Maaß, M., Federrath, H.: Evaluating the security of a DNS query obfuscation scheme for private web surfing. In: Cuppens-Boulahia, N., Cuppens, F., Jajodia, S., Kalam, A.A.E., Sans, T. (eds.) ICT Systems Security and Privacy Protection - 29th IFIP TC 11 International Conference, SEC 2014, Marrakech, Morocco, June 2-4, 2014. Proceedings. IFIP Advances in Information and Communication Technology, vol. 428, pp. 205-219. Springer (2014), http://dx.doi.org/10.1007/978-3-642-55415-5_17CrossrefGoogle Scholar

  • [19] Hong, J.I., Landay, J.A.: An architecture for privacy-sensitive ubiquitous computing. In: 2nd international conference on Mobile systems, applications, and services. pp. 177-189 (2004)Google Scholar

  • [20] Ishai, Y., Kushilevitz, E., Ostrovsky, R., Sahai, A.: Batch codes and their applications. Proceedings of the 36th Annual ACM Symposium on Theory of Computing (2004)Google Scholar

  • [21] Kido, H., Yanagisawa, Y., Satoh, T.: An anonymous communication technique using dummies for location-based services. In: Pervasive Services, 2005. ICPS’05. pp. 88-97. IEEE (2005)Google Scholar

  • [22] Laurie, B., Langley, A., Kasper, E.: Certificate transparency. RFC 6962 (June 2013)Web of ScienceGoogle Scholar

  • [23] Lueks, W., Goldberg, I.: Sublinear Scaling for Multi-Client Private Information Retrieval. In: 19th International Conference on Financial Cryptography and Data Security (2015)Google Scholar

  • [24] Mittal, P., Olumofin, F., Troncoso, C., Borisov, N., Goldberg, I.: PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval. In: 20th USENIX Security Symposium. pp. 475-490 (2011)Google Scholar

  • [25] Olumofin, F., Goldberg, I.: Revisiting the Computational Practicality of Private Information Retrieval. In: 15th International Conference on Financial Cryptography and Data Security. pp. 158-172 (2011)Google Scholar

  • [26] Ostrovsky, R., Kushilevitz, E.: Replication is not needed: single database, computationally-private information retrieval. Proceedings of the 38th Annual Symposium on Foundations of Computer Science (1997)Google Scholar

  • [27] Roy, I., Setty, S.T.V., Kilzer, A., Shmatikov, V., Wichel, E.: Airavat: Security and privacy for mapreduce. Symposium on Networked Systems Design and Implementation (2010)Google Scholar

  • [28] Saint-Jean, F., Johnson, A., Boneh, D., Feigenbaum, J.: Private web search. In: Ning, P., Yu, T. (eds.) Proceedings of the 2007 ACM Workshop on Privacy in the Electronic Society, WPES 2007, Alexandria, VA, USA, October 29, 2007. pp. 84-90. ACM (2007), http://doi.acm.org/10.1145/1314333.1314351CrossrefGoogle Scholar

  • [29] Sarwate, D.: http://math.stackexchange.com/questions/82841/probability-that-a-n-frac12-binomial-random-variableis-even (2011)Google Scholar

  • [30] Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. ACM Conference on Computer and Communications Security (2015)Google Scholar

  • [31] Sion, R., Carbunar, B.: On the practicality of private information retrieval. Proceedings of the Network and Distributed System Security Symposium (2007)Google Scholar

  • [32] Wang, T., Cai, X., Nithyanand, R., Johnson, R., Goldberg, I.: Effective attacks and provable defenses for website fingerprinting. In Proceedings of the 23rd UNESIX Security Symposium (2014)Google Scholar

  • [33] Zhao, F., Hori, Y., Sakurai, K.: Analysis of privacy disclosure in DNS query. In: 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE 2007), 26-28 April 2007, Seoul, Korea. pp. 952-957. IEEE Computer Society (2007), http://dx.doi.org/10.1109/MUE.2007.84CrossrefGoogle Scholar

About the article

Received: 2016-02-29

Revised: 2016-06-02

Accepted: 2016-06-02

Published Online: 2016-07-14

Published in Print: 2016-10-01


Citation Information: Proceedings on Privacy Enhancing Technologies, ISSN (Online) 2299-0984, DOI: https://doi.org/10.1515/popets-2016-0035.

Export Citation

© 2016. This work is licensed under the Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 License. BY-NC-ND 4.0

Comments (0)

Please log in or register to comment.
Log in