Skip to main content
SpringerLink
Log in

On private information retrieval supporting range queries

  • Regular contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Private information retrieval (PIR) allows a client to retrieve data from a database without the database server learning what data are being retrieved. Although many PIR schemes have been proposed in the literature, almost all of these focus on retrieval of a single database element, and do not consider more flexible retrieval queries such as basic range queries. Furthermore, while practically-oriented database schemes aiming at providing flexible and privacy-preserving queries have been proposed, to the best of our knowledge, no formal treatment of range queries has been considered for these. In this paper, we firstly highlight that a simple extension of the standard PIR security notion to range queries is insufficient in many usage scenarios, and propose a stronger security notion aimed at addressing this. We then show a simple generic construction of a PIR scheme meeting our stronger security notion, and propose a more efficient direct construction based on function secret sharing—while the former has a round complexity logarithmic in the size of the database, the round complexity of the latter is constant. After that, we report on the practical performance of our direct construction. Finally, we extend the results to the case of multi-dimensional databases and show the construction of PIR scheme supporting multi-dimensional range queries. The communication round complexity of our scheme is \(O(k\log n)\) in worst case, where n is the size of database and k is the number of elements retrieved by the query.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13

Similar content being viewed by others

Code availability

We implemented the client query generation and server response computation of our RQ-PIR scheme in C++ using the FSS library [24].

Notes

  1. This was measured using the variable packet size of the ping command.

References

  1. Hayata, J., Schuldt, J.C.N., Hanaoka, G., Matsuura, K.: On private information retrieval supporting range queries. In: ESORICS (2), pp. 674–694 (2020)

  2. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS, pp. 41–50 (1995)

  3. Kushilevitz, E., Ostrovsky, R.: Replication is NOT needed: SINGLE database, computationally-private information retrieval. In: FOCS, pp. 364–373 (1997)

  4. Dvir, Z., Gopi, S.: 2-Server PIR with sub-polynomial communication. In: STOC, pp. 577–584 (2015)

  5. Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: EUROCRYPT, pp. 402–414 (1999)

  6. Dong, C., Chen, L.: A fast single server private information retrieval protocol with low communication cost. In: ESORICS (1), pp. 380–399 (2014)

  7. Hore, B., Mehrotra, S., Tsudik, G.: A privacy-preserving index for range queries. In: VLDB, pp. 720–731 (2004)

  8. Kamara, S., Moataz, T.: SQL on structurally-encrypted databases. In: ASIACRYPT (1), pp. 149–180 (2018)

  9. Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: ACM Conference on Computer and Communications Security, pp. 668–679 (2015)

  10. Kellaris, G., Kollios, G., Nissim, K., O’Neill, A.: Generic attacks on secure outsourced databases. In: ACM Conference on Computer and Communications Security, pp. 1329–1340 (2016)

  11. Grubbs, P., Lacharité, M.-S., Minaud, B., Paterson, K.G.: Pump up the volume: practical database reconstruction from volume leakage on range queries. In: ACM Conference on Computer and Communications Security, pp. 315–331 (2018)

  12. Gui, Z., Johnson, O., Warinschi, B.: Encrypted databases: new volume attacks against range queries. In: ACM Conference on Computer and Communications Security, pp. 361–378 (2019)

  13. Wang, F., Yun, C., Goldwasser, S., Vaikuntanathan, V., Zaharia, M.: Splinter: practical private queries on public data. In: NSDI, pp. 299–313 (2017)

  14. Boyle, E., Gilboa, N., Ishai, Y.: Function secret sharing. In: EUROCRYPT (2), pp. 337–367 (2015)

  15. Li, J., Omiecinski, E.: Efficiency and security trade-off in supporting range queries on encrypted databases. In: DBSec, pp. 69–83 (2005)

  16. Chen, K., Kavuluru, R., Guo, S.: RASP: efficient multidimensional range query on attack-resilient encrypted databases. In: CODASPY, pp. 249–260 (2011)

  17. Sprenger, S., Schäfer, P., Leser, U.: Multidimensional range queries on modern hardware. In: SSDBM, pp. 4:1–4:12 (2018)

  18. Boyle, E., Gilboa, N., Ishai, Y.: Function secret sharing: improvements and extensions. In: ACM Conference on Computer and Communications Security, pp. 1292–1303 (2016)

  19. Chor, B., Gilboa, N., Naor, M.: Private information retrieval by keywords. In: IACR Cryptology ePrint Archive 1998, p. 3 (1998)

  20. Tillem, G., Candan, Ömer M., Savas, E., Kaya, K.: Hiding access patterns in range queries using private information retrieval and ORAM. In: Financial Cryptography Workshops, pp. 253–270 (2016)

  21. Groth, J., Kiayias, A., Lipmaa, H.: Multi-query computationally-private information retrieval with constant communication rate. In: Public Key Cryptography, pp. 107–123 (2010)

  22. Dingledine, R., Mathewson, N., Syverson, P.F.: Tor: the second-generation onion router. In: USENIX Security Symposium, pp. 303–320 (2004)

  23. Swanson, C.M., Stinson, D.R.: Extended results on privacy against coalitions of users in user-private information retrieval protocols. Cryptogr. Commun. 7(4), 415–437 (2015)

    Article  MathSciNet  Google Scholar 

  24. LibFSS. https://github.com/frankw2/libfss

Download references

Funding

A part of this work was supported by JST CREST Grant Number JPMJCR19F6, Japan, JSPS KAKENHI Grant Number 19H01109, Japan and JSPS KAKENHI Grant Number 17KT0081, Japan.

Author information

Authors and Affiliations

  1. Deloitte Tohmatsu Cyber LLC, Tokyo, Japan

    Junichiro Hayata

  2. National Institute of Advanced Industrial Science and Technology (AIST), Tokyo, Japan

    Jacob C. N. Schuldt & Goichiro Hanaoka

  3. The University of Tokyo, Tokyo, Japan

    Kanta Matsuura

Authors
  1. Junichiro Hayata
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jacob C. N. Schuldt
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Goichiro Hanaoka
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Kanta Matsuura
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Junichiro Hayata.

Ethics declarations

Conflict of interest

All authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants performed by any of the authors.

Informed consent

This article does not contain any studies with human participants performed by any of the authors.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

A preliminary version of this paper appeared at 25th European Symposium on Research in Computer Security, ESORICS 2020 [1]. This version includes significant differences, including a revised security notion which all schemes are shown secure with respect to, as well as a generic transformation to achieve a similar security notion to [1]. Furthermore, this version presents the first scheme allowing range queries over multi-dimensional databases.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Hayata, J., Schuldt, J.C.N., Hanaoka, G. et al. On private information retrieval supporting range queries. Int. J. Inf. Secur. 23, 629–647 (2024). https://doi.org/10.1007/s10207-023-00743-6

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-023-00743-6

Keywords

Search

Navigation