The Best of Both Worlds: Combining Information-Theoretic and Computational PIR for Communication Efficiency

  • Casey Devet
  • Ian Goldberg
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8555)


The goal of Private Information Retrieval (PIR) is the ability to query a database successfully without the operator of the database server discovering which record(s) of the database the querier is interested in. There are two main classes of PIR protocols: those that provide privacy guarantees based on the computational limitations of servers (CPIR) and those that rely on multiple servers not colluding for privacy (IT-PIR). These two classes have different advantages and disadvantages that make them more or less attractive to designers of PIR-enabled privacy enhancing technologies.

We present a hybrid PIR protocol that combines two PIR protocols, one from each of these classes. Our protocol inherits many positive aspects of both classes and mitigates some of the negative aspects. For example, our hybrid protocol maintains partial privacy when the security assumptions of one of the component protocols is broken, mitigating the privacy loss in such an event. We have implemented our protocol as an extension of the Percy++ library so that it combines a PIR protocol by Aguilar Melchor and Gaborit with one by Goldberg. We show that our hybrid protocol uses less communication than either of these component protocols and that our scheme is particularly beneficial when the number of records in a database is large compared to the size of the records. This situation arises in applications such as TLS certificate verification, anonymous communications systems, private LDAP lookups, and others.


Communication Cost Hybrid Scheme Server Computation Hybrid Protocol Recursive Step 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Aguilar Melchor, C., Crespin, B., Gaborit, P., Jolivet, V., Rousseau, P.: High-Speed Private Information Retrieval Computation on GPU. In: SECURWARE, pp. 263–272. IEEE (2008)Google Scholar
  2. 2.
    Aguilar-Melchor, C., Gaborit, P.: A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol. In: WEWORC 2007 (July 2007)Google Scholar
  3. 3.
    Asonov, D.: Private Information Retrieval: An overview and current trends. In: ECDPvA Workshop (2001)Google Scholar
  4. 4.
    Beimel, A., Ishai, Y., Malkin, T.: Reducing the Servers’ Computation in Private Information Retrieval: PIR with Preprocessing. J. Cryptology 17(2), 125–151 (2004)CrossRefzbMATHMathSciNetGoogle Scholar
  5. 5.
    Chaum, D., Carback, R., Clark, J., Essex, A., Popoveniuc, S., Rivest, R.L., Ryan, P.Y.A., Shen, E., Sherman, A.T., Vora, P.L.: Scantegrity II: End-to-end verifiability by voters of optical scan elections through confirmation codes. IEEE Transactions on Information Forensics and Security 4(4), 611–627 (2009)CrossRefGoogle Scholar
  6. 6.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private Information Retrieval. In: 36th Annual IEEE Symposium on Foundations of Computer Science (FOCS 1995), pp. 41–50 (October 1995)Google Scholar
  7. 7.
    Chor, B., Gilboa, N., Naor, M.: Private Information Retrieval by Keywords. Technical Report TR CS0917, Department of Computer Science, Technion, Israel (1997)Google Scholar
  8. 8.
    Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private Information Retrieval. J. ACM 45, 965–981 (1998)CrossRefzbMATHMathSciNetGoogle Scholar
  9. 9.
    Danezis, G., Dingledine, R., Mathewson, N.: Mixminion: Design of a Type III Anonymous Remailer Protocol. In: IEEE Symposium on Security and Privacy, pp. 2–15. IEEE Computer Society (2003)Google Scholar
  10. 10.
    Devet, C.: Evaluating Private Information Retrieval on the Cloud. Technical Report 2013-05, CACR (2013),
  11. 11.
    Devet, C., Goldberg, I.: The Best of Both Worlds: Combining Information-Theoretic and Computational PIR for Communication Efficiency. Technical Report 2014-07, CACR,
  12. 12.
    Devet, C., Goldberg, I., Heninger, N.: Optimally Robust Private Information Retrieval. In: 21st USENIX Security Symposium (2012)Google Scholar
  13. 13.
    Dingledine, R., Mathewson, N., Syverson, P.: Tor: The Second-Generation Onion Router. In: 13th USENIX Security Symposium (2004)Google Scholar
  14. 14.
    Gertner, Y., Goldwasser, S., Malkin, T.: A Random Server Model for Private Information Retrieval or How to Achieve Information Theoretic PIR Avoiding Database Replication. In: Rolim, J.D.P., Serna, M., Luby, M. (eds.) RANDOM 1998. LNCS, vol. 1518, pp. 200–217. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  15. 15.
    Goldberg, I.: Percy++ project on SourceForge, (accessed February 2014)
  16. 16.
    Goldberg, I.: Improving the Robustness of Private Information Retrieval. In: 2007 IEEE Symposium on Security and Privacy, pp. 131–148 (2007)Google Scholar
  17. 17.
    Henry, R., Olumofin, F.G., Goldberg, I.: Practical PIR for Electronic Commerce. In: ACM Conference on Computer and Communications Security, pp. 677–690 (2011)Google Scholar
  18. 18.
    Kikuchi, H.: Private Revocation Test using Oblivious Membership Evaluation Protocol. In: 3rd Annual PKI R&D Workshop (2004)Google Scholar
  19. 19.
    Kushilevitz, E., Ostrovsky, R.: Replication Is Not Needed: Single Database, Computationally-Private Information Retrieval. In: FOCS, pp. 364–373 (1997)Google Scholar
  20. 20.
    Laurie, B., Langley, A., Kasper, E.: Certificate Transparency. RFC 6962 (June 2013)Google Scholar
  21. 21.
    Mittal, P., Olumofin, F., Troncoso, C., Borisov, N., Goldberg, I.: PIR-Tor: Scalable Anonymous Communication Using Private Information Retrieval. In: 20th USENIX Security Symposium, pp. 475–490 (2011)Google Scholar
  22. 22.
    Olumofin, F., Goldberg, I.: Privacy-Preserving Queries over Relational Databases. In: Atallah, M.J., Hopper, N.J. (eds.) PETS 2010. LNCS, vol. 6205, pp. 75–92. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  23. 23.
    Olumofin, F., Goldberg, I.: Revisiting the Computational Practicality of Private Information Retrieval. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 158–172. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  24. 24.
    Ookla: Net Metrics for Canada and the United States, (accessed February 2014)
  25. 25.
    Ryan, P.Y.A., Schneider, S.A.: Prêt à Voter with Re-encryption Mixes. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 313–326. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  26. 26.
    Santesson, S., Myers, M., Ankney, R., Malpani, A., Galperin, S., Adams, C.: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. RFC 6960 (June 2013)Google Scholar
  27. 27.
    Sassaman, L., Cohen, B.: The Pynchon Gate: A Secure Method of Pseudonymous Mail Retrieval. In: Proceedings of the Workshop on Privacy in the Electronic Society (WPES 2005), pp. 1–9 (2005)Google Scholar
  28. 28.
    Sermersheim, J.: Lightweight Directory Access Protocol (LDAP): The Protocol. RFC 4511 (June 2006)Google Scholar
  29. 29.
    Shamir, A.: How to share a secret. Commun. ACM 22, 612–613 (1979)CrossRefzbMATHMathSciNetGoogle Scholar
  30. 30.
    Sion, R., Carbunar, B.: On the Computational Practicality of Private Information Retrieval. In: Proceedings of the Network and Distributed Systems Security Symposium (2007)Google Scholar
  31. 31.
    Xively: Public Cloud for the Internet of Things, (accessed February 2014)

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Casey Devet
    • 1
  • Ian Goldberg
    • 1
  1. 1.University of WaterlooCanada

Personalised recommendations