First CPIR Protocol with Data-Dependent Computation

  • Helger Lipmaa
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5984)


We design a new (n, 1)-CPIR protocol BddCpir for ℓ-bit strings as a combination of a noncryptographic (BDD-based) data structure and a more basic cryptographic primitive (communication-efficient (2, 1)-CPIR). BddCpir is the first CPIR protocol where server’s online computation depends substantially on the concrete database. We then show that (a) for reasonably small values of ℓ, BddCpir is guaranteed to have simultaneously log-squared communication and sublinear online computation, and (b) BddCpir can handle huge but sparse matrices, common in data-mining applications, significantly more efficiently compared to all previous protocols. The security of BddCpir can be based on the well-known Decisional Composite Residuosity assumption.


Binary decision diagram computationally-private information retrieval privacy-preserving data mining sublinear communication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, R., Srikant, R.: Privacy-Preserving Data Mining. In: Proceedings of the 2000 ACM SIGMOD Conference on Management of Data, Dallas, TX, USA, May 2000, pp. 439–450 (2000)Google Scholar
  2. 2.
    Aguilar-Melchor, C., Gaborit, P.: A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol. In: Lucks, S., Sadeghi, A.-R., Wolf, C. (eds.) WEWORC 2007. LNCS, vol. 4945, pp. 50–54. Springer, Heidelberg (2008), Google Scholar
  3. 3.
    Beimel, A., Ishai, Y., Malkin, T.: Reducing the Servers Computation in Private Information Retrieval: PIR with Preprocessing. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 55–73. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  4. 4.
    Breitbart, Y., Hunt III, H.B., Rosenkrantz, D.J.: On The Size of Binary Decision Diagrams Representing Boolean Functions. Theoretical Computer Science 145(1&2), 45–69 (1995)CrossRefMathSciNetMATHGoogle Scholar
  5. 5.
    Canetti, R., Ishai, Y., Kumar, R., Reiter, M.K., Rubinfeld, R., Wright, R.N.: Selective Private Function Evaluation with Applications to Private Statistics. In: PODC 2001, Rhode Island, USA, August 26–29, pp. 293–304. ACM Press, Newport (2001)CrossRefGoogle Scholar
  6. 6.
    Carbunar, B., Sion, R.: On the Computational Practicality of Private Information Retrieval. In: NDSS 2007, San Diego, California, USA, February 27–March 2 (2007)Google Scholar
  7. 7.
    Damgård, I., Jurik, M.: A Generalisation, a Simplification and Some Applications of Paillier’s Probabilistic Public-Key System. In: Kim, K.-c. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  8. 8.
    Damgård, I., Jurik, M.: A Length-Flexible Threshold Cryptosystem with Applications. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 350–364. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Fujita, M., McGeer, P.C., Yang, J.C.Y.: Multi-Terminal Binary Decision Diagrams: An Efficient Data Structure for Matrix Representation. Formal Methods in System Design 10(2/3), 149–169 (1997)CrossRefGoogle Scholar
  10. 10.
    Gasarch, W., Yerukhimovich, A.: Computationally Inexpensive cPIR (2007), Work in progress (January 2009),
  11. 11.
    Gentry, C.: Fully Homomorphic Encryption Using Ideal Lattices. In: Mitzenmacher, M. (ed.) STOC 2009, May 31–Jun 2, 2009, pp. 169–178. ACM Press, Bethesda (2009)CrossRefGoogle Scholar
  12. 12.
    Gentry, C., Ramzan, Z.: Single-Database Private Information Retrieval with Constant Communication Rate. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 803–815. Springer, Heidelberg (2005)Google Scholar
  13. 13.
    Heap, M.A., Mercer, M.R.: Least Upper Bounds on OBDD Sizes. IEEE Transactions on Computers 43(6), 764–767 (1994)CrossRefMATHGoogle Scholar
  14. 14.
    Ishai, Y., Paskin, A.: Evaluating Branching Programs on Encrypted Data. In: Vadhan, S.P. (ed.) TCC 2007. LNCS, vol. 4392, pp. 575–594. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Kushilevitz, E., Ostrovsky, R.: Replication is Not Needed: Single Database, Computationally-Private Information Retrieval. In: FOCS 1997, October 20–22, pp. 364–373. IEEE Computer Society, Los Alamitos (1997)Google Scholar
  16. 16.
    Laur, S., Lipmaa, H.: A New Protocol for Conditional Disclosure of Secrets And Its Applications. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 207–225. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Liaw, H.T., Lin, C.S.: On the OBDD-Representation of General Boolean Functions. IEEE Transactions on Computers 41(6), 661–664 (1992)CrossRefMathSciNetGoogle Scholar
  18. 18.
    Lipmaa, H.: An Oblivious Transfer Protocol with Log-Squared Communication. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 314–328. Springer, Heidelberg (2005)Google Scholar
  19. 19.
    Lipmaa, H.: New Communication-Efficient Oblivious Transfer Protocols Based on Pairings. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 441–454. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    Lipmaa, H.: Private Branching Programs: On Communication-Efficient Cryptocomputing. Tech. Rep. 2008/107, International Association for Cryptologic Research (2008),
  21. 21.
    Naor, M., Pinkas, B.: Oblivious Transfer And Polynomial Evaluation. In: STOC 1999, May 1-4, 1999, pp. 245–254. ACM Press, Atlanta (1999)CrossRefGoogle Scholar
  22. 22.
    Paillier, P.: Public-Key Cryptosystems Based on Composite Degree Residuosity Classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999)Google Scholar
  23. 23.
    Stern, J.P.: A New And Efficient All Or Nothing Disclosure of Secrets Protocol. In: Ohta, K., Pei, D. (eds.) ASIACRYPT 1998. LNCS, vol. 1514, pp. 357–371. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  24. 24.
    Wegener, I.: Branching Programs and Binary Decision Diagrams: Theory and Applications. Monographs on Discrete Mathematics and Applications, Society for Industrial Mathematics (2000)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Helger Lipmaa
    • 1
    • 2
  1. 1.Cybernetica ASEstonia
  2. 2.Tallinn UniversityEstonia

Personalised recommendations