Private Information Retrieval with a Trusted Hardware Unit – Revisited
- Cite this paper as:
- Krzywiecki Ł., Kutyłowski M., Misztela H., Strumiński T. (2011) Private Information Retrieval with a Trusted Hardware Unit – Revisited. In: Lai X., Yung M., Lin D. (eds) Information Security and Cryptology. Inscrypt 2010. Lecture Notes in Computer Science, vol 6584. Springer, Berlin, Heidelberg
During ISC’2008 Yanjiang Yang, Xuhua Ding, Robert H. Deng, and Feng Bao presented a construction for holding an encrypted database in a cloud so that the access pattern remains hidden. The scheme is designed for the case when a user holds a trusted hardware unit, which serves as an interface between the owner of the database and the untrusted environment where the encrypted database is stored. The scheme is relatively efficient and has some provable privacy properties.
In this paper we analyze an idealized version of the above protocol and prove rigorously strong privacy conditions in a model with a powerful adversary observing all operations occurring in the cloud. On the other hand, we show that the full version of the protocol (with some implementation details), as proposed at ISC’2008, leaks some information about the access pattern of the user. This shows that the protocol does not fulfil the property of ideally private information retrieval. While this is not a general full scale attack, at some specific situations information leakage presented might have practical value for an adversary.
Keywordsprivate information retrieval cloud computing database probability distribution
Unable to display preview. Download preview PDF.