Private Information Retrieval with a Trusted Hardware Unit – Revisited

  • Łukasz Krzywiecki
  • Mirosław Kutyłowski
  • Hubert Misztela
  • Tomasz Strumiński
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6584)

Abstract

During ISC’2008 Yanjiang Yang, Xuhua Ding, Robert H. Deng, and Feng Bao presented a construction for holding an encrypted database in a cloud so that the access pattern remains hidden. The scheme is designed for the case when a user holds a trusted hardware unit, which serves as an interface between the owner of the database and the untrusted environment where the encrypted database is stored. The scheme is relatively efficient and has some provable privacy properties.

In this paper we analyze an idealized version of the above protocol and prove rigorously strong privacy conditions in a model with a powerful adversary observing all operations occurring in the cloud. On the other hand, we show that the full version of the protocol (with some implementation details), as proposed at ISC’2008, leaks some information about the access pattern of the user. This shows that the protocol does not fulfil the property of ideally private information retrieval. While this is not a general full scale attack, at some specific situations information leakage presented might have practical value for an adversary.

Keywords

private information retrieval cloud computing database probability distribution 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Chor, B., Kushilevitz, E., Goldreich, O., Sudan, M.: Private information retrieval. In: Proceedings of IEEE FOCS 1995, pp. 41–50 (1995)Google Scholar
  2. 2.
    Cichoń, J., Klonowski, M., Krzywiecki, Ł., Różański, B., Zieliński, P.: Random Subsets of the Interval and P2P Protocols. In: Charikar, M., Jansen, K., Reingold, O., Rolim, J.D.P. (eds.) RANDOM 2007 and APPROX 2007. LNCS, vol. 4627, pp. 409–421. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Cichoń, J., Kapelko, R., Marchwicki, K.: Uniformity of improved versions of Chord. In: Zhu, R., Zhang, Y., Liu, B., Liu, C. (eds.) ICICA 2010. LNCS, vol. 6377, pp. 431–438. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Iliev, A., Smith, S.: Private information storage with logarithm-space secure hardware. In: Proceedings of International Information Security Workshops, pp. 199–214 (2004)Google Scholar
  5. 5.
    Iliev, A., Smith, S.: Protecting client privacy with trusted computing at the server. IEEE Security & Privacy 3(2), 20–28 (2005)CrossRefGoogle Scholar
  6. 6.
    King, V., Saia, J.: Choosing a Random Peer. In: POD 2004. ACM, New York, 1581138024/04/0007 (2004)Google Scholar
  7. 7.
    Misztela, H.: Anonimization of access to data resources. Master Dissertation, Wrocław University of Technology, Institute of Mathematics and Computer Science (2010)Google Scholar
  8. 8.
    Ostrovsky, R., Skeith III, W.E.: A Survey of Single-Database Private Information Retrieval: Techniques and Applications. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 393–411. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Wang, S., Ding, X., Deng, R.H., Bao, F.: Private Information Retrieval Using Trusted Hardware. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 49–64. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  10. 10.
    Yang, Y., Ding, X., Deng, R.H., Bao, F.: An Efficient PIR Construction Using Trusted Hardware. In: Wu, T.-C., Lei, C.-L., Rijmen, V., Lee, D.-T. (eds.) ISC 2008. LNCS, vol. 5222, pp. 64–79. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Feller, W.: An Introduction to Probability Theory and Its Applications, vol. II. John Wiley and Sons Inc., New York (1992)MATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Łukasz Krzywiecki
    • 1
  • Mirosław Kutyłowski
    • 1
  • Hubert Misztela
    • 1
  • Tomasz Strumiński
    • 1
  1. 1.Institute of Mathematics and Computer ScienceWrocław University of TechnologyWrocławPoland

Personalised recommendations