Unobservable Surfing on the World Wide Web: Is Private Information Retrieval an Alternative to the MIX Based Approach?

  • Dogan Kesdogan
  • Mark Borning
  • Michael Schmeink
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2482)


The technique Private Information Retrieval (PIR) perfectly protects a user’s access pattern to a database. An attacker cannot observe (or determine) which data element is requested by a user and so cannot deduce the interest of the user. We discuss the application of PIR on the World Wide Web and compare it to the MIX approach. We demonstrate particularly that in this context the method does not provide perfect security, and we give a mathematical model for the amount of information an attacker could obtain. We provide an extension of the method under which perfect security can still be achieved.


World Wide Data Item User Session Response Packet Blinded Read 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    A. Ambainis: Upper Bound on the Communication Complexity of Private Information Retrieval, ICALP, LNCS 1256, Springer-Verlag, Berlin 1997.Google Scholar
  2. 2.
    A. Beimel, Y. Isahi, T. Malkin: Reducing the Servers Computation in Private Information Retrieval PIR with Preprocessing, CRYPTO 2000, LNCS 1880, Springer-Verlag, 2000.CrossRefGoogle Scholar
  3. 3.
    A. Beimel, Y. Isahi, T. Malkin, and E. Kushilevitz: One-way functions are essential for single-server private information retrieval, In Proc. of the 31st Annu. ACM Symp. on the Theory of Computing (STOC), 1999.Google Scholar
  4. 4.
    O. Berthold, S. Clauß, S. Köpsell, A. Pfitzmann: Efficiency Improvements of the Private Message Service, 4th International Information Hiding Workshop, PA, USA 25. 4. 2001.Google Scholar
  5. 5.
    O. Berthold, H. Federrath, S. Köpsell: Web MIXes: A System for Anonymous and Unob-servable Internet Access, IWDIAU, LNCS 2009, Springer-Verlag, 2001.Google Scholar
  6. 6.
    C. Cachin, S. Micali, M. Stadler: Computationally private information retrieval with polylogarithmic communication, In EUROCRYPT’ 99, LNCS 1592, Springer, 1999.Google Scholar
  7. 7.
    D. Chaum: Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms, Communications of the ACM 24/2 (1981).Google Scholar
  8. 8.
    D. Chaum: The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability, Journal of Cryptology 1/1 (1988).Google Scholar
  9. 9.
    B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan: Private Information Retrieval, Proc. Of the 36th Annual IEEE symposium Foundations of Computer Science, 1995.Google Scholar
  10. 10.
    B. Chor, N. Gilboa: Computationally Private Information Retrieval, 29th Symposium on Theory of Computing (STOC) 1997, ACM, New York 1997.Google Scholar
  11. 11.
    D. Cooper, K. Birman: The design and implementation of a private message service for mobile computers, Wireless Networks 1, 1995.Google Scholar
  12. 12.
    L. Cottrell: MIXmaster and Remailer Attacks,, 2001.
  13. 13.
    G. Di Crescenzo, Y. Ishai, R. Ostrovsky: Universal Service-Providers for Private Information Retrieval, Journal of Cryptology 14, 2001.Google Scholar
  14. 14.
    T. Demuth, A. Rieke: JANUS: Server-Anonymität im World Wide Web, Sicherheitsinfrastrukturen, Vieweg Verlag, 1999 (DuD-Fachbeiträge).Google Scholar
  15. 15.
    D. J. Farber, K. C. Larson: Network Security Via Dynamic Process Renaming, 4th Data Communications Symposium, 7–9 Oktober 1975, Quebec City, Canada.Google Scholar
  16. 16.
    C. Gülcü, G. Tsudik: Mixing Email with Babel, Proc. Symposium on Network and Distributed System Security, San Diego, IEEE Comput. Soc. Press, 1996.Google Scholar
  17. 17.
    P. A. Karger: Non-Discretionary Access Control for Decentralized Computing Systems, Master Thesis, MIT, Mai 1977, Report MIT/LCS/TR-179.Google Scholar
  18. 18.
    D. Kesdogan: Privacy im Internet, Vieweg Verlag, ISBN: 3-528-05731-9, 1999.Google Scholar
  19. 19.
    J. M. Kleinberg, R. Kumar, P. Raghavan, S. Rajagopalan, A. S. Tomkins: The Web as a graph: measurements, models, and methods, Proc. 5th Annual Int. Conf. Computing and Combinatorics, (1999).Google Scholar
  20. 20.
    E. Kushilevitz and R. Ostrovsky: Replication is not needed: Single database, computationally-private information retrieval, In IEEE FOCS’ 97, 1997.Google Scholar
  21. 21.
    R. Mathar, D. Pfeifer: Stochastik für Informatiker, Teubner, Stuttgart, 1990.Google Scholar
  22. 22.
    R. Ostrovsky, V. Shoup: Private Information Storage, STOC 1997, ACM, New York 1997.Google Scholar
  23. 23.
    A. Pfitzmann: Diensteintegrierende Kommunikationsnetze mit teilnehmer-überprüfbarem Datenschutz, IFB 234, Springer-Verlag, 1990.Google Scholar
  24. 24.
    A. Pfitzmann, M. Waidner: Netw. without user observability, Computers&Security 6/2, 87Google Scholar
  25. 25.
    M.G. Reed, P.F. Syverson, D.M. Goldschlag: Anonymous Connections and Onion Routing, Proc. of the 1997 IEEE Symposium on Security and Privacy, Mai 1997.Google Scholar
  26. 26.
    J. F. Raymond: Traffic Analysis: Protocols, Attacks, Design Issues, and Open Problems, IWDIAU, LNCS 2009, Springer-Verlag, 2001.Google Scholar
  27. 27.
    M. K. Reiter, A. D. Rubin: Crowds: Anonymity for Web Transactions, ACM Transactions on Information and System Security, Volume 1, 1998.Google Scholar
  28. 28.
    C. Rackoff, D. R. Simon: Cryptographic defense against traffic analysis, In 25th Annual ACM Symposium on the Theory of Computing, Mai 1993.Google Scholar
  29. 29.
    C. E. Shannon: Communication Theory of Secrecy Systems; The Bell System Technical Journal, Vol. 28, No. 4, Oktober 1949.Google Scholar
  30. 30.
    S. W. Smith, D. Safford: Practical Server Privacy with Secure Coprocessors, IBM Systems Journal.
  31. 31.
    M. Waidner: Unconditional Sender and Recipient..., Eurocrypt’ 89, LNCS 434, 1990.Google Scholar
  32. 32.
    Zero-Knowledge-Systems, Inc.: (2001).

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Dogan Kesdogan
    • 1
  • Mark Borning
    • 1
  • Michael Schmeink
    • 2
  1. 1.Lehrstuhl für Informatik IVRWTH AachenGermany
  2. 2.Lehr-und Forschungsg. StochastikRWTH AachenGermany

Personalised recommendations