MORE ROBUST PRIVATE INFORMATION RETRIEVAL SCHEME

Chun-Hua Chen, Gwoboa Horng

2006

Abstract

In e-commerce, the protection of users’ privacy from a server was not considered feasible until the private information retrieval (PIR) problem was stated and solved. A PIR scheme allows a user to retrieve a data item from an online database while hiding the identity of the item from a database server. In this paper, a new PIR scheme using a secure coprocessor (SC) and including mutual authentication by DSA signature algorithm for protecting the privacy of users, is proposed. Because of using only one server and including the mutual authentication process in the proposed scheme, it is more efficient and more robust (secure) in the real e-commerce environment compared with previous PIR solutions. In addition, a security analysis (proof) for the proposed scheme and comparisons to other PIR schemes are given.

References

  1. Ambainis, A., 1997. Upper bound on the communication complexity of private information retrieval. In Proc. of 24th ICALP 97, Lecture Notes in Computer Science, 1256, 401-407.
  2. Asonov, D. & Freytag, J.-C., 2003. Almost optimal private information retrieval. In Pre- and Postproc. of 2nd Workshop on Privacy Enhancing Technologies (PET2002), San Francisco, USA; Lecture Notes in Computer Science, 2482, 209-223.
  3. Beimel, A. & Ishai, Y., 2001. Information-theoretic private information retrieval: a unified construction. Electronic Colloquium on Computational Complexity, TR01-15, 2001; Extended abstract in: ICALP 2001, Lecture Notes in Computer Science, 2076, 89-98.
  4. Beimel, A. & Ishai, Y., 2002. Robust informationtheoretic private information retrieval. In Proc. of the 3rd Conference on Security in Communication Networks, Lecture Notes in Computer Science, 2576, 326-341.
  5. Beimel, A., Stahl, Y., Kushilevit, E. & Raymond, J. F., 2002. Breaking the barrier O(n1/(2k-1)) for informationtheoretic private information retrieval. In Proc. of the 43rd IEEE Symposium on Foundations of Computer Science (FOCS), 261-270.
  6. Beimel, A., Ishai,Y. & Malkin, T., 2004. Reducing the servers computation in private information retrieval: PIR with preprocessing. Journal of Cryptology, 17, 125-151.
  7. Bellare, M. & Rogaway, P., 1993. Entity authentication and key distribution, Advances in CryptologyCRYPTO'93, Lecture Notes in Computer Science, 773, 232-249.
  8. Bellare, M., Desai, A., Pointcheval, D. & Rogaway, P., 1998. Relations among notions of security for public key encryption schemes. Advances in Cryptology CRYPTO'98, Lecture Notes in Computer Science, 1462, 26-46.
  9. Cachin, C., Micali, S. & Stadler, M., 1999. Computationally private information retrieval with polylogarithmic communication. Eurocrypt 99, Lecture Notes in Computer Science, 1592, 402-414.
  10. Canetti, R. & Krawczyk, H., 2001. Analysis of keyexchange protocols and their use for building secure channels. Advances in Cryptology-Eurocrypt'01, Lecture Notes in Computer Science, 2045, 453-474.
  11. Chor, B., Goldreich, O., Kushilevitz, E. & Sudan, M., 1995. Private information retrieval. In Proc. of the 36 th IEEE Symposium on Foundations of Computer Science (FOCS), 41-50.
  12. Chor, B., Goldreich, O., Kushilevitz, E. & Sudan, M., 1998. Private information retrieval. Journal of ACM, 45, 965-981.
  13. Chor, B. & Gilboa, N., 1997. Computationally private information retrieval. In Proc. of the twenty-ninth annual ACM symposium on Theory of computing (STOC), 304-313.
  14. Dolev, D., Dwork, C. & Naor, M., 1991. Non-malleable cryptography. In Proc. of the twenty third annual ACM symposium on theory of computing(STOC), ACM press, 542-552.
  15. Iliev, A. & Smith, S.W., 2005. Protecting client privacy with trusted computing at the server. Security and Privacy Magazine, IEEE, 3(2), 20-28.
  16. Knuth, D. E., 1981. The Art of Computer Programming, vol. 2, Addison-Wesley. Second edition.
  17. Kushilevitz, E. & Ostrovsky, R., 1997. Replication is not needed: single database, computationally-private information retrieval. In Proc. of the 38th IEEE Symposium on Foundations of Computer Science (FOCS), 364-373.
  18. Rackoff, C. & Simon, D., 1991. Non-interactive zeroknowledge proof of knowledge and chosen ciphertext attack. Advances in Cryptology- Crypto'91, Lecture Notes in Computer Science, 576, 433-444.
  19. Smith, S.W. & Safford, D., 2001. Practical server privacy using secure coprocessors. IBM System Journal, 40(3), 683-695.
  20. Yang, E. Y., Xu, J. & Bennett, K. H., 2002. Private information retrieval in the presence of malicious failures. In Proc. of the 26th IEEE Annual International Computer Software and Applications Conference (COMPSAC), 805-810.
Download


Paper Citation


in Harvard Style

Chen C. and Horng G. (2006). MORE ROBUST PRIVATE INFORMATION RETRIEVAL SCHEME . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006) ISBN 978-972-8865-63-4, pages 297-302. DOI: 10.5220/0002097102970302


in Bibtex Style

@conference{secrypt06,
author={Chun-Hua Chen and Gwoboa Horng},
title={MORE ROBUST PRIVATE INFORMATION RETRIEVAL SCHEME},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)},
year={2006},
pages={297-302},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002097102970302},
isbn={978-972-8865-63-4},
}


in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2006)
TI - MORE ROBUST PRIVATE INFORMATION RETRIEVAL SCHEME
SN - 978-972-8865-63-4
AU - Chen C.
AU - Horng G.
PY - 2006
SP - 297
EP - 302
DO - 10.5220/0002097102970302