SpringerLink
Log in

VPIR: an efficient verifiable private information retrieval scheme resisting malicious cloud server

  • Published:
Telecommunication Systems Aims and scope Submit manuscript

Abstract

Private information retrieval, which allows users to securely retrieve information stored in a single server or multiple servers without disclosing any query content to the server, has attracted much attention in recent years. However, most of the existing private information retrieval schemes cannot achieve data retrieval and data integrity authentication simultaneously. To address the above challenges, this paper proposes a verifiable private information retrieval scheme based on parity in a single-server architecture. Specifically, the data owner generates parity information for each data and extends the original database. Then the data owner generates hint information for the query client, and according to the inverse of the hint information, the matrix confusion and permutation of the extensible database are carried out on the database and the hint information is sent to the client. The client selects the corresponding element in the hint to generate the query vector and executes the reconstruction and verification phase after receiving the answer to accomplish the retrieval process. A series of security games prove that this scheme meets the privacy requirements defined by the PIR scheme, and experimental analysis shows that compared with related schemes, our scheme has certain advantages in time cost. The time of verification information generation is 0.3% of APIR and FMAPIR, the reconstruction time is 1.6% of APIR and 1.1% of FMAPIR and the query time is much less than them.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Chor, B., Kushilevitz, E., Goldreich, O., & Sudan, M. (1995). Private information retrieval. In: Proceedings of IEEE 36th annual foundations of computer science, pp. 41–50. https://api.semanticscholar.org/CorpusID:544823

  2. Backes, M., Kate, A., Maffei, M., & Pecina, K. (2012). Obliviad: Provably secure and practical online behavioral advertising. In: 2012 IEEE symposium on security and privacy, IEEE, pp. 257–271.

  3. Kogan, D., & Corrigan-Gibbs, H. (2021). Private blocklist lookups with checklist. In: 30th USENIX security symposium (USENIX Security 21), pp. 875–892.

  4. Singanamalla, S., Chunhapanya, S., Vavruša, M., Verma, T., Wu, P., Fayed, M., Heimerl, K., Sullivan, N., & Wood, C. (2020). Oblivious dns over https (odoh): A practical privacy enhancement to dns. ar**v preprint ar**v:2011.10121

  5. Melchor, C. A., Barrier, J., Fousse, L., & Killijian, M. O. (2016). Xpir: Private information retrieval for everyone. Proceedings on Privacy Enhancing Technologies 155–174

  6. Park, J., & Tibouchi, M. (2020). Shecs-pir: Somewhat homomorphic encryption-based compact and scalable private information retrieval. In: European symposium on research in computer security, Springer, pp. 86–106.

  7. Menon, S. J., & Wu, D. J .(2022). Spiral: Fast, high-rate single-server PIR via FHE composition. In: 2022 IEEE symposium on security and privacy (SP), IEEE, pp. 930–947.

  8. Mughees, M. H., Chen, H., & Ren, L. (2021). Onionpir: Response efficient single-server PIR. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp. 2292–2306.

  9. Angel, S., Chen, H., Laine, K., & Setty, S. (2018). PIR with compressed queries and amortized query processing. In: 2018 IEEE symposium on security and privacy (SP), IEEE, pp. 962–979.

  10. Demmler, D., Herzberg, A., & Schneider, T. (2014). RAID-PIR: Practical multi-server PIR. In: Proceedings of the 6th edition of the ACM workshop on cloud computing security. https://api.semanticscholar.org/CorpusID:488163

  11. Devet, C., Goldberg, I., & Heninger, N. (2012). Optimally robust private information retrieval. In: USENIX security symposium. https://api.semanticscholar.org/CorpusID:206578602

  12. Dvir, Z., & Gopi, S. (2014). 2-server PIR with sub-polynomial communication. In: Proceedings of the forty-seventh annual ACM symposium on theory of computing. https://api.semanticscholar.org/CorpusID:8595187

  13. Sun, H., & Jafar, S. A. (2017). The capacity of private information retrieval. IEEE Transactions on Information Theory, 63, 4075–4088.

    Article  Google Scholar 

  14. Tian, C., Sun, H., & Chen, J. (2018). Capacity-achieving private information retrieval codes with optimal message size and upload cost. In: ICC 2019–2019 IEEE international conference on communications (ICC), pp. 1–6. https://api.semanticscholar.org/CorpusID:52072833

  15. Banawan, K. A., & Ulukus, S. (2017). Multi-message private information retrieval: Capacity results and near-optimal schemes. IEEE Transactions on Information Theory, 64, 6842–6862.

    Article  Google Scholar 

  16. Ryan, M. D. (2013). Enhanced certificate transparency and end-to-end encrypted mail. Cryptology ePrint Archive

  17. Henzinger, A., Hong, M. M., Corrigan-Gibbs, H., Meiklejohn, S., & Vaikuntanathan, V .(2023a). One server for the price of two: Simple and fast single-server private information retrieval. In: Usenix security, vol. 23.

  18. Henzinger, A., Dauterman ,E., Corrigan-Gibbs, H., & Zeldovich, N. (2023b). Private web search with tiptoe. In: Proceedings of the 29th symposium on operating systems principles, pp. 396–416.

  19. Green, M., Ladd ,W., & Miers, I. (2016). A protocol for privately reporting ad impressions at scale. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 1591–1601.

  20. Angel, S., & Setty, S. (2016). Unobservable communication over fully untrusted infrastructure. In: 12th USENIX symposium on operating systems design and implementation (OSDI 16), pp. 551–569.

  21. Cheng, R., Scott, W., Masserova, E., Zhang, I., Goyal, V., Anderson ,T., Krishnamurthy, A., & Parno, B. (2020). Talek: Private group messaging with hidden access patterns. In: Annual computer security applications conference, pp. 84–99.

  22. Ali, A., Lepoint, T., Patel, S., Raykova, M., Schoppmann, P., Seth, K., & Yeo, K. (2021). Communication–computation trade-offs in PIR. In: 30th USENIX security symposium (USENIX Security 21), pp. 1811–1828.

  23. Gupta, T., Crooks, N., Mulhern, W., Setty, S., Alvisi, L., & Walfish, M. (2016). Scalable and private media consumption with popcorn. In: 13th USENIX symposium on networked systems design and implementation (NSDI 16), pp. 91–107.

  24. Colombo, S., Nikitin ,K., Corrigan-Gibbs, H., Wu, D. J., & Ford, B. (2023). Authenticated private information retrieval. In: 32nd USENIX security symposium (USENIX Security 23), pp. 3835–3851.

  25. Chor, B., Gilboa, N., & Naor, M. (1998). Private information retrieval by keywords. IACR Cryptol ePrint Arch 1998:3, https://api.semanticscholar.org/CorpusID:17509445

  26. Angel, S., & Setty, S. (2016). Unobservable communication over fully untrusted infrastructure. In: 12th USENIX symposium on operating systems design and implementation (OSDI 16), pp. 551–569.

  27. Sion, R., & Carbunar, B. (2007). On the computational practicality of private information retrieval. In: Proceedings of the network and distributed systems security symposium, Internet Society Geneva, Switzerland, pp. 2006–06.

  28. Regev, O. (2009). On lattices, learning with errors, random linear codes, and cryptography. Journal of the ACM (JACM), 56(6), 1–40.

    Article  Google Scholar 

  29. Gentry, C., Sahai ,A., & Waters, B. (2013). Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based. In: Advances in cryptology–CRYPTO 2013: 33rd annual cryptology conference, Santa Barbara, CA, USA, August 18–22, 2013. Proceedings, Part I, Springer, pp. 75–92.

  30. Gentry, C., & Halevi, S. (2019). Compressible FHE with applications to PIR. In: Theory of cryptography conference, Springer, pp. 438–464.

  31. Ahmad, I., Yang ,Y., Agrawal, D., El Abbadi, A., & Gupta, T. (2021). Addra: Metadata-private voice communication over fully untrusted infrastructure. In: 15th\(\{\)USENIX\(\}\)symposium on operating systems design and implementation (\(\{\)OSDI\(\}\) 21).

  32. Chor, B., Kushilevitz, E., Goldreich, O., & Sudan, M. (1998). Private information retrieval. Journal of the ACM (JACM), 45(6), 965–981.

    Article  Google Scholar 

  33. Efremenko, K. (2009). 3-query locally decodable codes of subexponential length. In: Proceedings of the forty-first annual ACM symposium on theory of computing, pp. 39–44.

  34. Dvir, Z., & Gopi, S. (2016). 2-server PIR with subpolynomial communication. Journal of the ACM (JACM), 63(4), 1–15.

    Article  Google Scholar 

  35. Gilboa ,N., & Ishai, Y. (2014). Distributed point functions and their applications. In: Advances in cryptology–EUROCRYPT 2014: 33rd annual international conference on the theory and applications of cryptographic techniques, Copenhagen, Denmark, May 11–15, 2014. Proceedings 33, Springer, pp. 640–658.

  36. Boyle, E., Gilboa ,N., & Ishai, Y. (2016). Function secret sharing: Improvements and extensions. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 1292–1303.

  37. Hafiz, S. M., & Henry, R. (2019). A bit more than a bit is more than a bit better. Proceedings on Privacy Enhancing Technologies, 2019, 112–131.

    Article  Google Scholar 

  38. Shah, N. B., Rashmi, K., & Ramchandran, K. (2014). One extra bit of download ensures perfectly private information retrieval. In: 2014 IEEE international symposium on information theory, IEEE, pp. 856–860.

  39. Bellare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security, pp. 62–73.

  40. Dietz, M., & Tessaro, S. (2023). Fully malicious authenticated PIR. Cryptology ePrint Archive

Download references

Funding

This work was supported by Guangdong Provincial Key Laboratory of Intelligent Measurement and Advanced Metering of Power Grid Open-end Fund

Author information

Authors and Affiliations

  1. School of Computer Science and Engineering(School of Cyber Security), University of Electronic Science and Technology of China, Chengdu, 611731, China

    Wenqi Zhang, Shuai Shang & **ong Li

  2. Guangdong Provincial Key Laboratory of Intelligent Measurement and Advanced Metering of Power Grid, Electric Power Research Institute of CSG, Guangzhou, 510663, China

    Haolin Wang, Ziwen Cai & Yun Zhao

Authors
  1. Wenqi Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shuai Shang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Haolin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ziwen Cai
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yun Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. **ong Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Design of the scheme (Wenqi Zhang, Shuai Shang, and Haolin Wang), Security analysis (Shuai Shang and **ong Li), Simulation (Yun Zhao and Ziwen Cai). All authors are involved in the writing of the manuscript. All authors read and approved the final manuscript

Corresponding author

Correspondence to **ong Li.

Ethics declarations

Conflict of interest

There is no Conflict of interest

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhang, W., Shang, S., Wang, H. et al. VPIR: an efficient verifiable private information retrieval scheme resisting malicious cloud server. Telecommun Syst (2024). https://doi.org/10.1007/s11235-024-01162-1

Download citation

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11235-024-01162-1

Keywords

Search

Navigation