Abstract
Private information retrieval, which allows users to securely retrieve information stored in a single server or multiple servers without disclosing any query content to the server, has attracted much attention in recent years. However, most of the existing private information retrieval schemes cannot achieve data retrieval and data integrity authentication simultaneously. To address the above challenges, this paper proposes a verifiable private information retrieval scheme based on parity in a single-server architecture. Specifically, the data owner generates parity information for each data and extends the original database. Then the data owner generates hint information for the query client, and according to the inverse of the hint information, the matrix confusion and permutation of the extensible database are carried out on the database and the hint information is sent to the client. The client selects the corresponding element in the hint to generate the query vector and executes the reconstruction and verification phase after receiving the answer to accomplish the retrieval process. A series of security games prove that this scheme meets the privacy requirements defined by the PIR scheme, and experimental analysis shows that compared with related schemes, our scheme has certain advantages in time cost. The time of verification information generation is 0.3% of APIR and FMAPIR, the reconstruction time is 1.6% of APIR and 1.1% of FMAPIR and the query time is much less than them.
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig1_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig2_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig3_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig4_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig5_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig6_HTML.png)
![](http://media.springernature.com/m312/springer-static/image/art%3A10.1007%2Fs11235-024-01162-1/MediaObjects/11235_2024_1162_Fig7_HTML.png)
Similar content being viewed by others
References
Chor, B., Kushilevitz, E., Goldreich, O., & Sudan, M. (1995). Private information retrieval. In: Proceedings of IEEE 36th annual foundations of computer science, pp. 41–50. https://api.semanticscholar.org/CorpusID:544823
Backes, M., Kate, A., Maffei, M., & Pecina, K. (2012). Obliviad: Provably secure and practical online behavioral advertising. In: 2012 IEEE symposium on security and privacy, IEEE, pp. 257–271.
Kogan, D., & Corrigan-Gibbs, H. (2021). Private blocklist lookups with checklist. In: 30th USENIX security symposium (USENIX Security 21), pp. 875–892.
Singanamalla, S., Chunhapanya, S., Vavruša, M., Verma, T., Wu, P., Fayed, M., Heimerl, K., Sullivan, N., & Wood, C. (2020). Oblivious dns over https (odoh): A practical privacy enhancement to dns. ar**v preprint ar**v:2011.10121
Melchor, C. A., Barrier, J., Fousse, L., & Killijian, M. O. (2016). Xpir: Private information retrieval for everyone. Proceedings on Privacy Enhancing Technologies 155–174
Park, J., & Tibouchi, M. (2020). Shecs-pir: Somewhat homomorphic encryption-based compact and scalable private information retrieval. In: European symposium on research in computer security, Springer, pp. 86–106.
Menon, S. J., & Wu, D. J .(2022). Spiral: Fast, high-rate single-server PIR via FHE composition. In: 2022 IEEE symposium on security and privacy (SP), IEEE, pp. 930–947.
Mughees, M. H., Chen, H., & Ren, L. (2021). Onionpir: Response efficient single-server PIR. In: Proceedings of the 2021 ACM SIGSAC conference on computer and communications security, pp. 2292–2306.
Angel, S., Chen, H., Laine, K., & Setty, S. (2018). PIR with compressed queries and amortized query processing. In: 2018 IEEE symposium on security and privacy (SP), IEEE, pp. 962–979.
Demmler, D., Herzberg, A., & Schneider, T. (2014). RAID-PIR: Practical multi-server PIR. In: Proceedings of the 6th edition of the ACM workshop on cloud computing security. https://api.semanticscholar.org/CorpusID:488163
Devet, C., Goldberg, I., & Heninger, N. (2012). Optimally robust private information retrieval. In: USENIX security symposium. https://api.semanticscholar.org/CorpusID:206578602
Dvir, Z., & Gopi, S. (2014). 2-server PIR with sub-polynomial communication. In: Proceedings of the forty-seventh annual ACM symposium on theory of computing. https://api.semanticscholar.org/CorpusID:8595187
Sun, H., & Jafar, S. A. (2017). The capacity of private information retrieval. IEEE Transactions on Information Theory, 63, 4075–4088.
Tian, C., Sun, H., & Chen, J. (2018). Capacity-achieving private information retrieval codes with optimal message size and upload cost. In: ICC 2019–2019 IEEE international conference on communications (ICC), pp. 1–6. https://api.semanticscholar.org/CorpusID:52072833
Banawan, K. A., & Ulukus, S. (2017). Multi-message private information retrieval: Capacity results and near-optimal schemes. IEEE Transactions on Information Theory, 64, 6842–6862.
Ryan, M. D. (2013). Enhanced certificate transparency and end-to-end encrypted mail. Cryptology ePrint Archive
Henzinger, A., Hong, M. M., Corrigan-Gibbs, H., Meiklejohn, S., & Vaikuntanathan, V .(2023a). One server for the price of two: Simple and fast single-server private information retrieval. In: Usenix security, vol. 23.
Henzinger, A., Dauterman ,E., Corrigan-Gibbs, H., & Zeldovich, N. (2023b). Private web search with tiptoe. In: Proceedings of the 29th symposium on operating systems principles, pp. 396–416.
Green, M., Ladd ,W., & Miers, I. (2016). A protocol for privately reporting ad impressions at scale. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 1591–1601.
Angel, S., & Setty, S. (2016). Unobservable communication over fully untrusted infrastructure. In: 12th USENIX symposium on operating systems design and implementation (OSDI 16), pp. 551–569.
Cheng, R., Scott, W., Masserova, E., Zhang, I., Goyal, V., Anderson ,T., Krishnamurthy, A., & Parno, B. (2020). Talek: Private group messaging with hidden access patterns. In: Annual computer security applications conference, pp. 84–99.
Ali, A., Lepoint, T., Patel, S., Raykova, M., Schoppmann, P., Seth, K., & Yeo, K. (2021). Communication–computation trade-offs in PIR. In: 30th USENIX security symposium (USENIX Security 21), pp. 1811–1828.
Gupta, T., Crooks, N., Mulhern, W., Setty, S., Alvisi, L., & Walfish, M. (2016). Scalable and private media consumption with popcorn. In: 13th USENIX symposium on networked systems design and implementation (NSDI 16), pp. 91–107.
Colombo, S., Nikitin ,K., Corrigan-Gibbs, H., Wu, D. J., & Ford, B. (2023). Authenticated private information retrieval. In: 32nd USENIX security symposium (USENIX Security 23), pp. 3835–3851.
Chor, B., Gilboa, N., & Naor, M. (1998). Private information retrieval by keywords. IACR Cryptol ePrint Arch 1998:3, https://api.semanticscholar.org/CorpusID:17509445
Angel, S., & Setty, S. (2016). Unobservable communication over fully untrusted infrastructure. In: 12th USENIX symposium on operating systems design and implementation (OSDI 16), pp. 551–569.
Sion, R., & Carbunar, B. (2007). On the computational practicality of private information retrieval. In: Proceedings of the network and distributed systems security symposium, Internet Society Geneva, Switzerland, pp. 2006–06.
Regev, O. (2009). On lattices, learning with errors, random linear codes, and cryptography. Journal of the ACM (JACM), 56(6), 1–40.
Gentry, C., Sahai ,A., & Waters, B. (2013). Homomorphic encryption from learning with errors: Conceptually-simpler, asymptotically-faster, attribute-based. In: Advances in cryptology–CRYPTO 2013: 33rd annual cryptology conference, Santa Barbara, CA, USA, August 18–22, 2013. Proceedings, Part I, Springer, pp. 75–92.
Gentry, C., & Halevi, S. (2019). Compressible FHE with applications to PIR. In: Theory of cryptography conference, Springer, pp. 438–464.
Ahmad, I., Yang ,Y., Agrawal, D., El Abbadi, A., & Gupta, T. (2021). Addra: Metadata-private voice communication over fully untrusted infrastructure. In: 15th\(\{\)USENIX\(\}\)symposium on operating systems design and implementation (\(\{\)OSDI\(\}\) 21).
Chor, B., Kushilevitz, E., Goldreich, O., & Sudan, M. (1998). Private information retrieval. Journal of the ACM (JACM), 45(6), 965–981.
Efremenko, K. (2009). 3-query locally decodable codes of subexponential length. In: Proceedings of the forty-first annual ACM symposium on theory of computing, pp. 39–44.
Dvir, Z., & Gopi, S. (2016). 2-server PIR with subpolynomial communication. Journal of the ACM (JACM), 63(4), 1–15.
Gilboa ,N., & Ishai, Y. (2014). Distributed point functions and their applications. In: Advances in cryptology–EUROCRYPT 2014: 33rd annual international conference on the theory and applications of cryptographic techniques, Copenhagen, Denmark, May 11–15, 2014. Proceedings 33, Springer, pp. 640–658.
Boyle, E., Gilboa ,N., & Ishai, Y. (2016). Function secret sharing: Improvements and extensions. In: Proceedings of the 2016 ACM SIGSAC conference on computer and communications security, pp. 1292–1303.
Hafiz, S. M., & Henry, R. (2019). A bit more than a bit is more than a bit better. Proceedings on Privacy Enhancing Technologies, 2019, 112–131.
Shah, N. B., Rashmi, K., & Ramchandran, K. (2014). One extra bit of download ensures perfectly private information retrieval. In: 2014 IEEE international symposium on information theory, IEEE, pp. 856–860.
Bellare, M., & Rogaway, P. (1993). Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the 1st ACM conference on computer and communications security, pp. 62–73.
Dietz, M., & Tessaro, S. (2023). Fully malicious authenticated PIR. Cryptology ePrint Archive
Funding
This work was supported by Guangdong Provincial Key Laboratory of Intelligent Measurement and Advanced Metering of Power Grid Open-end Fund
Author information
Authors and Affiliations
Contributions
Design of the scheme (Wenqi Zhang, Shuai Shang, and Haolin Wang), Security analysis (Shuai Shang and **ong Li), Simulation (Yun Zhao and Ziwen Cai). All authors are involved in the writing of the manuscript. All authors read and approved the final manuscript
Corresponding author
Ethics declarations
Conflict of interest
There is no Conflict of interest
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
Zhang, W., Shang, S., Wang, H. et al. VPIR: an efficient verifiable private information retrieval scheme resisting malicious cloud server. Telecommun Syst (2024). https://doi.org/10.1007/s11235-024-01162-1
Accepted:
Published:
DOI: https://doi.org/10.1007/s11235-024-01162-1