Abstract
In Private Information Retrieval (PIR), a user obtains one of N records from a server, without the server learning what record was requested.
Recent research in “practical PIR” has limited the players to the user and server and limited the user’s work to negotiating a session key (eg. as in SSL)—but then added a secure coprocessor to the server and required the secure coprocessor to encrypt/permute the dataset (and often gone ahead and built real systems).
Practical PIR (PPIR) thus consists of trying to solve a privacy problem for a large dataset using the small internal space of the coprocessor. This task is very similar to the one undertaken by the older Oblivious RAMs work, and indeed the latest PPIR work uses techniques developed for Oblivious RAMs. Previous PPIR work had two limitations: the internal space required was still O(N lg N) bits, and records could only be read privately, not written.
In this paper, we present a design and experimental results that overcome these limitations. We reduce the internal memory to O(lg N) by basing the pseudorandom permutation on a Luby-Rackoff style block cipher, and by redesigning the oblivious shuffle to reduce space requirements and avoid unnecessary work. This redesign yields both a time and a space savings. These changes expand the system’s applicability to larger datasets and domains such as private file storage.
These results have been implemented for the IBM 4758 secure coprocessor platform, and are available for download.
Chapter PDF
References
Dmitri Asonov and Johann-Christoph Freytag. Almost optimal private information retrieval. In Dingledine and Syverson [5], pages 209–223. LNCS 2482.
Christian Cachin, Silvio Micali, and Markus Stadler. Computationally private information retrieval with polylogarithmic communication. In Eurocrypt 1999, Prague, Czech Republic. Springer Verlag. LNCS 1592.
B. Chor, O. Goldreich, E. Kushilevitz, and M. Sudan. Private information retrieval. Journal of the ACM, 45:965–982, 1998.
Thomas Cormen, Charles Leiserson, Ronald Rivest, and Cliff Stein. Introduction to Algorithms. McGraw-Hill, second edition, 2001.
R. Dingledine and P. Syverson, editors. Privacy Enhancing Technologies, San Francisco, CA, April 2002. Springer. LNCS 2482.
Oded Goldreich and Rafail Ostrovsky. Software protection and simulation on oblivious RAMs. Journal of the ACM, 43(3):431–473, 1996.
Alex Iliev and Sean Smith. Privacy-enhanced directory services. In 2nd Annual PKI Research Workshop, Gaithersburg, MD, April 2003. NIST.
Dogan Kesdogan, Mark Borning, and Michael Schmeink. Unobservable surfing on the world wide web: is private information retrieval an alternative to the MIX based approach? In Dingledine and Syverson [5]. LNCS 2482.
Eyal Kushilevitz and Rafail Ostrovsky. Replication is not needed: Single database, computationally-private information retrieval. In IEEE Symposium on Foundations of Computer Science, pages 364–373, 1997.
D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz. Architectural Support for Copy and Tamper Resistant Software. In Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems, pages 168–177, November 2000.
M. Luby and C. Rackoff. How to construct pseudo-random permutations from pseudo-random functions. SIAM Journal on Computing, 17(2):373–386, 1988.
P. McGregor and R. Lee. Virtual Secure Co-Processing on General-purpose Processors. Technical Report CE-L2002-003, Princeton University, November 2002.
Moni Naor and Omer Reingold. On the construction of pseudorandom permutations: Luby-Rackoff revisited. Journal of Cryptology, 12(1):29–66, 1999.
Rafail Ostrovsky and Victor Shoup. Private information storage. In ACM Symposium on Theory of Computing. ACM, 1997.
Jacques Patarin. Luby-Rackoff: 7 rounds are enough for 2 n(1−ε) security. In Advances in Cryptology-CRYPTO 2003, pages 513–529. Springer-Verlag, Oct 2003.
Sean Smith. Outbound authentication for programmable secure coprocessors. In 7th European Symposium on Research in Computer Science, Oct 2002.
Sean W. Smith and Steve Weingart. Building a high-performance, programmable secure coprocessor. Computer Networks, 31:831–860, 1999.
S.W. Smith and D. Safford. Practical server privacy using secure coprocessors. IBM Systems Journal, 40(3), 2001. (Special Issue on End-to-End Security).
National Institute Of Standards and Technology. Security requirements for cryptographic modules. http://csrc.nist.gov/publications/fips/fips140-1/fips1401.htm, Jan 1994. FIPS PUB 140-1.
G. Edward Suh, Dwaine Clarke, Blaise Gassend, Marten van Dijk, and Srinivas Devadas. AEGIS: architecture for tamper-evident and tamper-resistant processing. In Proceedings of the 17th annual international conference on Supercomputing, pages 160–171. ACM Press, 2003.
Abraham Waksman. A permutation network. Journal of the ACM, 15(1):159–163, Jan 1968.
Bennet S. Yee. Using Secure Coprocessors. PhD thesis, Carnegie Mellon University, 1994.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this paper
Cite this paper
Iliev, A., Smith, S. (2004). Private Information Storage with Logarithmic-Space Secure Hardware. In: Deswarte, Y., Cuppens, F., Jajodia, S., Wang, L. (eds) Information Security Management, Education and Privacy. IFIP International Federation for Information Processing, vol 148. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8145-6_17
Download citation
DOI: https://doi.org/10.1007/1-4020-8145-6_17
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8144-6
Online ISBN: 978-1-4020-8145-3
eBook Packages: Springer Book Archive