Private Information Retrieval in an Anonymous Peer-to-Peer Environment

Private Information Retrieval (PIR) protocols enable a client to access data from a server without revealing what data was accessed. The study of Computational Private Information Retrieval (CPIR) protocols, an area of PIR protocols focusing on computational security, has been a recently reinvigorated area of focus in the study of cryptography. However, CPIR protocols still have not been utilized in any practical applications. The aim of this thesis is to determine whether the Melchor Gaborit CPIR protocol can be successfully utilized in a practical manner in an anonymous peer-to-peer environment

Cryptographically Secure Information Flow Control on Key-Value Stores

We present Clio, an information flow control (IFC) system that transparently incorporates cryptography to enforce confidentiality and integrity policies on untrusted storage. Clio insulates developers from explicitly manipulating keys and cryptographic primitives by leveraging the policy language of the IFC system to automatically use the appropriate keys and correct cryptographic operations. We prove that Clio is secure with a novel proof technique that is based on a proof style from cryptography together with standard programming languages results. We present a prototype Clio implementation and a case study that demonstrates Clio's practicality.Comment: Full version of conference paper appearing in CCS 201

Bandwidth-optimized parallel private information retrieval

We present improved and parallel versions of Lipmaa’s computationally-private information retrieval (CPIR) protocol based on a additively-homomorphic cryptosystem. Lipmaa’s original CPIR utilizes binary decision diagrams, in which non-sink nodes have two children nodes and the data items to be retrieved are placed in the sink nodes. In our scheme, we employ, instead, quadratic and octal trees, where nonsink nodes have four and eight child nodes, respectively. Using other tree forms, which does not change the asymptotic complexity, results in shallow trees by which we can obtain an implementation that is an order of magnitude faster than the original scheme. We also present a non-trivial parallel algorithm that takes advantage of shared-memory multi-core architectures. Finally, our scheme proves to be highly efficient in terms of bandwidth requirement, the amount of data being exchanged in a run of the CPIR protocol

A Survey of Alerting Websites: Risks and Solutions

International audienceIn the recent years an incredible amount of data has been leaked from major websites such as Adobe, Snapchat and LinkedIn. There are hundreds of millions of usernames, email addresses, passwords, telephone numbers and credit card details in the wild. The aftermath of these breaches is the rise of alerting websites such as haveibeenpwned.com, which let users verify if their accounts have been compromised. Unfortunately, these seemingly innocuous websites can be easily turned into phishing tools. In this work, we provide a comprehensive study of the most popular ones. Our study exposes the associated privacy risks and evaluates existing solutions towards designing privacy-friendly alerting websites. In particular, we study three solutions: private set intersection, private set intersection cardinality and private information retrieval adapted to membership testing. Finally, we investigate the practicality of these solutions with respect to real world database leakages

Lower-Cost ∈-Private Information Retrieval

Private Information Retrieval (PIR), despite being well studied, is computationally costly and arduous to scale. We explore lower-cost relaxations of information-theoretic PIR, based on dummy queries, sparse vectors, and compositions with an anonymity system. We prove the security of each scheme using a flexible differentially private definition for private queries that can capture notions of imperfect privacy. We show that basic schemes are weak, but some of them can be made arbitrarily safe by composing them with large anonymity systems

Privacy Preserving Location-Based Client-Server Service Using Standard Cryptosystem

Location-Based Mobile Services (LBMS) is rapidly gaining ground and becoming increasingly popular, because of the variety of efficient and personalized services it offers. However, if users are not guaranteed their privacy and there is no assurance of genuineness of server\u27s response, the use of these services would be rendered useless and could deter its growth in mobile computing. This paper aims to provide confidentiality and integrity for communication that occurs between users and location service providers. A practical system that guarantees a user\u27s privacy and integrity of server\u27s response, using a cryptographic scheme with no trusted intermediary, is provided. This scheme also employs the use of symmetric and asymmetric encryption algorithms to ensure secure message and key transfer. In order to overcome the problem of computational complexities with these algorithms, AES-256 is used to encrypt the message and user\u27s location. Several researches have been done in this category but there is still no system that checks the integrity of server\u27s response. The proposed scheme is resistant to a range of susceptible attacks, because it provides a detailed security analysis and, when compared with related work, shows that it can actually guarantee privacy and integrity with faster average response time and higher throughput in LBMS

Practical Private Information Retrieval

In recent years, the subject of online privacy has been attracting much interest, especially as more Internet users than ever are beginning to care about the privacy of their online activities. Privacy concerns are even prompting legislators in some countries to demand from service providers a more privacy-friendly Internet experience for their citizens. These are welcomed developments and in stark contrast to the practice of Internet censorship and surveillance that legislators in some nations have been known to promote. The development of Internet systems that are able to protect user privacy requires private information retrieval (PIR) schemes that are practical, because no other efficient techniques exist for preserving the confidentiality of the retrieval requests and responses of a user from an Internet system holding unencrypted data. This thesis studies how PIR schemes can be made more relevant and practical for the development of systems that are protective of users' privacy. Private information retrieval schemes are cryptographic constructions for retrieving data from a database, without the database (or database administrator) being able to learn any information about the content of the query. PIR can be applied to preserve the confidentiality of queries to online data sources in many domains, such as online patents, real-time stock quotes, Internet domain names, location-based services, online behavioural profiling and advertising, search engines, and so on. In this thesis, we study private information retrieval and obtain results that seek to make PIR more relevant in practice than all previous treatments of the subject in the literature, which have been mostly theoretical. We also show that PIR is the most computationally efficient known technique for providing access privacy under realistic computation powers and network bandwidths. Our result covers all currently known varieties of PIR schemes. We provide a more detailed summary of our contributions below: Our first result addresses an existing question regarding the computational practicality of private information retrieval schemes. We show that, unlike previously argued, recent lattice-based computational PIR schemes and multi-server information-theoretic PIR schemes are much more computationally efficient than a trivial transfer of the entire PIR database from the server to the client (i.e., trivial download). Our result shows the end-to-end response times of these schemes are one to three orders of magnitude (10--1000 times) smaller than the trivial download of the database for realistic computation powers and network bandwidths. This result extends and clarifies the well-known result of Sion and Carbunar on the computational practicality of PIR. Our second result is a novel approach for preserving the privacy of sensitive constants in an SQL query, which improves substantially upon the earlier work. Specifically, we provide an expressive data access model of SQL atop of the existing rudimentary index- and keyword-based data access models of PIR. The expressive SQL-based model developed results in between 7 and 480 times improvement in query throughput than previous work. We then provide a PIR-based approach for preserving access privacy over large databases. Unlike previously published access privacy approaches, we explore new ideas about privacy-preserving constraint-based query transformations, offline data classification, and privacy-preserving queries to index structures much smaller than the databases. This work addresses an important open problem about how real systems can systematically apply existing PIR schemes for querying large databases. In terms of applications, we apply PIR to solve user privacy problem in the domains of patent database query and location-based services, user and database privacy problems in the domain of the online sales of digital goods, and a scalability problem for the Tor anonymous communication network. We develop practical tools for most of our techniques, which can be useful for adding PIR support to existing and new Internet system designs