Skip to main content
SpringerLink
Log in

Adjusting the Trade-Off between Privacy Guarantees and Computational Cost in Secure Hardware PIR

  • Conference paper
Secure Data Management (SDM 2011)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6933))

Included in the following conference series:

Abstract

Database queries present a potential privacy risk to users, as they may disclose sensitive information about the person issuing the query. Consequently, privacy preserving query processing has gained significant attention in the literature, and numerous techniques have been proposed that seek to hide the content of the queries from the database server. Secure hardware-assisted private information retrieval (PIR) is currently the only practical solution that can be leveraged to build algorithms that provide perfect privacy. Nevertheless, existing approaches feature amortized page retrieval costs and, for large databases, some queries may lead to excessive delays, essentially taking the database server offline for large periods of time. In this paper, we address this drawback and introduce a novel approach that sacrifices some degree of privacy in order to provide fast and constant query response times. Our method leverages the internal cache of the secure hardware to constantly reshuffle the database pages in order to create sufficient uncertainty regarding the exact location of an arbitrary page. We give a formal definition of the privacy level of our algorithm and illustrate how to enforce it in practice. Based on the performance characteristics of the current state-of-the-art secure hardware platforms, we show that our method can provide low page access times, even for very large databases.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Agrawal, D., Abbadi, A.E., Emekçi, F., Metwally, A.: Database management as a service: Challenges and opportunities. In: ICDE (2009)

    Google Scholar 

  2. Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: SIGMOD (2004)

    Google Scholar 

  3. Ardagna, C.A., Cremonini, M., Damiani, E., di Vimercati, S.D.C., Samarati, P.: Location privacy protection through obfuscation-based techniques. In: DBSec (2007)

    Google Scholar 

  4. Barbaro, M., Zeller, T.: A face is exposed for AOL searcher no. 4417749. The New York Times (August 9, 2006)

    Google Scholar 

  5. Beimel, A., Ishai, Y., Kushilevitz, E., Raymond, J.E.: Breaking the O(n 1/(2k − 1)) barrier for information-theoretic private information retrieval. In: FOCS (2002)

    Google Scholar 

  6. Cachin, C., Micali, S., Stadler, M.: Computationally private information retrieval with polylogarithmic communication. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 402–414. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  7. Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: FOCS (1995)

    Google Scholar 

  8. Duckham, M., Kulik, L.: Simulation of obfuscation and negotiation for location privacy. In: Cohn, A.G., Mark, D.M. (eds.) COSIT 2005. LNCS, vol. 3693, pp. 31–48. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  9. Garrett, P.: Making, Breaking Codes: Introduction to Cryptology, 1st edn. Prentice-Hall, Englewood Cliffs (2001)

    Google Scholar 

  10. Gentry, C., Ramzan, Z.: Single-database private information retrieval with constant communication rate. In: Caires, L., Italiano, G.F., Monteiro, L., Palamidessi, C., Yung, M. (eds.) ICALP 2005. LNCS, vol. 3580, pp. 803–815. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  11. Ghinita, G., Kalnis, P., Khoshgozaran, A., Shahabi, C., Tan, K.L.: Private queries in location based services: Anonymizers are not necessary. In: SIGMOD (2008)

    Google Scholar 

  12. Goldberg, I.: Improving the robustness of private information retrieval. In: IEEE Symposium on Security and Privacy (2007)

    Google Scholar 

  13. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. Journal of the ACM 43(3), 431–473 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  14. Iliev, A., Smith, S.: Private information storage with logarithmic-space secure hardware. In: i-NetSec (2004)

    Google Scholar 

  15. Jones, R., Kumar, R., Pang, B., Tomkins, A.: I know what you did last summer: Query logs and user privacy. In: CIKM (2007)

    Google Scholar 

  16. Kalnis, P., Ghinita, G., Mouratidis, K., Papadias, D.: Preventing location-based identity inference in anonymous spatial queries. TKDE 19(12), 1719–1733 (2007)

    Google Scholar 

  17. Khoshgozaran, A., Shahabi, C., Shirani-Mehr, H.: Location privacy: Going beyond k-anonymity, cloaking and anonymizers. In: KAIS (2010)

    Google Scholar 

  18. Kushilevitz, E., Ostrovsky, R.: Replication is not needed: Single database, computationally-private information retrieval. In: FOCS (1997)

    Google Scholar 

  19. Lipmaa, H.: An oblivious transfer protocol with log-squared communication. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 314–328. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  20. Mokbel, M.F., Chow, C.Y., Aref, W.G.: The New Casper: Query processing for location services without compromising privacy. In: VLDB (2006)

    Google Scholar 

  21. Murugesan, M., Clifton, C.: Providing privacy through plausibly deniable search. In: SDM (2009)

    Google Scholar 

  22. Pang, H., Ding, X., Xiao, X.: Embellishing text search queries to protect user privacy. PVLDB 3(1), 598–607 (2010)

    Google Scholar 

  23. Papadopoulos, S., Bakiras, S., Papadias, D.: Nearest neighbor search with strong location privacy. PVLDB 3(1), 619–629 (2010)

    Google Scholar 

  24. Wang, S., Ding, X., Deng, R.H., Bao, F.: Private information retrieval using trusted hardware. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 49–64. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  25. Williams, P., Sion, R.: Usable PIR. In: NDSS (2008)

    Google Scholar 

  26. Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: Practical access pattern privacy and correctness on untrusted storage. In: CCS (2008)

    Google Scholar 

  27. Woodruff, D.P., Yekhanin, S.: A geometric approach to information-theoretic private information retrieval. In: IEEE Conference on Computational Complexity (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. John Jay College, City University of New York, USA

    Spiridon Bakiras

  2. The Graduate Center, City University of New York, USA

    Konstantinos F. Nikolopoulos

Authors
  1. Spiridon Bakiras
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Konstantinos F. Nikolopoulos
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Electrical Engineering, Mathematics and Computer Science, University of Twente, P.O.Box 217, 7500 AE, Enschede, The Netherlands

    Willem Jonker

  2. Philips Research Europe, High Tech Campus 34 (office 3.14), 5656 AE, Eindhoven, The Netherlands

    Milan Petković

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bakiras, S., Nikolopoulos, K.F. (2011). Adjusting the Trade-Off between Privacy Guarantees and Computational Cost in Secure Hardware PIR. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2011. Lecture Notes in Computer Science, vol 6933. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23556-6_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23556-6_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23555-9

  • Online ISBN: 978-3-642-23556-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation