1 / 18

Public Key Encryption That Allows PIR Queries

Public Key Encryption That Allows PIR Queries. Dan Boneh, Eyal Kushilevitz, Rafail Ostrovsky, William E. Skeith III Presenter: 紀汶承. Outline. Introduction Tools Definition Main Construction. Introduction Tools Definition Main Construction. PIR(Private Information Retrieval).

ila-bell
Download Presentation

Public Key Encryption That Allows PIR Queries

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Key Encryption That Allows PIR Queries Dan Boneh, Eyal Kushilevitz, Rafail Ostrovsky, William E. Skeith III Presenter:紀汶承

  2. Outline • Introduction • Tools • Definition • Main Construction

  3. Introduction • Tools • Definition • Main Construction

  4. PIR(Private Information Retrieval) • 允許user從擁有database的server中取回資料(item),但不洩漏取回的是什麼資料。 • PIR solutions • 藉由address,從database中,取回一個 (明文 或 加密過) 的record。 • 靠關鍵字搜尋一個未加密的資料(data)

  5. Introduction • Tools • Definition • Main Construction

  6. Bloom filter • 觀念: • Hash function: • suppose • A array: such that and such that • Note that ,then

  7. Bloom filter(cont.) Input a to hi, i: 1~k h1 h2 hk T 驗證: H2(a) If then H1(a) Hk(a)

  8. Bloom filter(cont.) • 儲存什麼? • 不只是單單儲存element,改儲存 : 表示與elements 的關係(表達element所存放的位址) • 現今儲存(a,v), , where • v 被加入 for all • If a∈S,

  9. Bloom filter(cont.) Insert: (a1,v1) Insert: (a2,v2) {v1,v2} H1(a1) B1 ∩ B2 {v1} H2(a1) ∩ B3 B4 {v1,v2,v3} ∩ ={v1} Hk(a1) Bm

  10. Modifying Encrypted Data in a Communication Efficient Way • Based on group homomorphic encryption with communication O(√n). • Technique : • : database (not encrypted) • (i*,j*): the position of particular element • α: the value we want to add. • v , w: two vector of length √n where • Here δkl = 1 when k=l and 0 otherwise • Then

  11. Modifying Encrypted Data in a Communication Efficient Way (cont.) • Parameters: • (K, , D): a CPA-secure public-key encryption • : an array of ciphertexts which is held by a party S. • Define F(X, Y, Z)=X+YZ. By ourassumption, there exists some such that

  12. Modifying Encrypted Data in a Communication Efficient Way (cont.) • Protocol: ModifyU,S(l, α) where l and α are private input to U. • U compute i*, j* as the coordinates of l (i.e., i* and j* are quotient and remainder of l/n, respectively) • U sends to S where all values are encrypted under Apublic. • S computes for all , and replaces each cij with the corresponding resulting ciphertext. 每一次修改都對所有的Cij作修改,因此,可以簡易看出保有私密性

  13. Introduction • Tools • Definition • Main Construction

  14. Definition • 參數: • X: message sending parties. • Y: message receiving party. • S: server/storage provider • 定義: • KeyGen(1S): 產生公密鑰對 • SendX,S(M, K, Apublic) • RetrieveY,S(w, Aprivate)

  15. Introduction • Tools • Definition • Main Construction

  16. Main Construction • S maintains in its storage space encryptions of the buffers, denote these encryptions • For , we defined • KeyGen(k) :Run K(1s), generate Apublic and Aprivate.

  17. SendX,S(M, K, Apublic) ε(M) Server/Storage Sender ρ γcopies of the address ρ ρ ρ ε(M) M + K ρ ρ ρ ρ Message buffer Bloom filter buffer

  18. RetrieveY,S(w, Aprivate) PIR query Server/Storage Receiver PIR query, L ε(M) 解密 Message buffer Bloom filter buffer

More Related