Cryptology ePrint Archive: Report 2021/345

Private Blocklist Lookups with Checklist

Dmitry Kogan and Henry Corrigan-Gibbs

Abstract: This paper presents Checklist, a system for private blocklist lookups. In Checklist, a client can determine whether a particular string appears on a server-held blocklist of strings, without leaking its string to the server. Checklist is the first blocklist-lookup system that (1) leaks no information about the client's string to the server, (2) does not require the client to store the blocklist in its entirety, and (3) allows the server to respond to the client's query in time sublinear in the blocklist size. To make this possible, we construct a new two-server private-information-retrieval protocol that is both asymptotically and concretely faster, in terms of server-side time, than those of prior work. We evaluate Checklist in the context of Google's “Safe Browsing” blocklist, which all major browsers use to prevent web clients from visiting malware-hosting URLs. Today, lookups to this blocklist leak partial hashes of a subset of clients' visited URLs to Google's servers. We have modified Firefox to perform Safe-Browsing blocklist lookups via Checklist servers, which eliminates the leakage of partial URL hashes from the Firefox client to the blocklist servers. This privacy gain comes at the cost of increasing communication by a factor of 3.3×, and the server-side compute costs by 9.8×. Checklist reduces end-to-end server-side costs by 6.7×, compared to what would be possible with prior state-of-the-art two-server private information retrieval.

Category / Keywords: cryptographic protocols / private information retrieval, Safe Browsing

Original Publication (with minor differences): USENIX Security Symposium 2021

Date: received 16 Mar 2021, last revised 3 Jun 2021

Contact author: dkogan at cs stanford edu,henrycg@csail mit edu

Available format(s): PDF | BibTeX Citation

Version: 20210603:224738 (All versions of this report)

Short URL: ia.cr/2021/345


[ Cryptology ePrint archive ]