Paper 2023/1804
Fully Malicious Authenticated PIR
Abstract
Authenticated PIR enables a server to initially commit to a database of $N$ items, for which a client can later privately obtain individual items with complexity sublinear in $N$, with the added guarantee that the retrieved item is consistent with the committed database. A crucial requirement is privacy with abort, i.e., the server should not learn anything about a query even if it learns whether the client aborts. This problem was recently considered by Colombo et al. (USENIX '23), who proposed solutions secure under the assumption that the database is committed to honestly. Here, we close this gap for their DDH-based scheme, and present a solution that tolerates fully malicious servers that provide potentially malformed commitments. Our scheme has communication and client computational complexity $\mathcal{O}_{\lambda}(\sqrt{N})$, does not require any additional assumptions, and does not introduce heavy machinery (e.g., generic succinct proofs). We do so by introducing validation queries, which, from the server's perspective, are computationally indistinguishable from regular PIR queries. Provided that the server succeeds in correctly answering $\kappa$ such validation queries, the client is convinced with probability $1-\frac{1}{2^\kappa}$ that the server is unable to break privacy with abort.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- A minor revision of an IACR publication in CRYPTO 2024
- Keywords
- PIRPrivate Information Retrieval
- Contact author(s)
-
mariand @ cs washington edu
tessaro @ cs washington edu - History
- 2024-06-05: last of 2 revisions
- 2023-11-22: received
- See all versions
- Short URL
- https://ia.cr/2023/1804
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1804, author = {Marian Dietz and Stefano Tessaro}, title = {Fully Malicious Authenticated {PIR}}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1804}, year = {2023}, url = {https://eprint.iacr.org/2023/1804} }