DURASIFT

Abstract

Several important lines of research have been geared toward the ability to search on encrypted data. Techniques such as Symmetric Searchable Encryption (SSE), Private Information Retrieval (PIR), Oblivious RAM (ORAM) and more have been introduced to allow a client to privately query a server for their desired contents. However, most traditional works focus on the setting where the server (or servers) are reliable. On the other hand, research in secure multiparty computation (MPC) and verifiable secret sharing (VSS) have classically solved the issue of how arbitrary computations can be carried out unabated even in the presence of malicious parties. As powerful as they are, they tend to be far less efficient when used in the context of private queries into a database. In this work, we propose a new solution that provides a multi-client, distributed database system that is both private and survivable against server outages, and furthermore allows clients to query a corpus of private documents and receive a sanitized response, while hiding the documents, queries and policies from the servers executing the query, and hiding the policies and redacted documents from the client. Our scheme is built using a combination of secure multiparty computation (MPC) and private information retrieval (PIR), but is highly optimized to be efficient for real-world use on moderate sized databases of unstructured, tagged text documents. Our system supports queries that are boolean formulas of keywords, and as our system is based on MPC and PIR, it does not leak query metadata (e.g., the servers cannot recognize repeated queries for the same document). The system supports multiple owners (who can upload documents and set access policies), multiple clients (who can make queries), and multiple servers who execute the queries.