Privacy-Preserving Publicly Verifiable Databases

Abstract

Verifiable databases (VDB) enables the data owner to outsource a huge unencrypted database to the powerful but untrusted cloud such that any client could later retrieve the database and check whether the cloud returns valid records or not. To the best of our knowledge, there is no prior work considering privacy. Besides, they assume that the data owner and the client are fully trusted while they may be semi-honest in the real world. To address these problems, we propose a new primitive called privacy-preserving publicly verifiable database (PPVDB), which not only guarantees the integrity of the queried result but also leaks no information. At the end of this protocol, the client can check whether the cloud returns a valid result and learns the queried result but nothing else about the database. Besides, the cloud learns nothing about the database and the query, and the data owner does not know which item that the client has queried. Motivated by the comparison among some strawman solutions, we incorporate verifiable computation for the polynomial with oblivious pseudorandom function to construct a PPVDB scheme, which is the first VDB scheme providing stronger security against the malicious cloud and the semi-honest client and data owner.