Abstract
Private information retrieval (PIR) is a database query protocol that provides user privacy in that the user can learn a particular entry of the database of his interest but his query would be hidden from the data centre. Symmetric private information retrieval (SPIR) takes PIR further by additionally offering database privacy, where the user cannot learn any additional entries of the database. Unconditionally secure SPIR solutions with multiple databases are known classically, but are unrealistic because they require long shared secret keys between the parties for secure communication and shared randomness in the protocol. Here, we propose using quantum key distribution (QKD) instead for a practical implementation, which can realise both the secure communication and shared randomness requirements. We prove that QKD maintains the security of the SPIR protocol and that it is also secure against any external eavesdropper. We also show how such a classical-quantum system could be implemented practically, using the example of a two-database SPIR protocol with keys generated by measurement device-independent QKD. Through key rate calculations, we show that such an implementation is feasible at the metropolitan level with current QKD technology.
Highlights
With the rising concern of personal data privacy, users of digital services may not want their preferences or selections to be revealed to service providers
This can be achieved with private information retrieval (PIR), where users can access specific entries of a database held by the service provider at a data centre without revealing his or her entry selection [1]
We examine the performance of the symmetric private information retrieval (SPIR) protocol based on the type of database it can send for a fixed number of signals sent to establish the quantum key distribution (QKD) key, N, and for fixed distances, d
Summary
With the rising concern of personal data privacy, users of digital services may not want their preferences or selections to be revealed to service providers. In some occasions, the service provider or data centre may not want to reveal more information about the database than what is necessary, i.e., than what should have been given to the user Such a setting is common in pay-per-access platforms such as iTunes and Google Play, or in more sensitive environments where the service provider has to secure the information of other database entries, like in the case for medical records retrieval and biometrics authentication [4]. To provide for this additional security requirement (i.e., database privacy), one may employ symmetric private information retrieval (SPIR), a sort of two-way secure retrieval scheme first introduced by Gertner et al [5]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
