Abstract Private Information Retrieval (PIR) is a cryptographic technique that allows Data User (DU) to retrieve data from a SERVER without revealing which specific data item is being accessed. Traditional PIR protocols typically assume that the data is locally stored and directly controlled by Data Owner (DO), but in real-world scenarios, data is often hosted on untrusted third-party SERVERs, making it difficult for DO to effectively restrict the SERVER’s access to their data or control which DU is authorized to retrieve the data. Consequently, malicious SERVERs or unauthorized DU may infringe upon the privacy rights of DO. This paper presents SecOutPIR, a novel outsourced PIR system that addresses two key challenges: privacy preservation for DO and access control for DU. SecOutPIR integrates attribute-based encryption for fine-grained retrieval access control to ensure that only DU with valid retrieval can access the data, while also utilizing a decentralized identity management system based on decentralized identifiers and verifiable credentials to authenticate DU requests. The proposed system ensures that the DO’s data privacy is protected during data storage and retrieval, while also ensuring that only DU with authorized retrieval can make retrieval requests, thus preventing unauthorized access. We provide a detailed description of the system model, security requirements, and an in-depth security analysis. Furthermore, experimental results demonstrate that SecOutPIR significantly enhances the practicality and efficiency of PIR in outsourced settings by enabling fine-grained retrieval access control without degrading query performance. Our implementation demonstrates that the SERVER reply time increases with the dataset size, from 82.5 ms (1000 entries) to 113.8 ms (2000 entries) and 199.6 ms (5000 entries), while the query generation time remains approximately constant at around 2.0 ms.

We consider the problem of designing a Private Information Retrieval (PIR) scheme for n files replicated on k servers that can collude and return incorrect answers. Our goal is to correctly retrieve a specific message while keeping its identity private from the database servers. We focus on minimizing download costs and propose PIR schemes with minimal download costs and the smallest file size (proportional to the number of involved servers). Motivated by the possible presence of stragglers, we extend our previous conference results and propose a scheme in which the number of participating servers may vary.

The vehicle drivers pose a huge problem in determining an optimal parking space as the density of vehicles in big cities have rapidly increased over the recent years. This objective of drivers towards the identification of parking availability causes traffic congestion, time wastage and air toxicity. At this juncture, the smart parking systems enable the drivers to reserve parking spaces and achieve real time parking information. But, most of state-of-the art smart parking solutions call for requiring drivers to disclose potentially sensitive information, such as their intended destination. In addition, the chances of single point failure are maximized as the available due to their total centralization smart parking solutions are quite susceptible to privacy invasions by the service providers. In this paper, Efficiency of a Smart Parking System in Privacy-Preserving using Multi Transaction Mode Consortium blockchain. This private information retrieval scheme is proposed with the benefits of enhanced multi-transaction mode consortium blockchain which is built by various parking lot proprietors for maximizing parking offers through the inclusive factors of accessibility, openness, and security. It is proposed to covertly retrieve parking offers from the improved multi-transaction mode consortium blockchain in order to protect drivers’ location privacy. It also included the merits of light-weighted quantum blind signature for guaranteeing the drivers with a significant anonymous authentication process that aids in determining the feasibility and available parking slot reservation. The results confirmed the predominance of the proposed private information retrieval scheme with respect to the maximized privacy preservation of drivers’ sensitive information with minimized communication and computation overheads.

ABSTRACT To address the issues of high computational overhead, poor real‐time performance, and excessive focus on location privacy while neglecting query privacy in existing Internet of Vehicles (IoV) Location‐Based Services (LBS) privacy protection schemes. This research proposes a joint protection scheme for location and query privacy in IoV LBS based on a subspace‐optimized PIR algorithm. This scheme integrates keyword‐based Private Information Retrieval (PIR) protocols with the BFV fully homomorphic encryption algorithm to protect the privacy of user query content and access patterns, preventing the server and attackers from obtaining specific queries or feedback results. Furthermore, the scheme introduces R‐tree spatial indexing and Order‐Preserving Encryption (OPE) algorithms, optimizing global search into subspace search, thereby reducing the computational complexity of PIR from O(N) to O(logN) and improving efficiency. Security analysis demonstrates excellent performance in query privacy protection and resistance to malicious attacks. Performance tests reveal that the overall computational overhead is reduced by approximately 80% compared to existing typical solutions, significantly enhancing system efficiency under strong privacy protection, making it suitable for resource‐constrained and high real‐time‐demand environments in IoV LBS applications.

ABSTRACT Quantum private query (QPQ) as the quantum version of the symmetrically private information retrieval problem, is recognized as a new quantum cryptographic protocol with great practical potential. Compared to classical schemes, QPQ protocols provide higher security and lower complexity. However, most of the existing protocols are polarization encoding ones, which are incompatible with current optical fiber communication quantum networks. Moreover, the high demands for quantum capabilities and the scarcity of affordable quantum resources present challenges. This paper proposes a QPQ protocol with phase encoding of two‐way communication, enhancing the stability and reducing quantum resources expenditure. The security analysis demonstrates that this protocol is capable of effectively resisting several common attacks, safeguarding the privacy security of the database and user. Furthermore, the protocol has the potential to be implemented in existing phase‐encoding quantum systems, promoting progress in the practical application of QPQ.

We consider the problem of privately updating a message out of K messages from N replicated and non-colluding databases where a user has an outdated version of the message W^θ of length L bits that differ from the current version Wθ in at most f bits. The user also has a cache containing coded combinations of the K messages (with a pre-specified structure), which are unknown to the N databases (unknown prefetching). The cache Z contains ℓ linear combinations from all K messages in the databases with r=lL being the caching ratio. The user needs to retrieve Wθ correctly using a private information retrieval (PIR) scheme without leaking information about the message index θ to any individual database. Our objective is to jointly design the prefetching (i.e., the structure of said linear combinations) and the PIR strategies to achieve the least download cost. We propose a novel achievable scheme based on syndrome decoding where the cached linear combinations in Z are designed to be bits pertaining to the syndrome of Wθ according to a specific linear block code. We derive a general lower bound on the optimal download cost for 0≤r≤1, in addition to achievable upper bounds. The upper and lower bounds match for the cases when r is exceptionally low or high, or when K=3 messages for arbitrary r. Such bounds are derived by developing novel cache-aided arbitrary message length PIR schemes. Our results show a significant reduction in the download cost if f<L2 when compared with downloading Wθ directly using typical cached-aided PIR approaches.

Private Information Retrieval (PIR) permits clients to query data entries from a public database hosted on untrusted servers while preserving client privacy. Traditional PIR models suffer from high computation and/or bandwidth overhead due to linear database processing. Recently, Online-Offline PIR (OO-PIR) has been proposed to improve PIR practicality by precomputing query-independent materials to accelerate online access. While state-of-the-art OO-PIR schemes (e.g., S&amp;P’24, CRYPTO’23) successfully reduce online processing cost to sublinear levels, they still impose substantial bandwidth and storage burdens on the client, especially when operating on large databases. In this paper, we propose Pirex, a new two-server OO-PIR scheme with semi-honest security that offers minimal client-side inbound bandwidth and storage costs while retaining sublinear processing efficiency. The Pirex design is simple, with most operations being naturally low-cost and streamlined (e.g., XOR, PRF, modular arithmetic). We have fully implemented Pirex and evaluated its real-world performance using commodity hardware. Our results show that Pirex outperforms existing OO-PIR schemes by at least two orders of magnitude. With a 1 TB database, Pirex takes only 55 ms to retrieve a 4 KB entry, compared to 9–30 seconds for state-of-the-art approaches. For practical databases with billions of 4 KB entries, Pirex requires just 16 KB of inbound bandwidth—up to three orders of magnitude more efficient.

We present Argos, a simple approach for adding verifiability to fully homomorphic encryption (FHE) schemes using trusted hardware. Traditional approaches to verifiable FHE require expensive cryptographic proofs, which incur an overhead of up to seven orders of magnitude on top of FHE, making them impractical. With Argos, we show that trusted hardware can be securely used to provide verifiability for FHE computations, with minimal overhead relative to the baseline FHE computation. An important contribution of Argos is showing that the major security pitfall associated with trusted hardware, microarchitectural side channels, can be completely mitigated by excluding any secrets from the CPU and the memory hierarchy. This is made possible by focusing on building a platform that only enforces program and data integrity and not confidentiality (which is sufficient for verifiable FHE, since all data remain encrypted at all times). All secrets related to the attestation mechanism are kept in a separate coprocessor (e.g., a TPM)---inaccessible to any software-based attacker. Relying on a discrete TPM typically incurs significant performance overhead, which is why (insecure) software-based TPMs are used in practice. As a second contribution, we show that for FHE applications, the attestation protocol can be adapted to only incur a fixed cost. Argos requires no dedicated hardware extensions and is supported on commodity processors from 2008 onward. Our prototype implementation introduces 3% overhead for FHE evaluation, and 8% for more complex protocols. In particular, we show that Argos can be used for real-world applications of FHE, such as private information retrieval (PIR) and private set intersection (PSI), where providing verifiability is imperative. By demonstrating how to combine cryptography with trusted hardware, Argos paves the way for widespread deployment of FHE-based protocols beyond the semi-honest setting, without the overhead of cryptographic proofs.

With increasing demands for privacy, it becomes necessary to protect sensitive user query data when accessing public key-value databases. Existing Private Information Retrieval (PIR) schemes provide full security but suffer from poor scalability, limiting their applicability in large-scale deployment. We argue that in many real-world scenarios, a more practical solution should allow users to flexibly determine the privacy levels of their queries in a theoretically guided way, balancing security and performance based on specific needs. To formally provide provable guarantees, we introduce a novel concept of distance-based indistinguishability, which can facilitate users to comfortably relax their security requirements. We then design Femur, an efficient framework to securely query public key-value stores with flexible security and performance trade-offs. It uses a space-efficient learned index to convert query keys into storage locations, obfuscates these locations with extra noise provably derived by the distance-based indistinguishability theory, and sends the expanded range to the server. The server then adaptively utilizes the best scheme to retrieve data. We also propose a novel variable-range PIR scheme optimized for bandwidth-constrained environments. Experiments show that Femur outperforms the state-of-the-art designs even when ensuring the same full security level. When users are willing to relax their privacy requirements, Femur can further improve the performance gains to up to 163.9X, demonstrating an effective trade-off between security and performance.

Quantum private information retrieval with lattice-based access authentication

Private set intersection (PSI) enables two parties to jointly compute the intersection of their private sets without revealing any extra information to each other. In this work, we focus on the unbalanced setting where one party (a powerful server) holds a significantly larger set than the other party (a resource-limited client). We present a new protocol for this setting that achieves a better balance between low client-side storage and efficient online processing. We first formalize a general framework to transform Private Information Retrieval (PIR) into PSI with techniques used in prior works. Building upon recent advancements in Private Information Retrieval (PIR), specifically the SimplePIR construction (Henzinger et al., USENIX Security'23), combined with our tailored techniques, our construction shows a great improvement in online efficiency. Concretely, when the client holds a single element, our protocol achieves more than 100 × faster computation and over 4 × lower communication compared to the state-of-the-art unbalanced PSI based on leveled fully homomorphic encryption (Chen et al., CCS'21). The client-side storage is only in the order of tens of megabytes, even for a gigabyte-sized set on the server. Moreover, since the framework is generic, any future improvement in PIR can further improve our construction.

Symmetric private information retrieval (SPIR) protocol is proposed for users to retrieve items from a database holder without revealing the retrieval address, and meanwhile the users cannot learn any additional entries of the database. Quantum key distribution (QKD)-based quantum private queries (QPQs) are the most practical protocols for the SPIR problem. However, most existing protocols assume ideal devices. To overcome this drawback, we propose a device independent QPQ protocol based on QKD with imperfect sources and detectors. By constructing the semi-definite programming optimization problem, we give the CHSH test threshold and prove the correctness of our protocol. We use the shift and permutation post-processing technique to further improve the security. We compare the performance of our protocol with a recent full device-independent QPQ. and discuss their relative advantages. The simulation results show that our protocol improves database security, user privacy and efficiency. The number of final key bits that Alice knows is close to 1, and Bob’s guessing probability is below 0.15 in our protocol. Moreover, the proposed scheme can be used for any entanglement-based QPQ protocol to remove trust on the devices.

Private information retrieval (PIR) enables a client to retrieve a specific element from a server’s database without disclosing the index that was queried. This work introduces three improvements to the efficient single-server PIR protocol Spiral. We found that performing a modulus switching towards expanded ciphertexts can improve the server throughput. Secondly, we apply two techniques called the composite NTT algorithm and approximate decomposition to Spiral to further improve it. We conduct comprehensive experiments to evaluate the concrete performance of our protocol, and the results confirm an approximately 1.7 times faster overall throughput than Spiral.

A communication-efficient protocol is introduced over a many-to-one quantum network for Q-E-B-MDS-X-TPIR, i.e., quantum private information retrieval with MDS-$X$-secure storage and $T$-private queries. The protocol is resilient to any set of up to $E$ unresponsive servers (erased servers or stragglers) and any set of up to $B$ Byzantine servers. The underlying coding scheme incorporates an enhanced version of a Cross Subspace Alignment (CSA) code, namely a Modified CSA (MCSA) code, into the framework of CSS codes. The error-correcting capabilities of CSS codes are leveraged to encode the dimensions that carry desired computation results from the MCSA code into the error space of the CSS code, while the undesired interference terms are aligned into the stabilized code space. The challenge is to do this efficiently while also correcting quantum erasures and Byzantine errors. The protocol achieves superdense coding gain over comparable classical baselines for Q-E-B-MDS-X-TPIR, recovers as special cases the state of art results for various other quantum PIR settings previously studied in the literature, and paves the way for applications in quantum coded distributed computation, where CSA code structures are important for communication efficiency, while security and resilience to stragglers and Byzantine servers are critical.

Weakly Private Information Retrieval from Heterogeneously Trusted Servers

Poster: VeilPIR: A Lightweight Private Information Retrieval Protocol for Enhancing Data Privacy in IoT Ecosystems

Abstract Quantum private query (QPQ) is the quantum version for symmetrically private information retrieval. However, the user privacy in QPQ is generally guarded in the delayed and cheat-sensitive way. That is, the dishonest database holder Bob’s cheating to elicit user privacy can only be discovered after the protocol is finished (when the user finds some errors in the retrieved database item). Such delayed detection may cause very unpleasant results for the user Alice in real-life applications. Without the realtime conscious of privacy leaking, Alice may make faulty decisions according to the received faulty item and suffer great loss. Worse yet, it is difficult for Alice to accuse a dishonest database to any one else though she can detect the cheating. Current efforts to protect user privacy in realtime in existing QPQ protocols mainly use two techniques, i.e. adding an honesty checking on the database or allowing the user to reorder the qubits. We reexamine these two kinds of QPQ protocols and find neither of them can work very well. We give concrete cheating strategies for both participants and show that honesty checking of inner participant should be dealt more carefully in for example the choosing of checking qubits. Finally, we give an idea to realize realtime detection of dishonest database in QPQ of blocks (i.e. multi-bit database items).

Abstract The generative Artificial Intelligence (AI) tools based on Large Language Models (LLMs) use billions of parameters to extensively analyse large datasets and extract critical information such as context, specific details, identifying information, use this information in the training process, and generate responses for the requested queries. The extracted data also contain sensitive information, seriously threatening user privacy and reluctance to use such tools. This article proposes the conceptual model called PrivChatGPT, a privacy‐preserving model for LLMs consisting of two main components, that is, preserving user privacy during the data curation/pre‐processing and preserving private context and the private training process for large‐scale data. To demonstrate the applicability of PrivChatGPT, it is shown how a private mechanism could be integrated into the existing model for training LLMs to protect user privacy; specifically, differential privacy and private training using Reinforcement Learning (RL) were employed. The privacy level probabilities are associated with the document contents, including the private contextual information, and with metadata, which is used to evaluate the disclosure probability loss for an individual's private information. The privacy loss is measured and the measure of uncertainty or randomness is evaluated using entropy once differential privacy is applied. It recursively evaluates the level of privacy guarantees and the uncertainty of public databases and resources during each update when new information is added for training purposes. To critically evaluate the use of differential privacy for private LLMs, other mechanisms were hypothetically compared such as Blockchain, private information retrieval, randomisation, obfuscation, anonymisation, and the use of Tor for various performance measures such as the model performance and accuracy, computational complexity, privacy vs. utility, training latency, vulnerability to attacks, and resource consumption. It is concluded that differential privacy, randomisation, and obfuscation can impact the training models' utility and performance; conversely, using Tor, Blockchain, and Private Information Retrieval (PIR) may introduce additional computational complexity and high training latency. It is believed that the proposed model could be used as a benchmark for privacy‐preserving LLMs for generative AI tools.

Quantum private information retrieval (QPIR) for quantum messages is a quantum communication task, in which a user retrieves one of the multiple quantum states from the server without revealing which state is retrieved. In the one-server setting, we find an exponential gap in the communication complexities between the presence and absence of prior entanglement in this problem with the one-server setting. To achieve this aim, as the first step, we prove that the trivial solution of downloading all messages is optimal under QPIR for quantum messages, which is a similar result to that of classical PIR but different from QPIR for classical messages. As the second step, we propose an efficient one-server one-round QPIR protocol with prior entanglement by constructing a reduction from a QPIR protocol for classical messages to a QPIR protocol for quantum messages in the presence of prior entanglement.

We consider the problem of multi-access cacheaided multi-user Private Information Retrieval (MuPIR). In this problem, several files are replicated across multiple servers. There are K users and C cache nodes. Each user can access L cache nodes, and every cache node can be accessed by several users. Each user wants to retrieve one file from the servers, but the users don't want the servers to know their demands. Before the users decide their respective demands, servers will fill the cache nodes from the content of the files. Users will then request their desired files from the servers. Servers will perform coded transmissions, and all the users should get their desired files from these transmissions and the content placed in the caches they are accessing. It is required that any individual server should not get any information about the demands of the users. This problem is an extension of the dedicated cache-aided MuPIR problem, which itself generalizes the widely studied single user PIR setup. In this paper, we propose a MuPIR scheme which utilizes a multi-access setup of the coded caching problem. The presented scheme is order optimal when K = C L users. We also characterize the rate of the scheme for the special case of cyclic wraparound multi-access setup, where C = K and each user access L consecutive cache nodes in cyclic wraparound fashion.