Algorithmic number theory
Oblivious transfer and polynomial evaluation
STOC '99 Proceedings of the thirty-first annual ACM symposium on Theory of computing
Breaking the O(n1/(2k-1)) Barrier for Information-Theoretic Private Information Retrieval
FOCS '02 Proceedings of the 43rd Symposium on Foundations of Computer Science
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
Replication is not needed: single database, computationally-private information retrieval
FOCS '97 Proceedings of the 38th Annual Symposium on Foundations of Computer Science
Private queries in location based services: anonymizers are not necessary
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Computationally private information retrieval with polylogarithmic communication
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
Anonymous spatial query on non-uniform data
Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services
| Hi-index | 0.00 |
Private Information Retrieval (PIR) protocols allow users to learn data items stored at a server which is not fully trusted, without disclosing to the server the particular data element retrieved. Several PIR protocols have been proposed, which provide strong guarantees on user privacy. Nevertheless, in many application scenarios it is important to protect the database as well. In this paper, we investigate the amount of data disclosed by the the most prominent PIR protocols during a single run. We show that a malicious user can stage attacks that allow an excessive amount of data to be retrieved from the server. Furthermore, this vulnerability can be exploited even if the client follows the legitimate steps of the PIR protocol, hence the malicious request can not be detected and rejected by the server. We devise mechanisms that limit the PIR disclosure to a single data item.