CB-cPIR: Code-Based Computational Private Information Retrieval

TL;DR

CB-cPIR is a novel code-based computational PIR scheme that enhances privacy security by addressing vulnerabilities in previous schemes, providing a secure single-server solution rooted in code-based cryptography.

Contribution

This work introduces CB-cPIR, a secure single-server code-based cPIR scheme that fixes known vulnerabilities and compares favorably with lattice-based schemes.

Findings

Addresses vulnerabilities in prior code-based PIR schemes

Provides security based on decoding hardness of random linear codes

Demonstrates competitive performance against lattice-based cPIR schemes

Abstract

A private information retrieval (PIR) scheme is a protocol that allows a user to retrieve a file from a database without revealing the identity of the desired file to a curious database. Given a distributed data storage system, efficient PIR can be achieved by making assumptions about the colluding capabilities of the storage servers holding the database. If these assumptions turn out to be incorrect, privacy is lost. In this work, we focus on the worst-case assumption: full collusion or, equivalently, viewing the storage system virtually as a single honest-but-curious server. We present CB-cPIR, a single-server code-based computational private information retrieval (cPIR) scheme that derives security from code-based cryptography. Specifically, the queries are protected by the hardness of decoding a random linear code. The scheme is heavily inspired by the pioneering code-based cPIR scheme proposed by Holzbaur, Hollanti, and Wachter-Zeh in [Holzbaur et al., "Computational Code-Based Single-Server Private Information Retrieval", 2020 IEEE ISIT] and fixes the vulnerabilities of the original scheme arising from highly probable rank differences in submatrices of the user's query. Recently, a new vulnerability was observed in [Lage, Bartz, "On the Security of a Code-Based PIR Scheme"], a simple modification to the scheme now fixes this vulnerability. For further validation of our scheme, we draw comparisons to the state-of-the-art lattice-based cPIR schemes.