Blindstore - Private Query Database

Image
Description

The project aims to build a proof-of-concept private query database: the database server always returns the correct query results yet proveably doesn't know what the query was. Such a database would have very important applications for privacy, like private search, private peer-to-peer signaling, DNS services, etc.

Suppose the database is a sequence of blocks of bits. The client wants to know the i-th block. She encrypts i in a certain way and sends the encrypted query to the server. The server performs certain computations and sends back an encrypted answer. When the client decrypts it, she gets the plaintext block she asked for.

Protocols like this are called Private Information Retrieval or Oblivious Transfer (*). In a recent 2013 paper Yi, Kaosar, Paulet, Bertino (see references) showed that it is fairly easy to build such a database using a relatively new encryption scheme called fully homomorphic encryption. The construction is quite simple and the prototype is pretty doable in a weekend.

We plan to use the scarab library for fully homomorphic encryption and implement the database server and client prototypes with Python.

Team:

  • Bogdan Kulynych
  • Benjamin Lipp
  • Tommaso Papini
  • Alejandro Avilés
  • Harry Cutts
  • Michał Jabczyński
  • Davide Kirchner
  • José Molina
Goals of the project

Build a proof-of-concept prototype database using existing fully homomorphic encryption library scarab (C with a Python wrapper) based on construction from Yi, Kaosar, Paulet, Bertino paper. Evaluate performance and practicality.

Skills being sought
  • Python
  • Computer security
  • Cryptography

Would really like to have someone with proper cryptography experience or education.

References and background material

Prerequisites: 
Python

Contacts
Bogdan Kulynych: bogdan.kulynych@cern.ch
Benjamin Lipp: benjamin.ernst.lipp@cern.ch