Research And Implementation Of Key Technology Of Private Information Retrieval Based On Secure Cloud

With the development of the Internet, information interaction and mutual cooperation through Internet among individuals and companies are becoming more and more important. Meanwhile, the fast progress of cloud computing accelerates data interaction in the Internet greatly. However, retrieval of sensitive data from database or cloud services, such as stock quotes, patent databases, and medical databases, invokes concerns on user privacy exposure.The first formal notion of PIR was defined by Chor et al. in 1995. In their formalization, a database D is modeled as an array with N records, i.e., D D,.., D, ?, D, and D denotes the i-th record, where 1 i n. The user sends a query Q(i) to server through secure channel, the server should send D back to the user without knowing i and D. The exisiting research on PIR protocols can be categorized into information-theoretic PIR(IPIR), computational PIR(CPIR), and secure hardware based PIR(HW-PIR). However, IPIR and CPIR are difficult to implement in real environment for their relatively high communication complexity and computational complexity. Therefore, HW-PIR is becoming a research direction which worth studying.In this thesis, the framework, efficiency, practicability of existing PIR protocols, especially HW-PIR protocols, were studied and analyzed thoroughly. By integrating with secure cloud technique, the applicability of traditional HW-PIR protocol was extended. With the idea of multi-secure cache, which was referred to as Buffer in this thesis, the proposed PIR protocol can not only offer PIR service to multiple users and servers, but remain the optimal communication complexity—O 1. More over, by using the idea of double encryption and double decryption, only once offline process is required, which reduced the periodic offline process tremendously.Last but not least, the proposed PIR protocol was implemented in a secure cloud PIR system by packaging the PIR service through Web Service. The system was deployed in a secure cloud platform, and providing the PIRS interface to multiple users and servers. Therefore, the proposed PIR protocol’s extension in functionality and practicability were proved.