Generalizing PIR for Practical Private Retrieval of Public Data

Private retrieval of public data is useful when a client wants to query a public data service without revealing the specific query data to the server. Computational Private Information Retrieval (cPIR) is able to achieve complete privacy for a client, but is deemed impractical since it involves expensive computation on all the data on the server. Besides, it is inflexible if the server wants to charge the client based on the service data that is exposed. k-Anonymity, on the other hand, is flexible and cheap for anonymizing the querying process, but is vulnerable to privacy and security threats. In this paper, we propose a practical and flexible approach for the private retrieval of public data called Bounding-Box PIR (bbPIR). Using bbPIR, a client specifies both privacy requirement and service charge budget. The server satisfies the client’s requirements, and at the same time achieves overall good performance in terms of computation and communication costs. bbPIR generalizes cPIR and k-Anonymity in that the bounding box can include as much as all the data on the server or as little as just k data items. The effectiveness of bbPIR compared to cPIR and k-Anonymity is verified using extensive experimental evaluation.