基于同态加密的单服务器隐私信息检索综述

王梓晗; 赵路坦; 王志伟; 孟丹; 侯锐

引用本文：

王梓晗,赵路坦,王志伟,孟丹,侯锐.基于同态加密的单服务器隐私信息检索综述[J].信息安全学报,已采用 [点击复制]
wangzihan,zhaolutan,wangzhiwei,mengdan,hourui.A Survey on Single-Server Private Information Retrieval Based on Homomorphic Encryption[J].Journal of Cyber Security,Accept [点击复制]

本文已被：浏览 79次下载 0次
基于同态加密的单服务器隐私信息检索综述
王梓晗¹, 赵路坦¹, 王志伟¹, 孟丹², 侯锐¹
0 字体:加大+\|默认\|缩小-
(1.中国科学院信息工程研究所网络空间安全防御重点实验室;2.中国科学院信息工程研究所)

摘要:

隐私信息检索（Private Information Retrieval, PIR）是一种在不暴露用户查询目标的前提下，从服务器中获取目标数据的隐私保护技术，在金融、医疗、云服务等诸多领域都有着广泛的应用前景。近年来，基于同态加密的单服务器PIR协议因其不需要依赖“多个服务器之间互不共谋”这一强安全假设，避免了多服务器场景中难以实现的信任问题，从而更易于在实际场景中部署，成为研究热点。然而，单服务器PIR协议要求数据库中每个元素都参与运算以保证隐私性，而同态加密运算涉及大量的大整数或多项式计算，这些计算的效率比明文计算低4到6个数量级，导致单服务器PIR协议在实际应用中的效率难以满足需求。为了应对这一挑战，近年来众多旨在提升PIR整体性能的研究被提出。本文系统回顾了单服务器PIR技术的发展历程，总结了主要研究进展及其演变过程。针对现有研究中缺乏系统性评估框架，导致难以全面分析PIR方案性能优势的问题，本文提出了一种综合性的性能评估框架。该框架从离线和在线阶段的通信、计算和存储角度，对典型PIR协议进行全面评估，并深入分析了各个阶段开销之间的权衡问题。具体而言，框架能够分别从离线和在线两个阶段，对通信、计算和存储需求，以及硬件支持、并行化指令和批处理能力等多个维度，对PIR协议的性能进行评估。进一步地，本文总结了现有基于同态加密的单服务器PIR协议，详细剖析了该类协议所解决的技术瓶颈及其适应性方面的不足，探讨了PIR在多样化应用场景下的变种方案。最后，本文展望了隐私信息检索技术的未来研究方向及发展趋势。

关键词: 隐私信息检索，同态加密，隐私保护

DOI：

投稿时间：2024-12-12修订日期：2025-03-26

基金项目:国家重点基础研究发展计划（973计划）,国家自然科学基金项目（面上项目，重点项目，重大项目）,中国科学院战略性先导科技专项

A Survey on Single-Server Private Information Retrieval Based on Homomorphic Encryption

wangzihan¹, zhaolutan¹, wangzhiwei¹, mengdan², hourui¹

(1.Key Laboratory of Cyberspace Security Defense, Institute of Information Engineering, CAS;2.Institute of Information Engineering, CAS)

Abstract:

Private Information Retrieval (PIR) is a privacy-preserving technique that allows users to retrieve target data from a database without revealing their query, with broad applications finance, healthcare, and cloud services. Recent single-server PIR protocols based on homomorphic encryption have gained attention due to their avoidance of the strong "no collusion among servers" security assumption, addressing trust issues in multi-server scenarios and enabling easier deployment. However, these protocols require each database element to participate in computations to ensure privacy, and the homomorphic encryption operations involve large integer or polynomial calculations, resulting in 4 to 6 orders of magnitude lower efficiency compared to plaintext computations, making them impractical for real-world use. To address this, numerous studies have been proposed to improve PIR performance. This paper systematically reviews the development of single-server PIR technology, proposes a comprehensive performance evaluation framework, which evaluates PIR protocols from the perspectives of communication, computation, and storage in both offline and online phases, as well as hardware support, parallelization instructions, and batch processing capabilities. Furthermore, it discusses existing technical bottlenecks and explores PIR variants for diverse application scenarios. Finally, it outlines future research directions for PIR technology.

Key words: Private Information Retrieval, Homomorphic Encryption, Privacy Preserving