Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Oblivis: A Framework for Delegated and Efficient Oblivious Transfer

Aydin Abadi, Yvo Desmedt

Abstract

As database deployments shift toward cloud platforms and edge devices, thin clients need to securely retrieve sensitive records without leaking their query intent or metadata to the proxies that mediate access. Oblivious Transfer (OT) is a core tool for private retrieval, yet existing OTs assume direct client-database interaction and lack support for delegated querying or lightweight clients. We present Oblivis, a modular framework of new OT protocols that enable delegated, privacy-preserving query execution. Oblivis allows clients to retrieve database records without direct access, protects against leakage to both databases and proxies, and is designed with practical efficiency in mind. Its components include: (1) Delegated-Query OT, which permits secure outsourcing of query generation; (2) Multi-Receiver OT for merged, cloud-hosted databases; (3) a compiler producing constant-size responses suitable for thin clients; and (4) Supersonic OT, a proxy-based, informationtheoretic, and highly efficient 1-out-of-2 OT. The protocols are formally defined and proven secure in the simulation-based paradigm, under non-colluding assumption. We implement and empirically evaluate Supersonic OT. It achieves at least a 92x speedup over a highly efficient 1-out-of-2 OT, and a 2.6x-106x speedup over a standard OT extension across 200-100,000 invocations. Our implementation further shows that Supersonic OT remains efficient even on constrained hardware, e.g., it completes an end-to-end transfer in 1.36 ms on a Raspberry Pi 4.

Oblivis: A Framework for Delegated and Efficient Oblivious Transfer

Abstract

As database deployments shift toward cloud platforms and edge devices, thin clients need to securely retrieve sensitive records without leaking their query intent or metadata to the proxies that mediate access. Oblivious Transfer (OT) is a core tool for private retrieval, yet existing OTs assume direct client-database interaction and lack support for delegated querying or lightweight clients. We present Oblivis, a modular framework of new OT protocols that enable delegated, privacy-preserving query execution. Oblivis allows clients to retrieve database records without direct access, protects against leakage to both databases and proxies, and is designed with practical efficiency in mind. Its components include: (1) Delegated-Query OT, which permits secure outsourcing of query generation; (2) Multi-Receiver OT for merged, cloud-hosted databases; (3) a compiler producing constant-size responses suitable for thin clients; and (4) Supersonic OT, a proxy-based, informationtheoretic, and highly efficient 1-out-of-2 OT. The protocols are formally defined and proven secure in the simulation-based paradigm, under non-colluding assumption. We implement and empirically evaluate Supersonic OT. It achieves at least a 92x speedup over a highly efficient 1-out-of-2 OT, and a 2.6x-106x speedup over a standard OT extension across 200-100,000 invocations. Our implementation further shows that Supersonic OT remains efficient even on constrained hardware, e.g., it completes an end-to-end transfer in 1.36 ms on a Raspberry Pi 4.
Paper Structure (67 sections, 7 theorems, 20 equations, 10 figures, 7 tables)

This paper contains 67 sections, 7 theorems, 20 equations, 10 figures, 7 tables.

Table of Contents

  1. Introduction
  2. Motivating Scenarios
  3. Proxy-Assisted Access in Financial Systems.
  4. Merged Cloud-Hosted Databases.
  5. Hidden Query Components.
  6. Performance Constraints in Lightweight Clients.
  7. Limitations of Existing Techniques
  8. Lack of Support for Proxy-Based Delegation.
  9. Absence of Multi-Receiver Privacy and Hidden-Query Support.
  10. Constant-Size Responses Without Large Local Storage.
  11. Information-Theoretic OT
  12. Our Contributions
  13. Context and Applications
  14. Preliminaries
  15. Notations and Assumptions
  16. ...and 52 more sections

Key Result

theorem 1

Let $\mathcal{F}_{\mathcal{DQ\text{--}OT}^{ 2}_{ 1}\xspace}$ be the functionality defined in Section sec::sec-def. If Discrete Logarithm (DL), Computational Diffie-Hellman (CDH), and Random Oracle (RO) assumptions hold, then DQ-OT (presented in Figure fig::DQ-OT) securely computes $\mathcal{F}_{\mat

Figures (10)

  • Figure 1: Original OT proposed by Naor and Pinkas Efficient-OT-Naor. In this protocol, the input of ${R}$ is a private binary index $s$ and the input of ${S}$ is a pair of private messages $(m_{ 0}, m_{ 1})$.
  • Figure 2: DQ-OT: Our $1$-out-of-$2$ OT that supports query delegation. The input of ${R}$ is a private binary index $s$, and the input of ${S}$ is a pair of messages $(m_{ 0}, m_{ 1})$. Note, $\mathtt{SS}\xspace$ is the share-generation algorithm, $\mathtt{H}\xspace$ is a hash function, and $\$$ denotes sampling a value uniformly at random.
  • Figure 3: DUQ-OT: Our $1$-out-of-$2$ OT that supports query delegation while preserving the privacy of query from ${R}$. In the protocol, $\mathtt{G}\xspace$ is a hash function, $\pi$ is a random permutation, and $\$$ denotes picking a value uniformly at random.
  • Figure 4: Phases \ref{['phase::s-init']}--\ref{['DUQOT-HT::gen-res']} of ${\text{DUQ}^{ \text{MR}}\text{--}\text{OT}}$.
  • Figure 5: Phases \ref{['DUQOT-HT::oblivius-filter']} and \ref{['DUQOT-HT::message-ext']} of ${\text{DUQ}^{ \text{MR}}\text{--}\text{OT}}$.
  • ...and 5 more figures

Theorems & Definitions (17)

  • definition 1: $\mathcal{DQ\text{--}OT}^{ 2}_{ 1}$
  • definition 2: Efficiency
  • definition 3: Sender-push communication
  • theorem 1
  • definition 4: $\mathcal{DUQ\text{--}OT}^{ 2}_{ 1}$
  • theorem 2
  • definition 5: $\mathcal{DQ^{ MR}\text{--}OT}^{ 2}_{ 1}$
  • lemma 1
  • definition 6: $\mathcal{DUQ^{ MR}\text{--}OT}^{ 2}_{ 1}$
  • theorem 3
  • ...and 7 more