Comment by ddjsn111
3 years ago
How does the server select the article in a way that we can be sure they don't record the article sent back? Are the articles encrypted on the server too?
3 years ago
How does the server select the article in a way that we can be sure they don't record the article sent back? Are the articles encrypted on the server too?
Yes, in fact the article number is not even decrypted by the server, so the server doesn't know which article you asked for!
How is this not vulnerable to side-channel attacks like disk-access patterns?
Could I, as a malicious server, request myself a target article and correlate that with legitimate user requests?
> With a proper implementation of PIR, the server still needs to scan through the entire encrypted dataset (this is unavoidable, otherwise its I/O patterns would leak information)
https://news.ycombinator.com/item?id=31669370 (not original poster)