Comment by sp332
3 years ago
Yes, in fact the article number is not even decrypted by the server, so the server doesn't know which article you asked for!
3 years ago
Yes, in fact the article number is not even decrypted by the server, so the server doesn't know which article you asked for!
How is this not vulnerable to side-channel attacks like disk-access patterns?
Could I, as a malicious server, request myself a target article and correlate that with legitimate user requests?
> With a proper implementation of PIR, the server still needs to scan through the entire encrypted dataset (this is unavoidable, otherwise its I/O patterns would leak information)
https://news.ycombinator.com/item?id=31669370 (not original poster)