IACR News item: 03 November 2013
Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel Rosu, Michael Steiner
ePrint ReportIn this paper we investigate a richer setting in which the data owner
D outsources its data to a server E but D is now interested to allow clients (third parties) to search the database such that clients learn the information D authorizes them to learn but nothing else while E still does not learn about the data or queried values as in the basic SSE setting. Furthermore, motivated by a wide range of applications, we extend this model and requirements to a setting where, similarly to private information retrieval, the client\'s queried values need to be hidden also from the data owner D even though the latter still needs to authorize the query. Finally, we consider the scenario in which authorization can be enforced by the data owner D without D learning the policy, a setting that arises in court-issued search warrants.
We extend the OXT protocol of Cash et al to support arbitrary Boolean queries in all of the above models while withstanding adversarial
non-colluding servers (D and E) and arbitrarily malicious clients,
and while preserving the remarkable performance of the protocol.
Additional news items may be found on the IACR news page.