Private Information Retrieval Scheme Combined with E-Payment in Querying Valuable Information

1. Private Information Retrieval Scheme Combined with E-Payment in Querying Valuable Information Date：2010.01.02 Reporter: Chien-Wen Huang 出處:Innovative Computing, Information and Control (ICICIC), 2009 Fourth International Conference on

2. Introduction 1 Electronic Cash Approach 2 Conclusions The Proposed Scheme 3 3 3 5 The Security Analysis of the Proposed Scheme 4 4 Outline

3. Introduction • Formally, private information retrieval (PIR) was a general problem of private retrieval of the i-item out of an n item database stored at the server. • SC(a temper-proof device):It prevents information from revealing to anyone or administrator of the server and makes every legal user of the server have their own privacy.

4. Electronic Cash Approach • Untraceable e-CASH payment system presented by Chaum is designed according to RSA public-key system. • Initializing • the bank announces (e, n)and one-way hash function H(), but regards p, q, d as a secret. • Suppose the electronic cash issued by bank is w dollars. • both the customers and the merchants taking part in e-CASH payment system must have accounts in the bank.

5. Withdrawing • The customer wants to withdraw money w dollars from the bank account. • is delivered to the bank for signing. • the bank will withdraw w dollars from customer’s account,and sign α to get blinded cash t to customer. • After receiving the blinded cash, the customer computes • (c, m) is the available e-CASH.

6. Ordering • Before the customer orders some products or has electronic service from online merchant. • the merchant will first verify customer’s ID and then give a bill to the customer asking for his signature to confirm the transaction.(makes sure the transaction is valid)

7. Paying • When database server charges money to customers, they can pay withdrawn e-CASH (c, m)to the merchant. • After receiving e-CASH from customers, the merchant will verify the validity of e-CASH and execute double-spending checking.

8. THE PROPOSED SCHEME

9. Database 1:stores the roster,ID and personal information of all membership. • Database 2 is a special database (patent or pharmaceutical database) and stores their integrated information(Bi) and price. • Database 3: stores encrypted customers’ identification (ID'), e-cash paid by customers, buying information (Bi) and the encrypted buying information (C').

10. the following notation is used in the description -PKSC: the public key of SC -SKSC: the secret key of SC -PKC: the public key of the customer -SKC: the secret key of the customer -ID: the customer’s identification -ID': the encrypted customer’s identification(by Hash function)

11. -M: the secure message of customer’s identification and buying information -M': the secure message of customer’s identification and buying price created by SC. -C: the secure message of payment created by customers -C': customers pay for the encrypted patent Bi

12. -Bi: the information of customer’s buying -B: the entire information database -D: the digest of Bi -Price: the price of customer’s buying Bi -e-Cash: electronic cash based on blind signature

13. A. Initialization Phase • Customers previously skim over the digest and price of buying information database B. • The customer produces a pair of keys (PKC,SKC) andSCproduces a pair of keys (PKSC,SKSC). • B. Authentication and Purchase Phase • The customer uses public key • The customer delivers encrypted M toSC. • SC receives M,and

14. SC verifies the customer’s ID from Database 1, collates the ID of all the membership and temporarily stores the qualified customers’ID. • SC computes Hash function operation • SC gets the buying information and price from Database 2. The qualified Bi and price willtemporarily store in SC. • SC: to customer. • Customer:

15. C. Payment Phase • Customer: uses the public key PKSC ofSC to encrypt • The customer delivers C to SC • The SC receives and decrypts C • SC will check its validity and whether it is doublespending to the bank.If the eCASH is no problem,the payment phase is finished.

16. D. End Phase • SC: • SC transfers C' to the customer and saves(ID', C', eCASH) of the customer in Database 3. • the customer obtains C’ and decrypts it . • Then the deal of buying information is over.

17. THE SECURITY ANALYSIS OF THE PROPOSED SCHEME • A. The Analysis in the Authentication Phase • The information which transfers between SC and the customer is encrypted by the public-key cryptography. • Because the identity authentication process of the customer is processed in SC,it can protect the user privacy in the authentication phase. • SC gets all the ID from Database 1 and compare to the customer’s ID,Because all the ID of the legal customers are caught into SC(no one including the server knows which customer wants to buy information.)

18. B. The Analysis in the Purchase Phase • SC gets all the information in B and the price to compare with Bi and Price. • Then, keep the match information in SC • Because all information is caught into SC, no one including the server knows what the customer buys.

19. C. The Analysis in the Payment Phase • SC will check its validity and whether it is double-spending to the bank.The bank can only confirm that the eCASH is approved by the bank or not. • For reaching the goal of non-repudiation in the deal • SC saves (ID', C', eCASH) into Database 3. • the secret information C' is encrypted by PKC • So,everyone including the server does not know Bi.

20. CONCLUSIONS • The proposed scheme solves the flaw in the previous PIR schemes which did not consider the e-payment need. • To keep the privacy protection property of PIR schemes, we choose an e-cash scheme using a blind signature. • Let the customer choose a random number r as a blinding factor for protecting his privacy.

21. Thank You !