Private Information Retrieval (PIR) for Network Sensors
Traditional Private Information Retrieval (PIR) implementations focus on a client / database server model where the client has secret information in the database that must be protected even from database administrators. In other words, PIR aims to protect confidentiality and integrity of secret data when it is in the hands of untrusted parties. Critically, PIR schemes must allow for selection of specific records.
The selection of specific records can be understood as a subset of arbitrary computation over the contents of the secret data. Homomorphic encryption makes this possible, but practical, fully homomorphic schemes do not yet exist - a perquisite for arbitrary computation.
Fortunately, much can be done with some subset of arbitrary computation - such as retrieving records from a database.
Narf re-envisioned PIR for application to the network sensors space. Instead of retrieving records from a database, retrieve characteristics of packets and data flows, looking for traffic of interest. What if a government could deploy classified network signatures to untrusted, Unclassified network sensors?
Narf’s delivery is PIR applied to a subset of the Snort signature language, up to and including some regular expression matching.
Contact us for more details.