The creators of the open-source Brave web browser have unveiled FrodoPIR, a new data querying and retrieval system that protects users’ privacy.
The plan, according to the company, is to use the technology to develop a wide variety of use cases, including safe browsing, password scanning against breached databases, certificate revocation checks, and streaming, among others.
The scheme is named FrodoPIR because “the client can perform hidden queries to the server, just as Frodo remained hidden from Sauron,” a reference to J. R. R. Tolkien’s The Lord of the Rings.
PIR, which is an abbreviation for private information retrieval, is a cryptographic protocol that enables users (also known as clients) to retrieve a piece of information from a database server without revealing which element was selected.
In other words, the objective is to be able to query a platform for information (say, cooking videos) without allowing the service provider to infer from a user’s search history in order to offer personalized recommendations or targeted advertisements based on the search criteria.
This can be accomplished through the use of homomorphic encryption, which enables computation to be performed directly on encrypted data without the need for a private key.
However, a common issue with such methods is that they are “expensive in terms of either bandwidth or the amount of time required to process each client query,” making them impractical for real-world applications.
Here is where FrodoPIR comes in. It consists of two phases, an offline preparatory phase and an online phase in which the client sends encrypted queries to the server.
The server then chooses whether to return a positive or negative value based on whether the query was found in the database, without learning what the user is actually searching for.
“In terms of performance for a database of 1 million KB elements, FrodoPIR requires 1 second to respond to a client query, has a server response size blow-up factor of > 3.6x, and the cost to answer client queries is $1,” Brave said in a GitHub description of the project.
Google Releases Two Privacy Enhancing Technologies (PETs)
As part of its ongoing efforts to democratize access to techniques beyond Federated Learning and Differential Privacy, Google has announced that it will open-source two privacy-enhancing technologies (PETs).
In addition, the Fully Homomorphic Encryption (FHE) Transpiler has undergone efficiency enhancements. Magritte is a new machine-learning tool designed to blur objects such as license plates in videos.
The transpiler, also known as a source-to-source compiler or translator, is intended to execute computation-based queries on encrypted data without access to personally identifiable information.
Google noted that the PETs “will provide the broader developer community (researchers, governments, nonprofits, and businesses, among others) with new ways to deploy and improve privacy features in their own work.”
