Revisiting Hybrid Private Information Retrieval

Private Information Retrieval (PIR) allows a client to request entries from a public database held by k servers without revealing any information about the requested data to the servers. PIR is classified into two classes: (i) Multi-server PIR protocols where the request is split among k≥2 non-colluding servers, and Single-server PIR protocols where exactly k=1 server holds the database while the query is protected via certain computational hardness assumptions. Devet & Goldberg (PETS'14) showed that both can be combined into one recursive PIR protocol in order to improve the communication complexity. Their hybrid PIR protocol is instantiated with the multi-server PIR protocol of Goldberg (S&P'07) and the single-server PIR protocol by Melchar & Gaborit (WEWoRC'07), resulting in online request runtime speedups and guaranteeing at least partial privacy if the multi-server PIR servers do in fact collude. In this work we show that the hybrid PIR protocol by Devet & Goldberg still has practical relevance by designing a hybrid approach using the state-of-the-art multi-server protocol CIP-PIR (Günther et al., ePrint'21/823) and the single-server protocol SealPIR (Angel et al., S&P'18). Our novel hybrid PIR protocol massively improves the linear communication complexity of CIP-PIR and obtains the strong property of client-independent preprocessing, which allow batch-preprocessing among multiple clients without the clients being involved. We implement and benchmark our protocol and get speedups of ≈4.36× over the original implementation of Devet & Goldberg (8 GiB DB), speedups of ≈26.08× (8 GiB DB) over CIP-PIR, and speedups of ≈11.16× over SealPIR (1 GiB DB).