Publish/Subscribe systems like Twitter and Reddit let users communicate with many recipients without requiring prior personal connections. The content that participants of these systems publish and subscribe to is typically public, but they may nevertheless wish to remain anonymous. While many existing systems allow users to omit explicit identifiers, they do not address the obvious privacy risks of being associated with content that may contain a wide range of sensitive information. We present 2PPS (Twice-Private Publish-Subscribe), the first pub/sub protocol to deliver strong provable privacy protection for both publishers and subscribers, leveraging Distributed Point Function-based secret sharing for publishing and Private Information Retrieval for subscribing. 2PPS does not require trust in other clients and its privacy guarantees hold as long as even a single honest server participant remains. Furthermore, it is scalable and delivers latency suitable for microblogging applications. A prototype implementation of 2PPS can handle 100,000 concurrent active clients with 5 seconds end-to-end latency and significantly lower bandwidth requirements than comparable systems.
翻译:虽然许多现有系统允许用户略去明确的识别信息,但它们并没有解决与可能包含广泛敏感信息的内容相联系的明显隐私风险。我们提供了两个PPS(双私营发布-订阅),这是第一个为出版商和订户提供强有力的可识别隐私保护的酒吧/子协议,利用分布点基于功能的秘密共享来发布和私人信息检索,供订阅。 2 PPS并不需要信任其他客户,只要只有一个诚实的服务器参与者存在,其隐私保障就能够维持下去。此外,它可以扩展,并且提供适合微博客应用程序的耐久性。2 PPS的原型实施可以处理10万同时同时运行的客户,其端到端的耐久性比可比系统低5秒钟。