Sub-linear Privacy-preserving Search with Untrusted Server and Semi-honest Parties.

Privacy-preserving Near-neighbor search (PP-NNS) is a well-studied problem in the literature. The overwhelming growth in the size of current datasets and the lack of any truly secure server in the online world render the existing solutions impractical either due to their high computational requirements or the non-realistic assumptions which potentially compromise privacy. PP-NNS with multiple (semi-honest) data owners having query time sub-linear in the number of users has been proposed as an open research direction. In this paper, we provide the first such algorithm which has a sub-linear query time and the ability to handle semi-honest (honest but curious) parties. Our algorithm can further manage the situation where a large chunk of the server information is being compromised. Probabilistic embedding based on Locality Sensitive Hashing (LSH) is the algorithm of choice for sub-linear near-neighbor search in high dimensions. However, we show that LSH is not suitable for semi-honest setting, and particularly when the server information is compromisable. LSH allows estimation of any pairwise distances between users, which can be easily compromised to learn user attributes using the idea of triangulation. We suggest a novel methodology which overcomes this LSH vulnerability. At the heart of our proposal lies a secure probabilistic embedding scheme generated from a novel probabilistic transformation over appropriate LSH family. Our secure embeddings combined with advances in multi-party computation result in an efficient PP-NNS algorithm suitable for massive-scale datasets without strong assumptions on the behavior of parties involved. We demonstrate the validity of our claims by experimentally showing the effectiveness of our solution in hiding the sensitive variables in medical records without compromising the precision-recall of the retrieval.