Percy++ / PIR in C++

What is Percy++?

Percy++ is an implementation of the Private Information Retrieval (PIR) protocols from the papers:

Briefly, private information retrieval is the task of fetching a block of data from a database server (or group of distributed servers) without the server(s) learning which block it was that you were interested in.

These protocols provide t-private v-Byzantine-robust τ-independent k-out-of-l private information retrieval. This means:

there are l distributed database servers, and we only need to receive replies from k of them (the rest might be down, overloaded, unreachable, etc.)
no coalition of up to t servers receives any information at all about the block you are interested in
up to v of the servers that do reply might give incorrect answers; we will want to detect which servers did that, and to determine the correct database block
the database is split between the servers so that no coalition of up to τ of them can determine the contents of the database itself (τ=0 means all the servers just have a complete copy of the database)

All of the above are "information-theoretic"; that is, the protections hold, even if the servers have unlimited computational power. We can also optionally add l-computationally-private to the list of properties. This gives "hybrid" protection against coalitions of larger than t servers; with this option enabled, coalitions of up to t servers still get no information at all about your query, but even if all l servers collude, they would still have to break a cryptographic problem in order to learn your query.

Any choice of t, v, τ, k and l will work, so long as they satisfy the following conditions:

Percy++ is written entirely in C++, using Victor Shoup's NTL library.

Percy++ is part of the Advanced Crypto Software Collection. Logo Valid XHTML 1.0 Transitional

Ian Goldberg <>