Percy++ / PIR in C++

What is Percy++?

Percy++ is an implementation of the private information retrieval (PIR) protocols from the papers:

Briefly, private information retrieval is the task of fetching a block of data from a database server (or a group of distributed servers) without the server(s) learning which block it was that you were interested in.

These protocols provide t-private v-Byzantine-robust τ-independent k-out-of-l private information retrieval. This means:

there are l distributed database servers, and we only need to receive replies from k of them (the rest might be down, overloaded, unreachable, etc.)
no coalition of up to t servers receives any information at all about the block you are interested in
up to v of the servers that do reply might give incorrect answers; we will want to detect which servers did that, and to determine the correct database block
the database is split between the servers so that no coalition of up to τ of them can determine the contents of the database itself (τ=0 means all the servers just have a complete copy of the database)

All of the above are "information-theoretic"; that is, the protections hold even if the servers have unlimited computational power, so long as no more than t server are colluding to determine the client's query.

Any choice of t, v, τ, k and l will work, so long as they satisfy the following conditions:

This library also supports "computational" PIR, in which there is a single server, and it cannot learn the contents of the query, but the scheme has no robustness. The security of this scheme relies on certain lattice-based cryptographic assumptions.

Finally, it support "hybrid" PIR, which combines an information-theoretic PIR scheme with a computational one in order to hedge against either the non-collusion assumption or the cryptographic assumption being violated.

Percy++ is written in C++, using Victor Shoup's NTL library.

Percy++ is part of the Advanced Crypto Software Collection. Logo Valid XHTML 1.0 Transitional

Ian Goldberg <>