E2EE Backend part 2: Private Information Retrieval

This is the second post in a series that explores a truly privacy-preserving, end-to-end encrypted backend and client. The goal of this part: a demo that can look up data in an encrypted database without telling the server what you search for.

Why This Matters

Homomorphic encryption lets servers compute on encrypted data. But often you need to fetch specific records first. Normal queries show the server your search terms. That breaks privacy. Private Information Retrieval (PIR) fixes this: The client asks for a value by keyword. The server sends back the match in encrypted form. But the server does not know which keyword you asked for. This pairs well with homomorphic encryption for full zero-knowledge operations.

The Demo: Private Lookup of Contacts

Here is a complete, runnable Swift example using Apple’s open-source HomomorphicEncryption and PrivateInformationRetrieval frameworks (KeywordPIR with MulPir).

// Key parts
let encryptionParams = try EncryptionParameters<Bfv<UInt32>>(from: .n_4096_logq_27_28_28_logt_5)
let context = try Context(encryptionParameters: encryptionParams)
let secretKey = try context.generateSecretKey()
// Setup database with 999 entries
let (keywordParameter, pirParameter, processed, _, _, evaluationKey) = try setupKeywordPirDatabase(keywordValues: keywordDatabase)
// Client: Generate query
let query = try generateQuery(keyword: "Bob12", keywordParameter: keywordParameter, pirParameter: pirParameter, context: context, secretKey: secretKey)
// Server: Compute response
let response = try computeResponse(query: query, keywordParameter: keywordParameter, pirParameter: pirParameter, processed: processed, context: context, evaluationKey: evaluationKey)
// Client: Decrypt
let result = try decryptResponse(response: response, keyword: "Bob12", keywordParameter: keywordParameter, pirParameter: pirParameter, context: context, secretKey: secretKey)
print("Result: \(result ?? "Not found")")

Output

Result for 'Bob12':
Contact: +1-555-0589 | Email: bob12@example.com

Repo: github.com/peterspath/HomomorphicLookup

Why These Parameters?

• Polynomial degree N = 4096 → good for demos; use 8192+ in production for more security
• Plaintext modulus logt_5 → fits small values like contact info
• Coefficient modulus [27, 28, 28] → controls noise for multiplications
• Cuckoo hashing with 2 functions → maps keywords to indices privately The setup takes seconds. Each query processes in under 10 seconds on typical hardware.

How Lookup Works Under the Hood (KeywordPIR)

KeywordPIR uses homomorphic encryption to hide the query. Client hashes the keyword and encrypts a query vector. Server multiplies this by the database matrix homomorphically. Result is the encrypted value at that index. Server sees only ciphertexts. It cannot tell the keyword. We use MulPir for efficient multi-query support and BFV for the encryption scheme. This handles missing keys by returning nil.

Further Reading

• Apple's Swift Homomorphic Encryption
• Apple's PIR Announcement
• Apple's ML + HE Research

Enjoyed this post?

Well, you could share the post with others, follow me with RSS Feeds, send me a comment via email, and/or leave a donation in the Tip Jar.

Tags