|author||Jacob Wilder <email@example.com>||Thu Oct 27 17:29:38 2016 -0400|
|committer||Jacob Wilder <firstname.lastname@example.org>||Thu Oct 27 17:58:15 2016 -0400|
[PIRK-74] Close Hash Key information leak - closes apache/incubator-pirk#111
Apache Pirk (incubating) is a framework for scalable Private Information Retrieval (PIR). The goal of Pirk is to provide a landing place for robust, scalable, and practical implementations of PIR algorithms.
Please see the Apache Pirk website for documentation.
Pirk is written in Java and currently uses a Maven build system with a single level pom.xml. As such, Pirk may be built via ‘mvn package’.
For convenience, the following POM files are included:
Pirk may be built with a specific pom file via ‘mvn package -f ’
Dependencies can be found in the pom.xml file and include Apache Hadoop, Apache Spark, Apache Storm and Elasticsearch. Currently, Pirk may be utilized in a distributed Hadoop/MapReduce, Storm or Spark framework as well as in standalone mode.
If you are a User, please check out the For Users section of the Pirk website.
If you are a Developer, please check out the For Developers section of the Pirk website.
Private Information Retrieval (PIR) enables a user/entity to privately and securely obtain information from a dataset, to which they have been granted access, without revealing, to the dataset owner or to an observer, any information regarding the questions asked or the results obtained. Employing homomorphic encryption techniques, PIR enables datasets to remain resident in their native locations while giving the ability to query the datasets with sensitive terms.
There are two parties in a PIR transaction - the Querier, the party asking encrypted questions, and the Responder, the party holding the target data and answering encrypted questions (performing encrypted queries).
In Pirk, the Querier is responsible for the following:
Once the Querier generates an encrypted query, it must be sent to the Responder.
In Pirk, the Responder is responsible for the following:
The encrypted query results must be sent from the Responder back to the Querier for decryption.
Pirk employs generic data and query schemas, specified via XML files, that are shared between the Querier and Responder to enable flexible and varied data and query types.
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at (http://www.apache.org/licenses/LICENSE-2.0) Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. See accompanying LICENSE file.
This distribution includes cryptographic software. The country in which you currently reside may have restrictions on the import, possession, use, and/or re-export to another country, of encryption software. BEFORE using any encryption software, please check your country's laws, regulations and policies concerning the import, possession, or use, and re-export of encryption software, to see if this is permitted. See http://www.wassenaar.org/ for more information.
The U.S. Government Department of Commerce, Bureau of Industry and Security (BIS), has classified this software as Export Commodity Control Number (ECCN) 5D002.C.1, which includes information security software using or performing cryptographic functions with asymmetric algorithms. The form and manner of this Apache Software Foundation distribution makes it eligible for export under the License Exception ENC Technology Software Unrestricted (TSU) exception (see the BIS Export Administration Regulations, Section 740.13) for both object code and source code.
The following provides more details on the included cryptographic software:
Apache Pirk implements cryptographic software and is designed for use with the Java Cryptography Architecture (JCA).
Apache Pirk is an effort undergoing incubation at The Apache Software Foundation (ASF), sponsored by the name of Apache TLP sponsor. Incubation is required of all newly accepted projects until a further review indicates that the infrastructure, communications, and decision making process have stabilized in a manner consistent with other successful ASF projects. While incubation status is not necessarily a reflection of the completeness or stability of the code, it does indicate that the project has yet to be fully endorsed by the ASF.