pith. sign in

arxiv: 2605.21857 · v1 · pith:HUG6JK2Snew · submitted 2026-05-21 · 💻 cs.CR

SPIDER: Two Server Functionality for the Cost of Zero

Ofir Dvir , Kali Hale , Javin Zipkin , Divyakant Agrawal , Dahlia Malkhi This is my paper

Pith reviewed 2026-05-22 06:19 UTC · model grok-4.3

classification 💻 cs.CR
keywords private information retrievalsingle-server PIRdefault database interfacepreprocessingclient hintsprivacy-preserving queriesPIR transformation
0
0 comments X

The pith

SPIDER lets a client privately query a single server using only its standard database interface.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces baseSPIDER as a single-server private information retrieval scheme where the client performs pre-processing and stores hints to support future queries. This matches the asymptotically optimal communication complexity of prior work while improving constant factors, especially for databases with large entries, and uses a conceptually simpler design. SPIDER applies a simple transformation to baseSPIDER so that it works with any default database server that provides no cooperation or extra state. This yields the first single-server PIR that achieves privacy without specialized APIs or protocol-specific interactions beyond normal indexed access, removing deployment barriers for existing systems.

Core claim

The central claim is that a simple transformation of baseSPIDER produces SPIDER, the first single-server PIR construction that operates over a default database interface and requires no cooperation from the server, specialized APIs, auxiliary server state, or protocol-specific interaction beyond conventional indexed access.

What carries the argument

The simple transformation from baseSPIDER to the default server setting, which preserves privacy and correctness while eliminating the need for server modifications.

If this is right

  • Immediate applicability to existing database systems without requiring any changes to the server.
  • Adaptation of three recent PIR solutions to the default-server paradigm using the same transformation.
  • SPIDER exhibits a simpler design than the resulting modified solutions, at the cost of higher client computational work.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Adopting this default-interface approach could simplify integration of private queries into standard cloud storage services.
  • Further optimizations to reduce client computation might make SPIDER competitive with adapted alternatives in practice.
  • Applying similar transformations to other privacy protocols could expand the default-server paradigm beyond PIR.

Load-bearing premise

The simple transformation preserves both privacy and correctness when the server provides only a default database interface with no cooperation or extra state.

What would settle it

Implementing SPIDER on an unmodified real-world database server and confirming that queries succeed correctly while the server learns nothing about which index was accessed.

read the original abstract

We introduce baseSPIDER and SPIDER, private information retrieval (PIR) schemes that embody two technical advancements. The baseSPIDER protocol operates with a single server and a stateful client that performs pre-processing and stores hints for future queries. In this setting, baseSPIDER introduces a new approach that matches the asymptotically optimal communication complexity of state-of-the-art schemes while improving constant factors--an advantage that is particularly significant for databases with large entries. In addition, baseSPIDER offers a conceptually simpler design relative to prior protocols. SPIDER operates over a default database interface and requires no cooperation from the server at any stage. To our knowledge, SPIDER is the first single-server PIR construction of this design, achieving privacy without specialized APIs, auxiliary server state, or protocol-specific interaction beyond conventional indexed access. SPIDER is built via a simple transformation of baseSPIDER to the default server setting, eliminating deployment barriers and enabling immediate applicability to existing systems. This transformation can be applied more broadly to three recent PIR solutions, adapting them for use in the default-server paradigm and yielding solutions of independent interest. SPIDER compares to the resulting modified solutions by exhibiting a simpler design while incurring higher client computational work.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The manuscript introduces baseSPIDER, a single-server PIR protocol with a stateful client that performs pre-processing and stores hints for future queries. It claims to match the asymptotically optimal communication complexity of prior work while improving constant factors (especially for large entries) and providing a conceptually simpler design. SPIDER is obtained via a simple transformation of baseSPIDER that operates over a default database interface with no server cooperation, specialized APIs, or auxiliary state; the authors claim this is the first such single-server PIR construction. The same transformation is applied to three other recent PIR schemes, and SPIDER is compared favorably on design simplicity (at the cost of higher client computation).

Significance. If the privacy and correctness claims hold, the work would meaningfully reduce deployment barriers for single-server PIR by enabling use on unmodified existing database systems. The constant-factor improvements, simpler design, and general transformation technique are potentially valuable for practical PIR adoption. The manuscript's emphasis on operating without protocol-specific server interaction addresses a real obstacle in the field.

major comments (2)
  1. [§4] §4 (Transformation from baseSPIDER to SPIDER): The central claim that the transformation preserves both privacy and correctness when the server exposes only a default indexed-access interface is load-bearing, yet the manuscript provides no formal reduction or argument showing that the sequence of conventional lookups for hint retrieval/refresh and query execution does not leak the client's index to an observer seeing only access patterns and responses. This directly affects the 'first-of-kind' status and the weakest assumption identified in the review.
  2. [§3 and §5] Security model and definitions (throughout, especially §3 and §5): No formal security definitions, threat models, or proofs are supplied for either baseSPIDER or the transformed SPIDER in the default-server setting. The abstract asserts asymptotic optimality, constant-factor gains, and privacy, but without these the central claims cannot be verified and the comparison to prior single-server PIR schemes remains ungrounded.
minor comments (2)
  1. [Abstract] The abstract states that the transformation is applied to 'three recent PIR solutions' but does not name them; listing the specific schemes would aid readers in assessing the broader applicability.
  2. [Notation and preliminaries] Notation for client state, hints, and the default interface could be introduced with a summary table or explicit definitions in an early section to improve readability.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their careful review and valuable comments on our work. We believe the suggested revisions will significantly improve the clarity and rigor of the manuscript, particularly in formalizing the security arguments. Below, we provide point-by-point responses to the major comments.

read point-by-point responses

  1. Referee: [§4] §4 (Transformation from baseSPIDER to SPIDER): The central claim that the transformation preserves both privacy and correctness when the server exposes only a default indexed-access interface is load-bearing, yet the manuscript provides no formal reduction or argument showing that the sequence of conventional lookups for hint retrieval/refresh and query execution does not leak the client's index to an observer seeing only access patterns and responses. This directly affects the 'first-of-kind' status and the weakest assumption identified in the review.

    Authors: We agree that a formal reduction is necessary to rigorously establish that the transformation preserves privacy and correctness under the default indexed-access interface. In the revised manuscript, we will add a detailed argument in Section 4 showing that the sequence of conventional lookups can be simulated without knowledge of the client's index, relying on the security properties of baseSPIDER. This will support the first-of-kind claim by clarifying the assumptions relative to prior single-server PIR schemes. revision: yes

  2. Referee: [§3 and §5] Security model and definitions (throughout, especially §3 and §5): No formal security definitions, threat models, or proofs are supplied for either baseSPIDER or the transformed SPIDER in the default-server setting. The abstract asserts asymptotic optimality, constant-factor gains, and privacy, but without these the central claims cannot be verified and the comparison to prior single-server PIR schemes remains ungrounded.

    Authors: We acknowledge the lack of explicit formal security definitions, threat models, and proofs in the current version. In the revision, we will add formal definitions of the security model and threat model (semi-honest server) in Section 3, along with proofs of privacy and correctness for baseSPIDER and the SPIDER transformation in Section 5. These will ground the claims of asymptotic optimality, constant-factor improvements, and privacy, enabling rigorous comparisons to prior work. revision: yes

Circularity Check

0 steps flagged

No circularity; construction is self-contained

full rationale

The paper presents baseSPIDER as a new single-server PIR protocol with pre-processing and hints, then defines SPIDER via a described transformation to a default database interface. No equations, fitted parameters, or self-citations are quoted that reduce the central privacy/correctness claims to inputs by construction. The transformation is asserted to preserve properties under conventional indexed access, but this is a protocol argument rather than a definitional loop or renamed fit. The work is self-contained against external benchmarks with no load-bearing self-citation chains or ansatzes smuggled from prior author work.

Axiom & Free-Parameter Ledger

0 free parameters · 0 axioms · 0 invented entities

Review performed on abstract only; no free parameters, axioms, or invented entities are identifiable from the provided text.

pith-pipeline@v0.9.0 · 5751 in / 949 out tokens · 40330 ms · 2026-05-22T06:19:36.563524+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

24 extracted references · 24 canonical work pages

  1. [1]

    Addra: Metadata-private voice communication over fully untrusted infrastructure

    Ishtiyaque Ahmad, Yuntian Yang, Divyakant Agrawal, Amr El Abbadi, and Trinabh Gupta. Addra: Metadata-private voice communication over fully untrusted infrastructure. In 15th USENIX Symposium on Operating Systems Design and Implementation (OSDI 21), pages 313–329, July 2021

    work page 2021

  2. [2]

    Reducing the servers computation in private information retrieval: Pir with preprocessing

    Amos Beimel, Yuval Ishai, and Tal Malkin. Reducing the servers computation in private information retrieval: Pir with preprocessing. In Mihir Bellare, editor, Advances in Cryptology — CRYPTO 2000, pages 55–73, Berlin, Heidelberg, 2000. Springer Berlin Heidelberg. ISBN 978-3- 540-44598-2

    work page 2000

  3. [3]

    Cloudflare

    Inc. Cloudflare. Bandwidth by continent worldwide, 2026. URLhttps://radar.cloudflare.com/quality#bandwidth-by-continent. Cloudflare Radar

    work page 2026

  4. [4]

    Private information retrieval with sublinear online time

    Henry Corrigan-Gibbs and Dmitry Kogan. Private information retrieval with sublinear online time. Cryptology ePrint Archive, Paper 2019/1075, 2019. URLhttps://eprint.iacr.org/2019/1075

    work page 2019

  5. [5]

    Single-server private information retrieval with sublinear amortized time

    Henry Corrigan-Gibbs, Alexandra Henzinger, and Dmitry Kogan. Single-server private information retrieval with sublinear amortized time. Cryptology ePrint Archive, Paper 2022/081, 2022. URLhttps://eprint.iacr.org/2022/081

    work page 2022

  6. [6]

    Recsplit: Minimal perfect hashing via recursive splitting

    Emmanuel Esposito, Thomas Mueller Graf, and Sebastiano Vigna. Recsplit: Minimal perfect hashing via recursive splitting. CoRR, abs/1910.06416, 2019. URLhttp://arxiv.org/abs/1910.06416

    work page arXiv 1910

  7. [7]

    Efficient pre-processing pir without public-key cryptography

    Ashrujit Ghoshal, Mingxun Zhou, Elaine Shi, Gregor Leander, and Marc Joye. Efficient pre-processing pir without public-key cryptography. In Advances in Cryptology - EUROCRYPT 2024, volume 14656 of Lecture Notes in Computer Science, pages 210–240. Springer International Publishing AG, Switzerland, 2024. ISBN 3031587502

    work page 2024

  8. [8]

    Zelda: Efficient Multi-server Preprocessing PIR with Unconditional Security, 2025

    Ashrujit Ghoshal, Mingxun Zhou, Bo Peng, and Elaine Shi. Zelda: Efficient Multi-server Preprocessing PIR with Unconditional Security, 2025

    work page 2025

  9. [9]

    Ptrhash: Minimal perfect hashing at ram throughput

    Ragnar Groot Koerkamp. Ptrhash: Minimal perfect hashing at ram throughput. volume 338, pages 21:1–21:21. Schloss Dagstuhl – Leibniz- Zentrum f¨ur Informatik, 2025. doi:10.4230/LIPICS.SEA.2025.21. URLhttps://drops.dagstuhl.de/entities/document/10.4230/ LIPIcs.SEA.2025.21

    work page doi:10.4230/lipics.sea.2025.21 2025

  10. [11]

    PIR with client-side preprocessing: Information-theoretic constructions and lower bounds

    Yuval Ishai, Elaine Shi, and Daniel Wichs. PIR with client-side preprocessing: Information-theoretic constructions and lower bounds. Cryp- tology ePrint Archive, Paper 2024/976, 2024. URLhttps://eprint.iacr.org/2024/976

    work page 2024

  11. [12]

    Near-Optimal Private Information Retrieval with Preprocessing, 2022

    Arthur Lazzaretti and Charalampos Papamanthou. Near-Optimal Private Information Retrieval with Preprocessing, 2022

    work page 2022

  12. [13]

    Learning From Satisfy- ing Assignments Under Continuous Distributions

    Wei-Kai Lin, Ethan Mook, and Daniel Wichs. Doubly Efficient Private Information Retrieval and Fully Homomorphic RAM Computation from Ring LWE. In Proceedings of the 55th Annual ACM Symposium on Theory of Computing, pages 595–608, Orlando FL USA, June 2023. ACM. ISBN 978-1-4503-9913-5. doi:10.1145/3564246.3585175

    work page doi:10.1145/3564246.3585175 2023

  13. [14]

    Faster FHE-Based Single-Server Private Information Retrieval

    Ming Luo, Feng-Hao Liu, and Han Wang. Faster FHE-Based Single-Server Private Information Retrieval. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, pages 1405–1419, Salt Lake City UT USA, December 2024. ACM. ISBN 979-8-4007-0636-3. doi:10.1145/3658644.3690233

    work page doi:10.1145/3658644.3690233 2024

  14. [15]

    Private stateful information retrieval

    Sarvar Patel, Giuseppe Persiano, and Kevin Yeo. Private stateful information retrieval. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, CCS ’18, page 1002–1019, New York, NY, USA, 2018. Association for Computing Machinery. ISBN 9781450356930. doi:10.1145/3243734.3243821. URLhttps://doi.org/10.1145/3243734.3243821

    work page doi:10.1145/3243734.3243821 2018

  15. [16]

    Pthash: Revisiting FCH minimal perfect hashing

    Giulio Ermanno Pibiri and Roberto Trani. Pthash: Revisiting FCH minimal perfect hashing. CoRR, abs/2104.10402, 2021. URLhttps://arxiv. org/abs/2104.10402

    work page arXiv 2021

  16. [17]

    Simple and practical amortized sublinear private information retrieval using dummy sub- sets

    Ling Ren, Muhammad Haris Mughees, and I Sun. Simple and practical amortized sublinear private information retrieval using dummy sub- sets. In Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, pages 1420–1433, New York, NY, USA, 2024. ACM. ISBN 9798400706363

    work page 2024

  17. [18]

    Information-Theoretic Multi-server Private Information Retrieval with Client Preprocessing

    Jaspal Singh, Yu Wei, and Vassilis Zikas. Information-Theoretic Multi-server Private Information Retrieval with Client Preprocessing. In Elette Boyle and Mohammad Mahmoody, editors, Theory of Cryptography, volume 15367, pages 423–450. Springer Nature Switzerland, Cham, 2025. ISBN 978-3-031-78022-6 978-3-031-78023-3. doi:10.1007/978-3-031-78023-3 14

    work page doi:10.1007/978-3-031-78023-3 2025

  18. [19]

    Tor project: Privacy & freedom online, 2026

    The Tor Project. Tor project: Privacy & freedom online, 2026. URLhttps://www.torproject.org/. Accessed: 2026-04-05

    work page 2026

  19. [20]

    Single-Server Client Preprocessing PIR with Tight Space-Time Trade-Off

    Zhikun Wang and Ling Ren. Single-Server Client Preprocessing PIR with Tight Space-Time Trade-Off. In Serge Fehr and Pierre-Alain Fouque, editors, Advances in Cryptology – EUROCRYPT 2025, pages 94–122, Cham, 2025. Springer Nature Switzerland. ISBN 978-3-031-91095-1. doi: 10.1007/978-3-031-91095-1 4

    work page doi:10.1007/978-3-031-91095-1 2025

  20. [21]

    Optimal Single-Server Private Information Retrieval

    Mingxun Zhou, Wei-Kai Lin, Yiannis Tselekounis, and Elaine Shi. Optimal Single-Server Private Information Retrieval. In Carmit Hazay and Martijn Stam, editors, Advances in Cryptology – EUROCRYPT 2023, pages 395–425, Cham, 2023. Springer Nature Switzerland. ISBN 978-3-031- 30545-0. doi:10.1007/978-3-031-30545-0 14

    work page doi:10.1007/978-3-031-30545-0 2023

  21. [22]

    Piano: Extremely simple, single-server PIR with sublinear server computation

    Mingxun Zhou, Andrew Park, Elaine Shi, and Wenting Zheng. Piano: Extremely simple, single-server PIR with sublinear server computation. Cryptology ePrint Archive, Paper 2023/452, 2023. URLhttps://eprint.iacr.org/2023/452

    work page 2023

  22. [23]

    Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs,

    Mingxun Zhou, Andrew Park, Wenting Zheng, and Elaine Shi. Piano: Extremely simple, single-server pir with sublinear server computation. In 2024 IEEE Symposium on Security and Privacy (SP), pages 4296–4314, 2024. doi:10.1109/SP54263.2024.00055

    work page doi:10.1109/sp54263.2024.00055 2024

  23. [24]

    Pacmann: Efficient Private Approximate Nearest Neighbor Search, 2024

    Mingxun Zhou, Elaine Shi, and Giulia Fanti. Pacmann: Efficient Private Approximate Nearest Neighbor Search, 2024

    work page 2024

  24. [25]

    Zeal: PIR for non-cooperative databases

    Javin Zipkin, Ofir Dvir, Divyakant Agrawal, Trinabh Gupta, and Soamar Homsi. Zeal: PIR for non-cooperative databases. Cryptology ePrint Archive, Paper 2026/684, 2026. URLhttps://eprint.iacr.org/2026/684

    work page 2026