Brave launches privacy-focused database query system FrodoPIR

Dec. 23 (Portaltic/EP) –

Brave Softwarethe developer of the Brave search engine, has launched FrodoPIR, a new database query system focused on privacy capable of obtaining information from the queries made by users without revealing the content to the servers.

Brave is an open source search engine that was born with the premise of guaranteeing the privacy and security of users. Based on this approach, the company has developed a private information retrieval (PIR) cryptographic protocol. versatile and “powerful”as he stressed in his Web page.

The company has acknowledged that it is aware that some users do not want the content they view on streaming platforms to be identified and stored by them and, later, use this information to suggest other content or personalized advertisements.

To avoid this type of invasive advertising, Brave has worked on FrodoPIR, a Brave query mechanism that can be applied to aspects such as verification of passwords from compromised databases and even, certificate transparency checks.

In this way, thanks to this solution focused on privacy, the user can search any data without the servers having access to the information they are looking for or handling.

Brave has insisted that “despite experimenting with various systems” until now it had not managed to build a mechanism that retrieved data in the Brave browser that was aware of this type of information.

However, FrodoPIR has turned out to be a mechanism that acts much more “quickly, economically and efficiently”and presents an architecture “highly configurable” and that it comes with concrete guarantees of privacy and security.

The operation of FrodoPIR presents a two phase process. The first one works as an offline preparatory step, while the other one, which does take place online, allows the client to transmit encrypted queries to the server. This can return a negative or positive value to the client, depending on whether the request is Is it in the database or not?. In this process, moreover, the server does not know what the user is really consulting.

Within this framework, the company has indicated that continue to work on improving some “unresolved” keys like the offline phasewhich must be performed between each client and server, translates to “a lot of expensive calculations” to be done by the server.

ACCESS CREDENTIAL VERIFICATION SYSTEM

The company has shared its intention to have a credential verifier soon. That way, any password entered through the Brave browser can be verified with databases that have been compromised.

This system will work as a help and protection mechanism for users, to whom it will indicate if they should change a certain password in case it has been detected in a broken database.

Brave has underlined that this password checking keeps the user’s password private, which will still not be displayed to the servers. Hence, FrodoPIR is able to guarantee the privacy and security of this verification mechanism.