After some investigation and benchmarking, it looks like the best PIR protocol for this use case is YPIR+SP (from February). On a single compute- and network-constrained server, with users on constrained (and possibly metered) networks, this would amount to providing service to up to 1000 users while keeping latencies reasonable; by (quadratically) scaling the server(s) enough, that could become up to 100,000. That means this method of message routing could definitely work, although I look every day in case new protocols are published.
Do you have a link about your messaging app? And PIR doesn’t conceal the existence of traffic, so it doesn’t seem like the right thing for messaging. It’s more for databases as the name implies. What exactly are you trying to do?
No, sorry, I haven’t uploaded anything yet, I’ve only coded the protocols and some benchmark code. The idea is for each client to send and receive data continuously. Since text messages are pretty small and YPIR+SP doesn’t have a lot of overhead, that could be a reasonable way to conceal all metadata, as long as there are not enough people connected to overwhelm the server.
Is there another post somewhere giving a general description of what you are doing?
There’s this post of mine, also this article gives some background on the application of PIR to anonymous messaging. Basically, I’m trying to do a basic version of that, but using a state-of-the-art PIR protocol introduced in this article. It’s still not great performance-wise, but it’s enough to be practical (as stated, many thousands of users given enough resources).
Thanks, it’s late here now but I’ll try to look soon. I didn’t realize significant improvements over Goldberg etc al were really possible. I’ll try to understand that too.