Examining Leakage of Access Counts in ORAM Constructions
Pages 66 - 70
Abstract
Oblivious RAM is a cryptographic primitive that embodies one of the cornerstones of privacy-preserving technologies for database protection. While any Oblivious RAM (ORAM) construction offers access pattern hiding, there does not seem to be a construction that is safe against the potential leakage due to knowledge about the number of accesses performed by a client. Such leakage constitutes a privacy violation, as client data may be stored in a domain specific fashion. In this work, we examine this leakage by considering an adversary that can probe the server that stores an ORAM database, and who takes regular snapshots of it. We show that even against such a weak adversary, no major ORAM architecture is resilient, except for the trivial case, where the client scans the whole database in order to access a single element. In fact, we argue that constructing a non-trivial ORAM that is formally resilient seems impossible. Moreover, we quantify the leakage of different constructions to show which architecture offers the best privacy in practice.
References
[1]
Christopher W. Fletcher, Marten van Dijk, and Srinivas Devadas. 2012. A secure processor architecture for encrypted computation on untrusted programs. In ACM Workshop on Scalable Trusted Computing (STC). ACM.
[2]
Christopher W. Fletcher, Ling Ren, Xiangyao Yu, Marten van Dijk, Omer Khan, and Srinivas Devadas. 2014. Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs. In IEEE International Symposium on High Performance Computer Architectures (HPCA). IEEE.
[3]
Oded Goldreich and Rafail Ostrovsky. 1996. Software Protection and Simulation on Oblivious RAMs. J. ACM, Vol. 43, 3 (1996).
[4]
Syed Kamran Haider and Marten van Dijk. 2016. Flat ORAM: A Simplified Write-Only Oblivious RAM Construction for Secure Processor Architectures. arXiv preprint arXiv:1611.01571 (2016).
[5]
Gauderman W. James, Murcray Cassandra, Gilliland Frank, and Conti David V. 2007. Testing association between disease and multiple SNPs in a candidate gene. Genetic Epidemiology (2007).
[6]
Jonathan L. Dautrich Jr., Emil Stefanov, and Elaine Shi. 2014. Burst ORAM: Minimizing ORAM Response Times for Bursty Access Patterns. In USENIX Security Symposium. USENIX Association.
[7]
Nikolaos P. Karvelas, Andreas Peter, Stefan Katzenbeisser, Erik Tews, and Kay Hamacher. 2014. Privacy preserving whole genome sequence processing through proxy-aided ORAM. In ACM Workshop on Privacy in the Electronic Society (WPES). ACM.
[8]
Martin Maas, Eric Love, Emil Stefanov, Mohit Tiwari, Elaine Shi, Krste Asanovic, John Kubiatowicz, and Dawn Song. 2013. PHANTOM: practical oblivious computation in a secure processor. In ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM.
[9]
Matteo Maffei, Giulio Malavolta, Manuel Reinert, and Dominique Schrö der. 2015. Privacy and Access Control for Outsourced Personal Records. In IEEE Symposium on Security and Privacy (S&P). IEEE.
[10]
Tarik Moataz, Travis Mayberry, and Erik-Oliver Blass. 2015. Constant Communication ORAM with Small Blocksize. In ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM.
[11]
Daniel S. Roche, Adam Aviv, and Seung Geol Choi. 2016. A practical oblivious map data structure with secure deletion and history independence. In IEEE Symposium on Security and Privacy (S&P). IEEE.
[12]
Emil Stefanov and Elaine Shi. 2013. ObliviStore: High Performance Oblivious Cloud Storage. In IEEE Symposium on Security and Privacy (S&P). IEEE.
[13]
Emil Stefanov, Elaine Shi, and Dawn Xiaodong Song. 2012. Towards Practical Oblivious RAM. In Network and Distributed System Security Symposium (NDSS). The Internet Society.
[14]
Emil Stefanov, Marten van Dijk, Elaine Shi, Christopher W. Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: an extremely simple oblivious RAM protocol. In ACM SIGSAC Conference on Computer and Communications Security (CCS). ACM.
Index Terms
- Examining Leakage of Access Counts in ORAM Constructions
Recommendations
Three-Party ORAM for Secure Computation
Proceedings, Part I, of the 21st International Conference on Advances in Cryptology -- ASIACRYPT 2015 - Volume 9452An Oblivious RAM ORAM protocol [13] allows a client to retrieve $${\mathrm {N}}$$-th element of a data array $${\mathsf {D}}$$ stored by the server s.t. the server learns no information about $${\mathrm {N}}$$. A related notion is that of an ORAM for ...
Path ORAM: an extremely simple oblivious RAM protocol
CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications securityWe present Path ORAM, an extremely simple Oblivious RAM protocol with a small amount of client storage. Partly due to its simplicity, Path ORAM is the most practical ORAM scheme for small client storage known to date. We formally prove that Path ORAM ...
Mix-ORAM: Using Delegated Shuffles.
WPES '17: Proceedings of the 2017 on Workshop on Privacy in the Electronic SocietyOblivious RAM (ORAM) is a key technology for providing private storage and querying on untrusted machines but is commonly seen as impractical due to the high and recurring overhead of the re-randomization, called the eviction, the client incurs. We ...
Comments
Information & Contributors
Information
Published In
October 2018
190 pages
ISBN:9781450359894
DOI:10.1145/3267323
- General Chairs:
- David Lie,
- Mohammad Mannan,
- Program Chair:
- Aaron Johnson
Copyright © 2018 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 15 January 2018
Check for updates
Author Tags
Qualifiers
- Short-paper
Funding Sources
- DFG
Conference
CCS '18
Sponsor:
CCS '18: 2018 ACM SIGSAC Conference on Computer and Communications Security
October 15, 2018
Toronto, Canada
Acceptance Rates
WPES'18 Paper Acceptance Rate 11 of 25 submissions, 44%;
Overall Acceptance Rate 106 of 355 submissions, 30%
Upcoming Conference
CCS '25
- Sponsor:
- sigsac
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 122Total Downloads
- Downloads (Last 12 months)4
- Downloads (Last 6 weeks)1
Reflects downloads up to 16 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in