Abstract
Oblivious RAM (ORAM) was proposed to solve the problem of memory disclosure, preventing the system from reverse engineering attacks. Naturally, researchers apply ORAM into the out-sourced storage scenarios widely to protect the users’ access patterns, including the sequence, the time, the correlation of the accesses, etc., which might compromise the users’ private information and be utilized by malicious adversaries to launch attacks. ORAM typically protect user information by transforming a single access to the target item into a sequence accesses to multiple items, periodically reshuffling the accessed data. However, these extra operations bring about extra storage, computation and communication cost. Especially when applied to the multi-client scenarios, the overhead will be usually multiplied considering both the security and the performance. Current multi-client ORAM schemes suffer from the large overhead because of complicated architecture or cryptographic primitive, such as fully-homomorphic encryption, private information retrieval. This paper presents \(\textsf{XPORAM}\), an efficient Oblivious RAM scheme appropriate for practical multi-client scenarios against malicious adversaries. Using the architecture of the non-colluding model, our scheme constructs multi-party secure communication while achieving obliviousness. Our security analysis guarantees the secure deployment of \(\textsf{XPORAM}\) and our experimental results demonstrate the O(1) communication overhead and \(O(\log N)\) computation overhead without requiring any trustworthy proxy.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahmad, A., Kim, K., Sarfaraz, M.I., Lee, B.: OBLIVIATE: a data oblivious filesystem for intel SGX. In: NDSS (2018)
Apon, D., Katz, J., Shi, E., Thiruvengadam, A.: Verifiable oblivious storage. In: Krawczyk, H. (ed.) PKC 2014. LNCS, vol. 8383, pp. 131–148. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-642-54631-0_8
Asharov, G., Komargodski, I., Lin, W.K., Nayak, K., Peserico, E., Shi, E.: Optorama: optimal oblivious ram. J. ACM 70(1), 1–70 (2022)
Blass, E.-O., Mayberry, T., Noubir, G.: Multi-client oblivious RAM secure against malicious servers. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 686–707. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61204-1_34
Cheng, W., Sang, D., Zeng, L., Wang, Y., Brinkmann, A.: TIANJI: securing a practical asynchronous multi-user ORAM. IEEE Trans. Depend. Secure Comput. 20, 5143–5155 (2023)
Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private information retrieval. In: Proceedings of IEEE 36th Annual Foundations of Computer Science, Wisconsin, USA, pp. 41–50. IEEE (1995). https://doi.org/10.1109/SFCS.1995.492461
Dauterman, E., Feng, E., Luo, E., Popa, R.A., Stoica, I.: \(\{\)DORY\(\}\): An encrypted search system with distributed trust. In: 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI 20), pp. 1101–1119 (2020)
Dautrich, J., Stefanov, E., Shi, E.: Burst ORAM: minimizing ORAM response times for bursty access patterns. In: 23rd USENIX Security Symposium (USENIX Security 14), Berkley, CA, pp. 749–764. USENIX Association (2014)
Devadas, S., van Dijk, M., Fletcher, C.W., Ren, L., Shi, E., Wichs, D.: Onion ORAM: a constant bandwidth blowup oblivious RAM. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 145–174. Springer, Heidelberg (2016). https://doi.org/10.1007/978-3-662-49099-0_6
Franz, M., et al.: Oblivious outsourced storage with delegation. In: Danezis, G. (ed.) FC 2011. LNCS, vol. 7035, pp. 127–140. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27576-0_11
Gao, B., Chen, B., Jia, S., Xia, L.: EHIFS: an efficient history independent file system. In: Proceedings of the 2019 ACM Asia Conference on Computer and Communications Security, pp. 573–585 (2019)
Goldreich, O.: Towards a theory of software protection and simulation by oblivious rams. In: Proceedings of the Nineteenth Annual ACM Symposium on Theory of Computing, New York, NY, USA, pp. 182–194. STOC ’87, Association for Computing Machinery (1987)
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. J. ACM (JACM) 43(3), 431–473 (1996)
Hoang, T., Guajardo, J., Yavuz, A.A.: MACAO: a maliciously-secure and client-efficient active ORAM framework. In: 27th Annual Network and Distributed System Security Symposium, NDSS 2020, San Diego, California, USA, February 23–26 (2020)
Huang, Y., et al.: ThinORAM: towards practical oblivious data access in fog computing environment. IEEE Trans. Serv. Comput. 13(4), 602–612 (2020)
Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: NDSS, vol. 20, p. 12 (2012)
Klimt, B., Yang, Y.: The Enron corpus: a new dataset for email classification research. In: Boulicaut, J.-F., Esposito, F., Giannotti, F., Pedreschi, D. (eds.) ECML 2004. LNCS (LNAI), vol. 3201, pp. 217–226. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-30115-8_22
Larsen, K.G., Nielsen, J.B.: Yes, there is an oblivious RAM lower bound! In: Shacham, H., Boldyreva, A. (eds.) CRYPTO 2018. LNCS, vol. 10992, pp. 523–542. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-96881-0_18
Liu, C., Wang, X.S., Nayak, K., Huang, Y., Shi, E.: OBLIVM: a programming framework for secure computation. In: 2015 IEEE Symposium on Security and Privacy, pp. 359–376. IEEE (2015)
Liu, Z., Huang, Y., Li, J., Cheng, X., Shen, C.: DivORAM: towards a practical oblivious ram with variable block size. Inf. Sci. 447, 1–11 (2018)
Liu, Z., Li, B., Huang, Y., Li, J., Xiang, Y., Pedrycz, W.: NewMCOS: towards a practical multi-cloud oblivious storage scheme. IEEE Trans. Knowl. Data Eng. 32(4), 714–727 (2019)
Maas, M., et al.: Phantom: practical oblivious computation in a secure processor. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security, pp. 311–324 (2013)
Maffei, M., Malavolta, G., Reinert, M., Schröder, D.: Privacy and access control for outsourced personal records. In: 2015 IEEE Symposium on Security and Privacy, pp. 341–358. IEEE (2015)
Maffei, M., Malavolta, G., Reinert, M., Schröder, D.: Maliciously secure multi-client ORAM. In: Gollmann, D., Miyaji, A., Kikuchi, H. (eds.) ACNS 2017. LNCS, vol. 10355, pp. 645–664. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-61204-1_32
Mayberry, T., Blass, E., Chan, A.H.: Efficient private file retrieval by combining ORAM and PIR. In: 21st Annual Network and Distributed System Security Symposium, NDSS. The Internet Society (2014)
Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_27
Ren, L., et al.: Constants count: Practical improvements to oblivious RAM. In: 24th USENIX Security Symposium (USENIX Security 15), Washington, D.C., pp. 415–430. USENIX Association (2015)
Roche, D.S., Aviv, A., Choi, S.G.: A practical oblivious map data structure with secure deletion and history independence. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 178–197. IEEE (2016)
Sahin, C., Zakhary, V., El Abbadi, A., Lin, H., Tessaro, S.: Taostore: overcoming asynchronicity in oblivious data storage. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 198–217. IEEE (2016)
Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with O((logN)3) worst-case cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 197–214. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25385-0_11
Stefanov, E., et al.: Path ORAM: an extremely simple oblivious ram protocol. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. CCS 2013, New York, NY, USA, pp. 299–310. Association for Computing Machinery (2013)
Stefanov, E., Shi, E.: Multi-cloud oblivious storage. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security. CCS 2013, New York, NY, USA, pp. 247–258. Association for Computing Machinery (2013)
Stefanov, E., Shi, E.: ObliviStore: high performance oblivious cloud storage. In: 2013 IEEE Symposium on Security and Privacy, pp. 253–267. IEEE (2013)
Stefanov, E., Shi, E., Song, D.X.: Towards practical oblivious RAM. In: 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA,, Reston, VA, USA 5–8 February, pp. 1–40. The Internet Society (2012)
Tople, S., Jia, Y., Saxena, P.: Pro-ORAM: practical read-only oblivious ram. In: RAID, pp. 197–211 (2019)
Vadapalli, A., Henry, R., Goldberg, I.: DuORAM: a bandwidth-efficient distributed ORAM for 2-and 3-party computation. In: 32nd USENIX Security Symposium (2023)
Wang, X.S., Huang, Y., Chan, T.H., Shelat, A., Shi, E.: ScORAM: oblivious ram for secure computation. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. CCS 2014, pp. 191–202 (2014)
Wang, X.S., et al.: Oblivious data structures. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 215–226 (2014)
Wang, Y., Malluhi, Q.M.: Privacy preserving computation in cloud using reusable garbled oblivious rams. In: Susilo, W., Chen, X., Guo, F., Zhang, Y., Intan, R. (eds.) ISC 2022. LNCS, vol. 13640, pp. 3–19. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-22390-7_1
Williams, P., Sion, R., Tomescu, A.: PrivateFS: a parallel oblivious file system. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 977–988 (2012)
Xu, W., Zhang, J., Yuan, Y., Wang, X.: Symmetric searchable encryption with supporting search pattern and access pattern protection in multi-cloud. Concurr. Comput. Pract. Exp. 35(9), e7651 (2023)
Zahur, S., et al.: Revisiting square-root ORAM: efficient random access in multi-party computation. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 218–234. IEEE (2016)
Acknowledgments
This work was supported by National Key Research and Development Program of China (No.2021YFB3101100) and National Natural Science Foundation of China (No.62272457, No.62302238).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2024 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gao, B., Jia, S., Dong, J., Ren, P. (2024). XPORAM: A Practical Multi-client ORAM Against Malicious Adversaries. In: Ge, C., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2023. Lecture Notes in Computer Science, vol 14526. Springer, Singapore. https://doi.org/10.1007/978-981-97-0942-7_20
Download citation
DOI: https://doi.org/10.1007/978-981-97-0942-7_20
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-97-0941-0
Online ISBN: 978-981-97-0942-7
eBook Packages: Computer ScienceComputer Science (R0)