skip to main content
10.1145/2133601.2133604acmconferencesArticle/Chapter ViewAbstractPublication PagescodaspyConference Proceedingsconference-collections
research-article

Practical oblivious storage

Published: 07 February 2012 Publication History

Abstract

We study oblivious storage (OS), a natural way to model privacy-preserving data outsourcing where a client, Alice, stores sensitive data at an honest-but-curious server, Bob. We show that Alice can hide both the content of her data and the pattern in which she accesses her data, with high probability, using a method that achieves O(1) amortized rounds of communication between her and Bob for each data access. We assume that Alice and Bob exchange small messages, of size O(N1/c), for some constant c>=2, in a single round, where N is the size of the data set that Alice is storing with Bob. We also assume that Alice has a private memory of size 2N1/c. These assumptions model real-world cloud storage scenarios, where trade-offs occur between latency, bandwidth, and the size of the client's private memory.

References

[1]
M. Ajtai. Oblivious RAMs without cryptographic assumptions. In Proc. ACM Symp. on Theory of Computing (STOC), pages 181--190. ACM, 2010.
[2]
Amazon. Amazon S3 Service. http://aws.amazon.com/s3-sla/.
[3]
Y. Arbitman, M. Naor, and G. Segev. De-amortized cuckoo hashing: Provable worst-case performance and experimental results. In Proc. Int. Conf. Automata, Languages and Programming (ICALP), pages 107--118. Springer, 2009.
[4]
D. Boneh, D. Mazières, and R. A. Popa. Remote oblivious storage: Making oblivious RAM practical. Technical report, CSAIL, MIT, 2011. http://dspace.mit.edu/handle/1721.1/62006.
[5]
S. Chen, R. Wang, X. Wang, and K. Zhang. Side-channel leaks in Web applications: a reality today, a challenge tomorrow. In Proc. IEEE Symp. on Security and Privacy, pages 191--206, 2010.
[6]
I. Damgård, S. Meldgaard, and J. B. Nielsen. Perfectly secure oblivious RAM without random oracles. In Proc. Theory of Cryptography Conference (TCC), pages 144--163, 2011.
[7]
D. Dubhashi and A. Panconesi. Concentration of Measure for the Analysis of Randomized Algorithms. Cambridge University Press, New York, NY, USA, 2009.
[8]
O. Goldreich and R. Ostrovsky. Software protection and simulation on oblivious RAMs. J. ACM, 43(3):431--473, 1996.
[9]
M. T. Goodrich and M. Mitzenmacher. Privacy-preserving access of outsourced data via oblivious RAM simulation. In Proc. Int. Colloq. on Automata, Languages and Programming (ICALP), pages 576--587, 2011.
[10]
M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia. Oblivious RAM simulation with efficient worst-case access overhead. In Proc. ACM Workshop on Cloud Computing Security (CCSW), pages 95--100, 2011.
[11]
M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia. Privacy-preserving group data access via stateless oblivious RAM simulation. In Proc. ACM-SIAM Symp. on Discrete Algorithms (SODA), 2012. To appear. Preliminary version in http://arxiv.org/abs/1105.4125.
[12]
A. Kirsch, M. Mitzenmacher, and U. Wieder. More robust hashing: cuckoo hashing with a stash. SIAM J. Comput., 39:1543--1561, 2009.
[13]
D. E. Knuth. Seminumerical Algorithms, volume 2 of The Art of Computer Programming. Addison-Wesley, Reading, MA, 3rd edition, 1998.
[14]
E. Kushilevitz, S. Lu, and R. Ostrovsky. On the (in)security of hash-based oblivious RAM and a new balancing scheme. In Proc. ACM-SIAM Symp. on Discrete Algorithms (SODA), 2012. To appear. Preliminary version in http://eprint.iacr.org/2011/327.
[15]
Microsoft Corp. Windows Azure. http://www.microsoft.com/windowsazure.
[16]
R. Pagh and F. Rodler. Cuckoo hashing. Journal of Algorithms, 52:122--144, 2004.
[17]
B. Pinkas and T. Reinman. Oblivious RAM revisited. In T. Rabin, editor, Advances in Cryptology (CRYPTO), volume 6223 of LNCS, pages 502--519. Springer, 2010.
[18]
N. Pippenger and M. J. Fischer. Relations among complexity measures. J. ACM, 26(2):361--381, 1979.
[19]
E. Shi, T.-H. H. Chan, E. Stefanov, and M. Li. Oblivious RAM with O((logN)3) worst-case cost. In Proc. ASIACRYPT, pages 197--214, 2011.
[20]
E. Stefanov, E. Shi, and D. Song. Towards Practical Oblivious RAM. In Proc. Network and Distributed System Security Symposium (NDSS), 2012. To appear. Preliminary version in http://arxiv.org/abs/1106.3652.
[21]
J. S. Vitter. External sorting and permuting. In M.-Y. Kao, editor, Encyclopedia of Algorithms. Springer, 2008.
[22]
P. Williams and R. Sion. Usable PIR. In Proc. Network and Distributed System Security Symposium (NDSS), 2008.
[23]
P. Williams, R. Sion, and B. Carbunar. Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In ACM Conference on Computer and Communications Security (CCS), pages 139--148, 2008.

Cited By

View all
  • (2022)Proving Obliviousness of Probabilistic Algorithms with Formal VerificationCompanion Proceedings of the 2022 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3563768.3565547(25-28)Online publication date: 29-Nov-2022
  • (2022)A rORAM scheme with logarithmic bandwidth and logarithmic localityInternational Journal of Intelligent Systems10.1002/int.2292937:10(8068-8091)Online publication date: 23-May-2022
  • (2021)An Integrated Privacy Preserving Attribute-Based Access Control Framework Supporting Secure DeduplicationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2019.294607318:2(706-721)Online publication date: 1-Mar-2021
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CODASPY '12: Proceedings of the second ACM conference on Data and Application Security and Privacy
February 2012
338 pages
ISBN:9781450310918
DOI:10.1145/2133601
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 February 2012

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. cloud computing
  2. private information retrieval

Qualifiers

  • Research-article

Conference

CODASPY'12
Sponsor:

Acceptance Rates

CODASPY '12 Paper Acceptance Rate 21 of 113 submissions, 19%;
Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)16
  • Downloads (Last 6 weeks)2
Reflects downloads up to 20 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2022)Proving Obliviousness of Probabilistic Algorithms with Formal VerificationCompanion Proceedings of the 2022 ACM SIGPLAN International Conference on Systems, Programming, Languages, and Applications: Software for Humanity10.1145/3563768.3565547(25-28)Online publication date: 29-Nov-2022
  • (2022)A rORAM scheme with logarithmic bandwidth and logarithmic localityInternational Journal of Intelligent Systems10.1002/int.2292937:10(8068-8091)Online publication date: 23-May-2022
  • (2021)An Integrated Privacy Preserving Attribute-Based Access Control Framework Supporting Secure DeduplicationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2019.294607318:2(706-721)Online publication date: 1-Mar-2021
  • (2020)A Lower Bound for One-Round Oblivious RAMTheory of Cryptography10.1007/978-3-030-64375-1_16(457-485)Online publication date: 9-Dec-2020
  • (2019)Flat ORAM: A Simplified Write-Only Oblivious RAM Construction for Secure ProcessorsCryptography10.3390/cryptography30100103:1(10)Online publication date: 25-Mar-2019
  • (2019)Practical Access Pattern Privacy by Combining PIR and Oblivious ShuffleProceedings of the 28th ACM International Conference on Information and Knowledge Management10.1145/3357384.3357975(1331-1340)Online publication date: 3-Nov-2019
  • (2019)Repeatable Oblivious Shuffling of Large Outsourced Data BlocksProceedings of the ACM Symposium on Cloud Computing10.1145/3357223.3362732(287-298)Online publication date: 20-Nov-2019
  • (2019)What Storage Access Privacy is Achievable with Small Overhead?Proceedings of the 38th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems10.1145/3294052.3319695(182-199)Online publication date: 25-Jun-2019
  • (2019)pRide: Privacy-Preserving Ride Matching Over Road Networks for Online Ride-Hailing ServiceIEEE Transactions on Information Forensics and Security10.1109/TIFS.2018.288528214:7(1791-1802)Online publication date: Jul-2019
  • (2019)Fast Phrase Search for Encrypted Cloud StorageIEEE Transactions on Cloud Computing10.1109/TCC.2017.27093167:4(1002-1012)Online publication date: 1-Oct-2019
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media