research-article

PrORAM: dynamic prefetcher for oblivious RAM

Authors:
Xiangyao Yu

Massachusetts Institute of Technology

Massachusetts Institute of Technology
View Profile

,
Syed Kamran Haider

University of Connecticut

University of Connecticut
View Profile

,
Ling Ren

Massachusetts Institute of Technology

Massachusetts Institute of Technology
View Profile

,
Christopher Fletcher

Massachusetts Institute of Technology

Massachusetts Institute of Technology
View Profile

,
Albert Kwon

Massachusetts Institute of Technology

Massachusetts Institute of Technology
View Profile

,
Marten van Dijk

University of Connecticut

University of Connecticut
View Profile

,
Srinivas Devadas

Massachusetts Institute of Technology

Massachusetts Institute of Technology
View Profile

ISCA '15: Proceedings of the 42nd Annual International Symposium on Computer ArchitectureJune 2015Pages 616–628https://doi.org/10.1145/2749469.2750413

Published:13 June 2015Publication History

ISCA '15: Proceedings of the 42nd Annual International Symposium on Computer Architecture

Pages 616–628

ABSTRACT

Oblivious RAM (ORAM) is an established technique to hide the access pattern to an untrusted storage system. With ORAM, a curious adversary cannot tell what address the user is accessing when observing the bits moving between the user and the storage system. All existing ORAM schemes achieve obliviousness by adding redundancy to the storage system, i.e., each access is turned into multiple random accesses. Such redundancy incurs a large performance overhead.

Although traditional data prefetching techniques successfully hide memory latency in DRAM based systems, it turns out that they do not work well for ORAM because ORAM does not have enough memory bandwidth available for issuing prefetch requests. In this paper, we exploit ORAM locality by taking advantage of the ORAM internal structures. While it might seem apparent that obliviousness and locality are two contradictory concepts, we challenge this intuition by exploiting data locality in ORAM without sacrificing security. In particular, we propose a dynamic ORAM prefetching technique called PrORAM (Dynamic Prefetcher for ORAM) and comprehensively explore its design space. PrORAM detects data locality in programs at runtime, and exploits the locality without leaking any information on the access pattern.

Our simulation results show that with PrORAM, the performance of ORAM can be significantly improved. PrORAM achieves an average performance gain of 20% over the baseline ORAM for memory intensive benchmarks among Splash2 and 5.5% for SPEC06 workloads. The performance gain for YCSB and TPCC in DBMS benchmarks is 23.6% and 5% respectively. On average, PrORAM offers twice the performance gain than that offered by a static super block scheme.

References

W. Arbaugh, D. Farber, and J. Smith, "A Secure and Reliable Bootstrap Architecture," in Proceedings of the 1997 IEEE Symposium on Security and Privacy, May 1997, pp. 65--71. {Online}. Available: citeseer.nj.nec.com/arbaugh97secure.html Google ScholarDigital Library
D. Boneh, D. Mazieres, and R. A. Popa, "Remote oblivious storage: Making oblivious RAM practical," Manuscript, http://dspace.mit.edu/bitstream/handle/1721.1/62006/MIT-CSAIL-TR-2011-018.pdf, 2011.Google Scholar
T.-F. Chen and J.-L. Baer, "Effective hardware-based data prefetching for high-performance processors," Computers, IEEE Transactions on, vol. 44, no. 5, pp. 609--623, 1995. Google ScholarDigital Library
T.-F. Chen and J.-L. Baer, "Effective hardware-based data prefetching for high-performance processors," Computers, IEEE Transactions on, vol. 44, no. 5, pp. 609--623, 1995. Google ScholarDigital Library
B. F. Cooper, A. Silberstein, E. Tam, R. Ramakrishnan, and R. Sears, "Benchmarking cloud serving systems with YCSB," in SoCC'10, pp. 143--154. Google ScholarDigital Library
F. Dahlgren, M. Dubois, and P. Stenstrom, "Fixed and adaptive sequential prefetching in shared memory multiprocessors," in Parallel Processing, 1993. ICPP 1993. International Conference on, vol. 1. IEEE, 1993, pp. 56--63. Google ScholarDigital Library
I. Damgård, S. Meldgaard, and J. B. Nielsen, "Perfectly secure oblivious RAM without random oracles," in TCC, 2011.Google Scholar
C. Fletcher, L. Ren, A. Kwon, M. van Dijk, and S. Devadas, "Freecursive oram: {nearly} free recursion and integrity verification for position-based oblivious ram," in Proceedings of the 20^th Int'l Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2015. Google ScholarDigital Library
C. Fletcher, L. Ren, X. Yu, M. Van Dijk, O. Khan, and S. Devadas, "Suppressing the oblivious ram timing channel while making information leakage and program efficiency trade-offs," in Proceedings of the Int'l Symposium On High Performance Computer Architecture, 2014.Google Scholar
C. Fletcher, M. van Dijk, and S. Devadas, "Secure Processor Architecture for Encrypted Computation on Untrusted Programs," in Proceedings of the 7th ACM CCS Workshop on Scalable Trusted Computing; an extended version is located at http://csg.csail.mit.edu/pubs/memos/Memo508/memo508.pdf (Master's thesis), Oct. 2012, pp. 3--8. Google ScholarDigital Library
O. Goldreich and R. Ostrovsky, "Software protection and simulation on oblivious rams," in J. ACM, 1996. Google ScholarDigital Library
M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia, "Oblivious ram simulation with efficient worst-case access overhead," in Proceedings of the 3rd ACM workshop on Cloud computing security workshop, ser. CCSW '11. New York, NY, USA: ACM, 2011, pp. 95--100. {Online}. Available: http://doi.acm.org/10.1145/2046660.2046680 Google ScholarDigital Library
M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia, "Practical oblivious storage," in Proceedings of the second ACM conference on Data and Application Security and Privacy, ser. CODASPY '12. New York, NY, USA: ACM, 2012, pp. 13--24. {Online}. Available: http://doi.acm.org/10.1145/2133601.2133604 Google ScholarDigital Library
M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia, "Privacy-preserving group data access via stateless oblivious RAM simulation," in SODA, 2012. Google ScholarDigital Library
D. Grawrock, The Intel Safer Computing Initiative: Building Blocks for Trusted Computing. Intel Press, 2006.Google Scholar
J. L. Henning, "Spec cpu2006 benchmark descriptions," ACM SIGARCH Computer Architecture News, vol. 34, no. 4, pp. 1--17, 2006. Google ScholarDigital Library
D. Lie, J. Mitchell, C. Thekkath, and M. Horwitz, "Specifying and verifying hardware for tamper-resistant software," in Proceedings of the IEEE Symposium on Security and Privacy, 2003. Google ScholarDigital Library
D. Lie, C. Thekkath, and M. Horowitz, "Implementing an untrusted operating system on trusted hardware," in Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, 2003, pp. 178--192. Google ScholarDigital Library
D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz, "Architectural Support for Copy and Tamper Resistant Software," in Proceedings of the 9^th Int'l Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX), November 2000, pp. 168--177. Google ScholarDigital Library
J. R. Lorch, J. W. Mickens, B. Parno, M. Raykova, and J. Schiffman, "Toward practical private access to data centers via parallel oram." IACR Cryptology ePrint Archive, vol. 2012, p. 133, 2012, informal publication. {Online}. Available: http://dblp.uni-trier.de/db/journals/iacr/iacr2012.html#LorchMPRS12Google Scholar
J. E. Miller, H. Kasture, G. Kurian, C. G. III, N. Beckmann, C. Celio, J. Eastep, and A. Agarwal, "Graphite: A Distributed Parallel Simulator for Multicores," in HPCA, 2010.Google Scholar
R. Ostrovsky, "Efficient computation on oblivious rams," in STOC, 1990. Google ScholarDigital Library
R. Ostrovsky and V. Shoup, "Private information storage (extended abstract)," in STOC, 1997, pp. 294--303. Google ScholarDigital Library
S. Palacharla and R. E. Kessler, "Evaluating stream buffers as a secondary cache replacement," in ACM SIGARCH Computer Architecture News. IEEE Computer Society Press, 1994. Google ScholarDigital Library
L. Ren, X. Yu, C. Fletcher, M. van Dijk, and S. Devadas, "Design space exploration and optimization of path oblivious ram in secure processors," in Proceedings of the Int'l Symposium on Computer Architecture, June 2013, available at Cryptology ePrint Archive, Report 2013/76. Google ScholarDigital Library
L. F. G. Sarmenta, M. van Dijk, C. W. O'Donnell, J. Rhodes, and S. Devadas, "Virtual Monotonic Counters and Count-Limited Objects using a TPM without a Trusted OS," in Proceedings of the 1st STC'06, Nov. 2006. Google ScholarDigital Library
E. Shi, T.-H. H. Chan, E. Stefanov, and M. Li, "Oblivious ram with o((logn)³) worst-case cost," in Asiacrypt, 2011, pp. 197--214. Google ScholarDigital Library
A. J. Smith, "Cache memories," ACM Computing Surveys (CSUR), vol. 14, no. 3, pp. 473--530, 1982. Google ScholarDigital Library
E. Stefanov, E. Shi, and D. Song, "Towards practical oblivious RAM," in NDSS, 2012.Google Scholar
E. Stefanov, M. van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, and S. Devadas, "Path oram: An extremely simple oblivious ram protocol," in Proceedings of the ACM Computer and Communication Security Conference, 2013. Google ScholarDigital Library
G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas, " AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing," in Proceedings of the 17^th ICS (MIT-CSAIL-CSG-Memo-474 is an updated version). New-York: ACM, June 2003. {Online}. Available: http://csg.csail.mit.edu/pubs/memos/Memo-474/Memo-474.pdf(revisedone) Google ScholarDigital Library
G. E. Suh, C. W. O'Donnell, I. Sachdev, and S. Devadas, "Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions," in Proceedings of the 32^nd ISCA'05. New-York: ACM, June 2005. {Online}. Available: http://csg.csail.mit.edu/pubs/memos/Memo-483/Memo-483.pdf Google ScholarDigital Library
The Transaction Processing Council, "TPC-C Benchmark (Revision 5.9.0)," http://www.tpc.org/tpcc/spec/tpcc_current.pdf, June 2007.Google Scholar
Trusted Computing Group, "TCG Specification Architecture Overview Revision 1.2," http://www.trustedcomputinggroup.com/home, 2004.Google Scholar
S. P. Vanderwiel and D. J. Lilja, "Data prefetch mechanisms," ACM Computing Surveys (CSUR), vol. 32, no. 2, pp. 174--199, 2000. Google ScholarDigital Library
P. Williams and R. Sion, "Single round access privacy on outsourced storage," in Proceedings of the 2012 ACM conference on Computer and communications security, ser. CCS '12. New York, NY, USA: ACM, 2012, pp. 293--304. {Online}. Available: http://doi.acm.org/10.1145/2382196.2382229 Google ScholarDigital Library
S. C. Woo, M. Ohara, E. Torrie, J. P. Singh, and A. Gupta, "The SPLASH-2 programs: characterization and methodological considerations," in Proceedings of the 22nd Annual International Symposium on Computer Architecture, 1995, pp. 24--36. Google ScholarDigital Library
X. Yu, G. Bezerra, A. Pavlo, S. Devadas, and M. Stonebraker, "Staring into the abyss: An evaluation of concurrency control with one thousand cores," Proceedings of the VLDB Endowment, vol. 8, no. 3, pp. 209--220, 2014. Google ScholarDigital Library
X. Zhuang, T. Zhang, and S. Pande, "HIDE: an infrastructure for efficiently protecting information leakage on the address bus," in Proceedings of the 11th ASPLOS, 2004. Google ScholarDigital Library

Index Terms

PrORAM: dynamic prefetcher for oblivious RAM
1. Hardware
  1. Hardware validation
  2. Integrated circuits
    1. Semiconductor memory

Recommendations

PrORAM: dynamic prefetcher for oblivious RAM
ISCA'15

Oblivious RAM (ORAM) is an established technique to hide the access pattern to an untrusted storage system. With ORAM, a curious adversary cannot tell what address the user is accessing when observing the bits moving between the user and the storage ...
Read More
PrORAM: Fast $O (log n)$ Authenticated Shares ZK ORAM
Advances in Cryptology – ASIACRYPT 2021
Abstract
We construct a concretely efficient Zero Knowledge (ZK) Oblivious RAM (ORAM) for ZK Proof (ZKP) systems based on authenticated sharings of arithmetic values. It consumes $2 log n$ oblivious transfers (OTs) of length- $2 σ$ secrets per access of an ... $\frac{}{}^{}$
$^{}$
Read More
TLB Improvements for Chip Multiprocessors: Inter-Core Cooperative Prefetchers and Shared Last-Level TLBs

Translation Lookaside Buffers (TLBs) are critical to overall system performance. Much past research has addressed uniprocessor TLBs, lowering access times and miss rates. However, as Chip MultiProcessors (CMPs) become ubiquitous, TLB design and ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ISCA '15: Proceedings of the 42nd Annual International Symposium on Computer Architecture
June 2015
768 pages
ISBN:9781450334020
DOI:10.1145/2749469
General Chair:
Debbie Marr
Intel
,
Program Chair:
David Albonesi
Cornell
ACM SIGARCH Computer Architecture News Volume 43, Issue 3S
ISCA'15
June 2015
745 pages
ISSN:0163-5964
DOI:10.1145/2872887
Editor:
Doug DeGroot
acm dot org
Issue’s Table of Contents
Copyright © 2015 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 June 2015
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate543of3,203submissions,17%
Upcoming Conference
ISCA '24

Sponsor:

sigarch

ISCA '24: The 51st Annual International Symposium on Computer Architecture

June 29 - July 3, 2024

Buenos Aires , Argentina
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 32
  Total Citations
  View Citations
- 327
  Total Downloads
- Downloads (Last 12 months)38
- Downloads (Last 6 weeks)4
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

PrORAM: dynamic prefetcher for oblivious RAM

ISCA '15: Proceedings of the 42nd Annual International Symposium on Computer Architecture

ABSTRACT

References

Cited By

Index Terms

Recommendations

PrORAM: dynamic prefetcher for oblivious RAM

PrORAM: Fast $O (log n)$ Authenticated Shares ZK ORAM

TLB Improvements for Chip Multiprocessors: Inter-Core Cooperative Prefetchers and Shared Last-Level TLBs