Oblivious RAM from theory to practice
Master Thesis
Συγγραφέας
Τσακτσήρας, Δημήτριος
Tsaktsiras, Dimitrios
Ημερομηνία
2017-03Επιβλέπων
Λαμπρινουδάκης, ΚωνσταντίνοςΠροβολή/ Άνοιγμα
Λέξεις κλειδιά
ORAM (Oblivious RAM) ; Computer security ; OptimizationΠερίληψη
Outsourcing storage/computation has been gaining popularity because its elasticity. However, this new type of storage model also brings security concerns. Privacy of data storage has long been a central problem in computer security. The most common technique to protect our data is to encrypt it. However, encryption does not prevent information disclosure about where we read or write in our data. This additional information, the access pattern, can be used to reverse-engineer proprietary programs as they run, reveal a user's physical location or health information, and more, even if data is correctly encrypted.
A cryptographic primitive, which provably hides a client’ access pattern as seen by untrusted storage, called Oblivious RAM (ORAM). ORAM was introduced by Goldreich and Ostrovsky [1], where in the key motivation was stated as software protection from an adversary who can observe the memory access pattern (but not the contents of the memory). ORAM incurs a large performance overhead and can require a large amount of client, who is considered trusted, storage. In particular, ORAM schemes require the client to continuously shuffle the data stored in the untrusted storage, using the trusted storage. Early work on ORAM proves that this operation must incur a client-storage bandwidth blowup that is logarithmic in the dataset size, which can translate to > 100× in practice. This thesis studies several ORAM schemes that could make feasible the use of ORAM in practice by reducing performance overhead and in some cases client storage.
We address this challenge by presenting ORAM schemes that make both theoretical and practical contributions. Those schemes are categorized based on their characteristics. The 4 main categories are Path ORAM, Constant worst-case bandwidth blowup, ObliviStore, and Applied ORAM. In the Path ORAM family we present the schemes Path ORAM [2], Path Oblivious RAM in Secure Processors [7], Circuit ORAM [8], Bucket ORAM [44] and Ring ORAM [11] and a comparison between them. The Constant worst-case bandwidth blowup ORAM family includes Onion ORAM [14] and C – ORAM [22] and we present the respective comparison. In Chapter 5 we present and compare ObliviStore ORAM [5], Burst ORAM [13] and CURIOUS ORAM [35], which are included in the ObliviStore ORAM Family. Finally, we present two Applied ORAM schemes ObliviSync [50] and Tiny ORAM [33]. ObliviSync is an oblivious cloud storage system that specifically targets one of the most widely-used personal cloud storage paradigms. Tiny ORAM is a hardware ORAM with small client storage, integrity verification, or encryption units.