2 research outputs found
An Efficient Three-Entity Oblivious RAM Protocol
Cloud storage services are becoming more widely used in recent decades. Lots of systems can protect stored information from being leaked by data encryption but it is difficult to protect data access pattern privacy with high efficiency compared to non-oblivious systems. Also, lots of Oblivious RAM (ORAM) systems developed by researchers are just proposed but not implemented in the real world due to high overheads in communication and storage. In this report, we implement a new Oblivious RAM (ORAM) system which dramatically decreases server storage capacity, lowers communication cost and reduces query delay. We also show that this ORAM system can protect client’s data access patterns
Towards efficient and accountable oblivious cloud storage
Due to the convenience and unprecedented cost effectiveness, more and more individuals
and organizations have utilized cloud storage servers to host their data. However, because
of security and privacy concerns, not all data can be outsourced without reservation. The
concerns are rooted from the users\u27 loss of data control from their hands to the cloud servers\u27
premise and the infeasibility for them to fully trust the cloud servers. The cloud servers can
be compromised by hackers, and they themselves may not be fully trustable.
Though encryption helps to secure data, the server or the attacker who compromise the
server is still able to infer private information from the user\u27s access pattern. It is possible
for an attacker to use the access pattern information to reconstruct the data query and infer
the plaintext of the data. Hence, a large variety of schemes based on the oblivious RAM
(ORAM) model have been proposed to allow a user to access the exported data while preserving
user\u27s data access pattern. Most of these research has focused on the communication efficiency
improvement, but the storage efficiency has not received much attention. To host N data blocks,
in general, the state-of-the-art ORAM constructions need the storage server to also store cN
with c \u3e 3 or O(N logN) dummy data blocks, which represents a huge storage overhead
when N is large. In addition to the inefficiency in server storage, most of existing ORAM
constructions incur O(logN) blocks or higher client-server communication cost. Though some
recent work has reduced the cost to O(1) blocks by employing multiple non-colluding servers,
the system could become vulnerable if some server does not follow the protocol completely.
x
To address the above limitations, we develop a series of new ORAM constructions, gradually
towards a more practical and secure solution that can obliviously protect the data access pattern
for users of cloud storage with more affordable storage, client-server communication, and server
communication overheads. Specifically, this dissertation presents:
SE-ORAM, which reduces server storage overhead to zero, but at the same time, incurs
a client server communication cost of O(log2 N) blocks;
Octopus ORAM, which incurs 0:34NB server storage overhead, and reduces client-server
communication cost to three blocks for query and about 1:5 logN blocks for eviction per
query;
Three-server Octopus ORAM, an efficient and accountable multi-server ORAM, which
incurs 0:3N B server storage overhead and reduces client-server communication cost to
O(1) blocks, at the expense of server-server communication cost at O(logN) blocks per
query.
We have rigorously quantified and proved the security strengths of these constructions and
demonstrated their performance efficiency through detailed analysis