27 research outputs found
Perfectly Secure Oblivious RAM without Random Oracles
We present an algorithm for implementing a secure oblivious RAM where the access pattern is perfectly hidden in the information theoretic sense, without assuming that the CPU has access to a random oracle. In addition we prove a lover bound on the amount of randomness needed for information theoretically secure oblivious RAM.
Path ORAM: An Extremely Simple Oblivious RAM Protocol
We present Path ORAM, an extremely simple Oblivious RAM protocol with a small
amount of client storage. Partly due to its simplicity, Path ORAM is the most
practical ORAM scheme known to date with small client storage. We formally
prove that Path ORAM has a O(log N) bandwidth cost for blocks of size B =
Omega(log^2 N) bits. For such block sizes, Path ORAM is asymptotically better
than the best known ORAM schemes with small client storage. Due to its
practicality, Path ORAM has been adopted in the design of secure processors
since its proposal
Path ORAM: An Extremely Simple Oblivious RAM Protocol
We present Path ORAM, an extremely simple Oblivious RAM protocol with a small amount of client storage. Partly due to its simplicity, Path ORAM is the most practical ORAM scheme for small client storage known to date. We formally prove that Path ORAM requires log^2 N / log X bandwidth overhead for block size B = X log N. For block sizes bigger than Omega(log^2 N), Path ORAM is asymptotically better than the best known ORAM scheme with small client storage. Due to its practicality, Path ORAM has been adopted in the design of secure processors since its proposal.National Science Foundation (U.S.). Graduate Research Fellowship Program (Grant DGE-0946797)National Science Foundation (U.S.). Graduate Research Fellowship Program (Grant DGE-1122374)American Society for Engineering Education. National Defense Science and Engineering Graduate FellowshipNational Science Foundation (U.S.) (Grant CNS-1314857)United States. Defense Advanced Research Projects Agency (Clean-slate design of Resilient, Adaptive, Secure Hosts Grant N66001-10-2-4089
Statistically-secure ORAM with Overhead
We demonstrate a simple, statistically secure, ORAM with computational
overhead ; previous ORAM protocols achieve only
computational security (under computational assumptions) or require
overheard. An additional benefit of our ORAM is its
conceptual simplicity, which makes it easy to implement in both software and
(commercially available) hardware.
Our construction is based on recent ORAM constructions due to Shi, Chan,
Stefanov, and Li (Asiacrypt 2011) and Stefanov and Shi (ArXiv 2012), but with
some crucial modifications in the algorithm that simplifies the ORAM and enable
our analysis. A central component in our analysis is reducing the analysis of
our algorithm to a "supermarket" problem; of independent interest (and of
importance to our analysis,) we provide an upper bound on the rate of "upset"
customers in the "supermarket" problem
Data-Oblivious Graph Algorithms in Outsourced External Memory
Motivated by privacy preservation for outsourced data, data-oblivious
external memory is a computational framework where a client performs
computations on data stored at a semi-trusted server in a way that does not
reveal her data to the server. This approach facilitates collaboration and
reliability over traditional frameworks, and it provides privacy protection,
even though the server has full access to the data and he can monitor how it is
accessed by the client. The challenge is that even if data is encrypted, the
server can learn information based on the client data access pattern; hence,
access patterns must also be obfuscated. We investigate privacy-preserving
algorithms for outsourced external memory that are based on the use of
data-oblivious algorithms, that is, algorithms where each possible sequence of
data accesses is independent of the data values. We give new efficient
data-oblivious algorithms in the outsourced external memory model for a number
of fundamental graph problems. Our results include new data-oblivious
external-memory methods for constructing minimum spanning trees, performing
various traversals on rooted trees, answering least common ancestor queries on
trees, computing biconnected components, and forming open ear decompositions.
None of our algorithms make use of constant-time random oracles.Comment: 20 page
Zig-zag Sort: A Simple Deterministic Data-Oblivious Sorting Algorithm Running in O(n log n) Time
We describe and analyze Zig-zag Sort--a deterministic data-oblivious sorting
algorithm running in O(n log n) time that is arguably simpler than previously
known algorithms with similar properties, which are based on the AKS sorting
network. Because it is data-oblivious and deterministic, Zig-zag Sort can be
implemented as a simple O(n log n)-size sorting network, thereby providing a
solution to an open problem posed by Incerpi and Sedgewick in 1985. In
addition, Zig-zag Sort is a variant of Shellsort, and is, in fact, the first
deterministic Shellsort variant running in O(n log n) time. The existence of
such an algorithm was posed as an open problem by Plaxton et al. in 1992 and
also by Sedgewick in 1996. More relevant for today, however, is the fact that
the existence of a simple data-oblivious deterministic sorting algorithm
running in O(n log n) time simplifies the inner-loop computation in several
proposed oblivious-RAM simulation methods (which utilize AKS sorting networks),
and this, in turn, implies simplified mechanisms for privacy-preserving data
outsourcing in several cloud computing applications. We provide both
constructive and non-constructive implementations of Zig-zag Sort, based on the
existence of a circuit known as an epsilon-halver, such that the constant
factors in our constructive implementations are orders of magnitude smaller
than those for constructive variants of the AKS sorting network, which are also
based on the use of epsilon-halvers.Comment: Appearing in ACM Symp. on Theory of Computing (STOC) 201