5 research outputs found
SqORAM: Read-Optimized Sequential Write-Only Oblivious RAM
Oblivious RAM protocols (ORAMs) allow a client to access data from an
untrusted storage device without revealing the access patterns. Typically, the
ORAM adversary can observe both read and write accesses. Write-only ORAMs
target a more practical, {\em multi-snapshot adversary} only monitoring client
writes -- typical for plausible deniability and censorship-resilient systems.
This allows write-only ORAMs to achieve significantly-better asymptotic
performance. However, these apparent gains do not materialize in real
deployments primarily due to the random data placement strategies used to break
correlations between logical and physical namespaces, a required property for
write access privacy. Random access performs poorly on both rotational disks
and SSDs (often increasing wear significantly, and interfering with
wear-leveling mechanisms). In this work, we introduce SqORAM, a new
locality-preserving write-only ORAM that preserves write access privacy without
requiring random data access. Data blocks close to each other in the logical
domain land in close proximity on the physical media. Importantly, SqORAM
maintains this data locality property over time, significantly increasing read
throughput. A full Linux kernel-level implementation of SqORAM is 100x faster
than non locality-preserving solutions for standard workloads and is 60-100%
faster than the state-of-the-art for typical file system workloads
Write-Only Oblivious RAM based Privacy-Preserved Access of Outsourced Data
Oblivious RAM (ORAM) has recently attracted a lot of interest since it can be used to protect the privacy of data user’s data access pattern from (honest but curious) outsourced storage. This is achieved by simulating each original data read or write operation with some read and write operations on some real and dummy data items. This paper proposes two single-server writeonly ORAM schemes and one multi-server write-only ORAM scheme, which simulate only the write operations and protect only the write pattern. The reduction of functions however allows to build much simpler and efficient (in terms of communication cost and storage usage) write-only ORAMs. Write-only ORAM can be used in conjunction with Private Information Retrieval (PIR), which is a technique to protect data user’s read patterns, in order to protect both write and read patterns. Write-only ORAM may be used alone too, when only write patterns need protection. We study two usage scenarios: (i) data publishing/sharing: where a data owner shares the data with others, who only consume the published information. Data consumers should not have write access to the outsourced data, and thus cannot use ORAM to protect their read patterns in this scenario. To hide access patterns from the outsourced storage, the data owner can use ORAM to write data
Deterministic, Stash-Free Write-Only ORAM
Write-Only Oblivious RAM (WoORAM) protocols provide privacy by encrypting the
contents of data and also hiding the pattern of write operations over that
data. WoORAMs provide better privacy than plain encryption and better
performance than more general ORAM schemes (which hide both writing and reading
access patterns), and the write-oblivious setting has been applied to important
applications of cloud storage synchronization and encrypted hidden volumes. In
this paper, we introduce an entirely new technique for Write-Only ORAM, called
DetWoORAM. Unlike previous solutions, DetWoORAM uses a deterministic,
sequential writing pattern without the need for any "stashing" of blocks in
local state when writes fail. Our protocol, while conceptually simple, provides
substantial improvement over prior solutions, both asymptotically and
experimentally. In particular, under typical settings the DetWoORAM writes only
2 blocks (sequentially) to backend memory for each block written to the device,
which is optimal. We have implemented our solution using the BUSE (block device
in user-space) module and tested DetWoORAM against both an encryption only
baseline of dm-crypt and prior, randomized WoORAM solutions, measuring only a
3x-14x slowdown compared to an encryption-only baseline and around 6x-19x
speedup compared to prior work