Jian Liu,Kefei Wang,Feng Chen

DOI: https://doi.org/10.1109/ICDCS.2019.00064

2019-01-01

Abstract:The fast-pace advancement of flash technology has enabled us to build a very large-capacity cache system at a low cost. However, the reliability of flash devices still remains a non-negligible concern, especially for flash-based cache. This is for two reasons. First, corruption of dirty data in cache would cause a permanent loss of user data. Second, warming up a huge-capacity cache would take an excessively long period of time. In this paper, we present a highly reliable, efficient, object-based flash cache, called Reo. Reo is designed to leverage the highly expressible object interface to exploit the rich semantic knowledge of the flash cache manager. Reo has two key mechanisms, differentiated data redundancy and differentiated data recovery, to make a flash cache highly reliable, and in the meantime, still remains space efficient for high cache hit ratio. We have prototyped Reo based on open-osd, an open-source implementation of T10 Object Storage Device (OSD) in Linux. Our experimental results show that compared to uniform data protection, Reo achieves graceful performance degradation and prioritized recovery upon device failures. Compared to full replication, Reo is more space efficient and delivers up to 3.1 times of the cache hit ratio and up to 3.6 times of the bandwidth.

Yao Liu,Qingkai Zeng,Pinghai Yuan

DOI: https://doi.org/10.1007/978-3-319-78813-5_29

2017-01-01

Abstract:Oblivious RAM (ORAM) is a protocol to hide access pattern to an untrusted storage. ORAM prevents a curious adversary identifying what data address the user is accessing through observing the bits flows between the user and the untrusted storage system. Basically, ORAM protocols store user's data in shuffled form on the untrusted storage and substitute the original access with multiple access to random addresses to cover the real target. Such redundancy introduce significant performance overhead. Traditional Translation Lookaside Buffer (TLB) exploits temporal locality hide memory latency in DRAM systems. However, the ORAM locality is totally different and thus traditional TLB eviction strategy have a poor performance. In this paper, we propose O-TLB which exploits ORAM temporal locality and optimized TLB eviction strategy to reduce server-side memory I/O operations. Intuitively, exploiting locality for performance may expose this locality which breaks obliviousness. We challenge this intuition by exploiting locality based on server-side ORAM data structures. Unlike previous works, our approach do not sacrifice any provable security. Specifically, previous optimization works leaks access pattern through timing channel and do no fit with adaptive asynchronous obliviousness (AAOB) in a multiple users scenario. While in our method, the timing do not vary with locality of program and O-TLB optimization can be adopted directly keeping AAOB. Our simulation result show that with O-TLB scheme, the underlying ORAM server-side I/O performance is improved by 11%.

Wenlong Tian,Guo Jian,Zhiyong Xu,Ruixuan Li,Weijun Xiao

DOI: https://doi.org/10.1109/tdsc.2024.3361450

2024-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Recently, Oblivious Storage has been proposed to prevent privacy leakage from user access patterns, which obfuscates and makes it computationally indistinguishable from the random sequences by fake accesses and probabilistic encryption. The same data exhibits distinct ciphertexts. Thus, it seriously impedes cloud providers' efforts to improve storage utilization to remove user redundancy, which has been widely used in the existing cloud storage scenario. Inspired by the successful adoption of removing duplicate data in cloud storage, we attempt to integrate obliviousness, remove redundancy, and propose a practical oblivious storage, PEO-Store. Instead of fake accesses, introducing delegates breaks the mapping link between a valid access pattern and a specific client. The cloud interacts only with randomly authorized delegates. This design leverages non-interactive zero-knowledge-based redundancy detection, discrete logarithm problem-based key sharing, and secure time-based delivery proof. These components collectively protect access pattern privacy, accurately eliminate redundancy, and prove the data delivery among delegates and the cloud. Theoretical proof demonstrates that, in our design, the probability of identifying the valid access pattern with a specific client is negligible. Experimental results show that PEO-Store outperforms state-of-the-art methods, achieving an average throughput of up to 3 times faster and saving 74% of storage space.

computer science, information systems, software engineering, hardware & architecture

Jingchen Zhu,Guangyu Sun,Xian Zhang,Chao Zhang,Weiqi Zhang,Yun Liang,Tao Wang,Yiran Chen,Jia Di

DOI: https://doi.org/10.1109/TCAD.2019.2948914

IF: 2.9

2020-01-01

IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

Abstract:Outsourcing data to a third-party cloud provider has become quite common with the increasing use of cloud computing. This brings convenience, as well as the concern for data security and privacy. It is believed that data encryption alone is often not enough to protect users’ privacy from the cloud provider. According to previous work, the sequence of storage locations accessed by the client can leak up to 90% of the sensitive information, even with data encrypted. In this context, Oblivious RAM (ORAM) is proposed. ORAM algorithms allow the client to hide its access pattern from the service provider while introducing a lot of extra operations. Among all the prototypes, Path ORAM is one of the most promising designs. However, there are still redundant memory accesses that can be removed without harming the security of traditional ORAM as we observed. We came up with three optimization techniques, including path merging, ORAM request scheduling, and merging aware caching. We also propose a prefetching technique to further decreasing the access overhead. Moreover, we also illustrate the compatibility of Fork Path and some state-of-the-art Path ORAM optimizations. Compared to traditional Path ORAM approaches, our Fork Path ORAM can reduce overall performance overhead and power consumption of memory system by 65% and 44%, while the design overhead is trivial.

Mihai Ordean,Mark Ryan,David Galindo

DOI: https://doi.org/10.48550/arXiv.1709.10412

2017-09-29

Cryptography and Security

Abstract:This paper proposes Concurrent-Access Obfuscated Store (CAOS), a construction for remote data storage that provides access-pattern obfuscation in a honest-but-curious adversarial model, while allowing for low bandwidth overhead and client storage. Compared to the state of the art, the main advantage of CAOS is that it supports concurrent access without a proxy, for multiple read-only clients and a single read-write client. Concurrent access is achieved by letting clients maintain independent maps that describe how the data is stored. These maps might diverge from client to client, but it is guaranteed that no client will ever lose track of current data. We achieve efficiency and concurrency at the expense of perfect obfuscation: in CAOS the extent to which access patterns are hidden is determined by the resources allocated to its built-in obfuscation mechanism. To assess this trade-off we provide both a security and a performance analysis of our protocol instance. We additionally provide a proof-of-concept implementation.

Dandan Yuan,Xiangfu Song,Qiuliang Xu,Minghao Zhao,Xiaochao Wei,Hao Wang,Han Jiang

DOI: https://doi.org/10.1016/j.jisa.2018.01.002

IF: 4.96

2018-01-01

Journal of Information Security and Applications

Abstract:Data sharing is one of the basic applications for cloud storage, which is inherently suitable for scalability and multitenancy feature of cloud computing. Generally, for security and privacy concerns, clients tend to conceal (e.g. encrypt) their data content. However, access patterns, usually generated by behavior of users in sharing data rather than data content itself, may cause severe sensitive information leakage . Recently, oblivious random access memory (ORAM) has drawn increasingly attention as it is an ideal cryptographic tool for access pattern hiding. However, the existing ORAM-based data sharing schemes involve various deficiencies, either in high complexity for computation or heavy reliance of complex cryptography primitives. Inspired by the former schemes, in this paper we propose a novel ORAM based data sharing scheme with high security guarantee and high efficiency. The scheme can prevent the data block from arbitrary modification through Shuffle Correctness Proof. The security of the scheme is based on the IND-CPA security of encryption scheme, the unforgeability of Identity-Based signature and the security properties of basic Path-ORAM. Analysis shows that the scheme has the optimal computation and communication complexity.

Jingsen Zhu,Mengming Li,Xingjian Zhang,Kai Bu,Miao Zhang,Tianqi Song

DOI: https://doi.org/10.1109/tc.2023.3248272

2023-01-01

Abstract:Oblivious RAM (ORAM) remains a bittersweet protection of memory access patterns because of its prohibitively high overhead. The root cause is that ORAM hides intended accesses among a sufficiently large number of dummy accesses. Most existing optimizations mitigate memory accesses using architectural enhancements (e.g., cache) yet few of them improve the efficiency of ORAM primitives per se. In this paper, we identify path-grained static scheduling as a fundamental ORAM performance bottleneck. We propose level-grained dynamic scheduling that directly optimizes ORAM primitives to boost efficiency. It enables ORAM to service more than one request per path and write paths batch wise. We can thus boost ORAM efficiency through handling queued requests as soon as possible and remove as many redundant accesses as possible. Since optimized memory accesses still target the same set of paths, dynamic scheduling preserves ORAM security. We implement dynamic scheduling through Hitchhiker ORAM. In comparison with the state-of-the-art primitive-optimized Fork Path ORAM, Hitchhiker ORAM yields 31.5% fewer memory accesses, 60.2% shorter latency, and 40.7% less energy consumption, being 2.5× faster. In comparison with the state-of-the-art architecture-optimized $\rho$ , Hitchhiker ORAM is 1.5× faster and the integrated version— $\rho$ -Hitchhiker ORAM is 2.0× faster.

Xian Zhang,Guangyu Sun,Chao Zhang,Weiqi Zhang,Yun Liang,Tao Wang,Yiran Chen,Jia Di

DOI: https://doi.org/10.1145/2830772.2830787

2015-01-01

Micro

Abstract:Oblivious RAM (ORAM) is a cryptographic primitive that can prevent information leakage in the access trace to untrusted external memory. It has become an important component in modern secure processors. However, the major obstacle of adopting an ORAM design is the significantly induced overhead in memory accesses. Recently, Path ORAM has attracted attentions from researchers because of its simplicity in algorithms and efficiency in reducing memory access overhead. However, we observe that there exist a lot of redundant memory accesses during the process of ORAM requests. Moreover, we further argue that these redundant memory accesses can be removed without harming security of ORAM. Based on this observation, we propose a novel Fork Path ORAM scheme. By leveraging three optimization techniques, namely, path merging, ORAM request scheduling, and merging-aware caching, Fork Path ORAM can efficiently remove these redundant memory accesses. Based on this scheme, a detailed ORAM controller architecture is proposed and comprehensive experiments are performed. Compared to traditional Path ORAM approaches, our Fork Path ORAM can reduce overall performance overhead and power consumption of memory system by 58% and 38%, respectively, with negligible design overhead.

Anrin Chakraborti,Radu Sion

DOI: https://doi.org/10.48550/arXiv.1707.01211

2019-08-18

Abstract:Oblivious RAM protocols (ORAMs) allow a client to access data from an untrusted storage device without revealing the access patterns. Typically, the ORAM adversary can observe both read and write accesses. Write-only ORAMs target a more practical, {\em multi-snapshot adversary} only monitoring client writes -- typical for plausible deniability and censorship-resilient systems. This allows write-only ORAMs to achieve significantly-better asymptotic performance. However, these apparent gains do not materialize in real deployments primarily due to the random data placement strategies used to break correlations between logical and physical namespaces, a required property for write access privacy. Random access performs poorly on both rotational disks and SSDs (often increasing wear significantly, and interfering with wear-leveling mechanisms). In this work, we introduce SqORAM, a new locality-preserving write-only ORAM that preserves write access privacy without requiring random data access. Data blocks close to each other in the logical domain land in close proximity on the physical media. Importantly, SqORAM maintains this data locality property over time, significantly increasing read throughput. A full Linux kernel-level implementation of SqORAM is 100x faster than non locality-preserving solutions for standard workloads and is 60-100% faster than the state-of-the-art for typical file system workloads.

Cryptography and Security

Rui Li,Zhiqiang Wu

DOI: https://doi.org/10.14722/ndss.2023.24423

Abstract:—Dynamic searchable encryption (DSE) is a user-cloud protocol for searching over outsourced encrypted data. Many current DSE schemes resort to oblivious RAMs (ORAM) to achieve forward privacy and backward privacy, which is a concept to describe security levels of the protocol. We show that, however, most prior ORAM-based DSE suffers from a new problem: it is inefficient to fetch/insert a large set of data blocks. We call this the large-stash eviction problem. To address the problem, we present OBI, a multi-path Oblivious RAM, which accesses multiple tree paths per query for handling a large set of data blocks. We classify traditional tree-based ORAMs as single-path ORAMs if they access a single path per query. OBI has two new high-throughput multi-path eviction algorithms that are several orders of magnitude more efficient than the well-known PATH-ORAM eviction algorithm when the stash is large. We prove that the proposed multi-path ORAM outperforms the traditional single-path ORAM in terms of local stash size and insertion efficiency. Security analysis shows that OBI is secure under the strong forward and backward security model. OBI can protect the well-known DSE leakage, such as the search pattern and the size pattern. We also show that OBI can be applied to oblivious file systems and oblivious conjunctive-query DSE schemes. We conduct experiments on the Enron dataset. The experimental results demonstrate that OBI is far more efficient than the state-of-the-art ORAM-based DSE schemes.

Computer Science

Zhihong Chen,Bo Zhao,Hai Lin,Lin Chen

DOI: https://doi.org/10.1109/ojcs.2020.3032020

2020-01-01

IEEE Open Journal of the Computer Society

Abstract:When scaling a distributed ORAM to a two-party secure computation, the overhead is dominated by the number of pseudo-random generator (PRG) calls in generation and evaluation of a distributed point function (DPF), which are O(logn) and O(n) respectively, where n is the number of data blocks. We propose a distributed ORAM scheme, in which the PRG calls are reduced to O(log(zn/λ)) for generation and O(2log(zn/λ)) for evaluation, where λ is the secure parameter and z is the length of outputs in DPF. Technically, we first extend the optimization of Function Secret Sharing (FSS), early termination for functions with small output groups, to the context of ORAM for secure computation. Then, we design a scheme named etoram to exploit the high efficiency achieved by early termination. In etoram, we introduce an access counter for each data block. Then, instead of {0,1}λ, the output of the point function becomes the maximum value of these counters, i.e.,{0,1}z. Data blocks are privately updated by masking random strings generated by their counters. In practice, according to different access rates, z ranges from 1 to logn in sequential mode and from 3 to logn in random mode if the total number of accesses is n.

Kolesnikov, Vladimir,Peceny, Stanislav,Trieu, Ni,Wang, Xiao

DOI: https://doi.org/10.1007/s12095-024-00745-8

2024-09-25

Cryptography and Communications

Abstract:Data-dependent accesses to memory are necessary for many real-world applications, but their cost remains prohibitive in secure computation. Prior work either focused on minimizing the need for data-dependent access in these applications, or reduced its cost by improving oblivious RAM for secure computation (SC-ORAM). Despite extensive efforts to improve SC-ORAM, the most concretely efficient solutions still require s per access to arrays of entries. In this work, we take a pragmatic approach, exploring how concretely cheap MPC RAM access could be made if we are willing to allow one of the participants to learn the access pattern. We design a highly efficient Shared-Output Client-Server ORAM ( ) that has constant overhead, uses one round trip of interaction per access, and whose access cost is independent of array size. is useful in settings with hard performance constraints, where one party in the computation is more trust-worthy and is allowed to learn the RAM access pattern. Our is assisted by a third helper party that helps initialize (and reinitialize, as needed) the protocol and is designed for the honest-majority semi-honest corruption model. We implement our construction in C++ and report its performance. For an array of length with 4B entries, we communicate 13B per access and take essentially no overhead beyond network latency.

computer science, theory & methods,mathematics, applied

Xian Zhang,Guangyu Sun,Peichen Xie,Chao Zhang,Yannan Liu,Lingxiao Wei,Qiang Xu,Chun Jason Xue

DOI: https://doi.org/10.1109/micro.2018.00082

2018-01-01

Abstract:Oblivious RAM (ORAM) is a cryptographic primitive designed to hide memory access patterns. To achieve this objective, the intended data block is loaded and evicted back together with other data blocks and dummy blocks in each ORAM access. To further protect the timing pattern, extra dummy ORAM accesses are triggered periodically. Such designs lead to huge memory access overheads. Many techniques have been proposed to mitigate this problem by reducing the total number of ORAM accesses and the number of blocks per access. However, the impact of the access order of intended data block in an ORAM access is not addressed yet. In this work, we argue that higher performance can be achieved by advancing the access to the intended data block in ORAM accesses. However, changing the access order of blocks directly compromises the ORAM security. To solve this problem, we propose a duplication method to advance the access to the intended data blocks without compromising the ORAM security. The method leverages dummy blocks to store extra copies of data blocks, to facilitate early access of intended data blocks. These dummy blocks with valid data duplications are called Shadow blocks in this work. We further introduce two data duplication techniques, called RD-Dup and HD-Dup, to reorder the data block access for different purposes. In addition, we propose ORAM space partitioning to make RD-Dup and HD-Dup cooperate with each other efficiently. Compared with state-of-the-art ORAMs, our design can achieve a 32% reduction in system execution time on average, with negligible hardware overheads.

Haojie Ye,Yuchen Xia,Yuhan Chen,Kuan-Yu Chen,Yichao Yuan,Shuwen Deng,Baris Kasikci,Trevor Mudge,Nishil Talati

2024-11-08

Abstract:Oblivious RAM (ORAM) hides the memory access patterns, enhancing data privacy by preventing attackers from discovering sensitive information based on the sequence of memory accesses. The performance of ORAM is often limited by its inherent trade-off between security and efficiency, as concealing memory access patterns imposes significant computational and memory overhead. While prior works focus on improving the ORAM performance by prefetching and eliminating ORAM requests, we find that their performance is very sensitive to workload locality behavior and incurs additional management overhead caused by the ORAM stash pressure. This paper presents Palermo: a protocol-hardware co-design to improve ORAM performance. The key observation in Palermo is that classical ORAM protocols enforce restrictive dependencies between memory operations that result in low memory bandwidth utilization. Palermo introduces a new protocol that overlaps large portions of memory operations, within a single and between multiple ORAM requests, without breaking correctness and security guarantees. Subsequently, we propose an ORAM controller architecture that executes the proposed protocol to service ORAM requests. The hardware is responsible for concurrently issuing memory requests as well as imposing the necessary dependencies to ensure a consistent view of the ORAM tree across requests. Using a rich workload mix, we demonstrate that Palermo outperforms the RingORAM baseline by 2.8x, on average, incurring a negligible area overhead of 5.78mm^2 (less than 2% in 12th generation Intel CPU after technology scaling) and 2.14W without sacrificing security. We further show that Palermo also outperforms the state-of-the-art works PageORAM, PrORAM, and IR-ORAM.

Cryptography and Security,Hardware Architecture

Daniel S. Roche,Adam J. Aviv,Seung Geol Choi

DOI: https://doi.org/10.48550/arXiv.1505.07391

2015-11-21

Abstract:We present a new oblivious RAM that supports variable-sized storage blocks (vORAM), which is the first ORAM to allow varying block sizes without trivial padding. We also present a new history-independent data structure (a HIRB tree) that can be stored within a vORAM. Together, this construction provides an efficient and practical oblivious data structure (ODS) for a key/value map, and goes further to provide an additional privacy guarantee as compared to prior ODS maps: even upon client compromise, deleted data and the history of old operations remain hidden to the attacker. We implement and measure the performance of our system using Amazon Web Services, and the single-operation time for a realistic database (up to $2^{18}$ entries) is less than 1 second. This represents a 100x speed-up compared to the current best oblivious map data structure (which provides neither secure deletion nor history independence) by Wang et al. (CCS 14).

Cryptography and Security,Data Structures and Algorithms

Leqian Zheng,Zheng Zhang,Wentao Dong,Yao Zhang,Ye Wu,Cong Wang

2024-09-11

Abstract:The combination of Oblivious RAM (ORAM) with Trusted Execution Environments (TEE) has found numerous real-world applications due to their complementary nature. TEEs alleviate the performance bottlenecks of ORAM, such as network bandwidth and roundtrip latency, and ORAM provides general-purpose protection for TEE applications against attacks exploiting memory access patterns. The defining property of this combination, which sets it apart from traditional ORAM designs, is its ability to ensure that memory accesses, both inside and outside of TEEs, are made oblivious, thus termed doubly oblivious RAM (O$_2$RAM). Efforts to develop O$_2$RAM with enhanced performance are ongoing. In this work, we propose H$_2$O$_2$RAM, a high-performance doubly oblivious RAM construction. The distinguishing feature of our approach, compared to the existing tree-based doubly oblivious designs, is its first adoption of the hierarchical framework that enjoys inherently better data locality and parallelization. While the latest hierarchical solution, FutORAMa, achieves concrete efficiency in the classic client-server model by leveraging a relaxed assumption of sublinear-sized client-side private memory, adapting it to our scenario poses challenges due to the conflict between this relaxed assumption and our doubly oblivious requirement. To this end, we introduce several new efficient oblivious components to build a high-performance hierarchical O$_2$RAM (H$_2$O$_2$RAM). We implement our design and evaluate it on various scenarios. The results indicate that H$_2$O$_2$RAM reduces execution time by up to $\sim 10^3$ times and saves memory usage by $5\sim44$ times compared to state-of-the-art solutions.

Cryptography and Security

Mriganka Shekhar Chakravarty,Biswabandan Panda

DOI: https://doi.org/10.48550/arXiv.2106.09966

2021-06-18

Abstract:Keystone is a trusted execution environment, based on RISC-V architecture. It divides the memory into a secure Keystone private memory and an unsecure non-Keystone memory, and allows code that lies inside the Keystone private memory to execute securely. Simple demand paging in Keystone ends up leaking sensitive access patterns of Keystone application to the Operating System(OS), that is assumed to be malicious. This is because, to access the unsecure non-Keystone memory, Keystone needs support of the OS. To mitigate this, Keystone needs to implement oblivious demand paging while obfuscating its page access patterns by using Oblivious RAM(ORAM) techniques. This causes substantial slowdown in the application execution. In this paper, we bridge the performance gap between application execution time with unsecure and secure demand paging in Keystone by using Deterministic, stash free, Write only ORAM (DetWoORAM) for oblivious demand paging. We also show why DetWoORAM, that is a write-only ORAM, is sufficient for oblivious demand paging. DetWoORAM logically partitions the memory into a main area and a holding area. The actual pages are stored in main area. We propose two enhancements over DetWoORAM that improves the application execution slowdown. The first enhancement, which we call the Eager DetWoORAM, involves page preloading that exploits the deterministic access pattern of DetWoORAM, and tries to hide the ORAM latency. The second enhancement, which we call the Parallel DetWoORAM, involves spawning multiple threads and each thread performs a part of the DetWoORAM memory access algorithm. Compared to DetWoORAM that shows slowdown of [1.4x, 2x, and 3.24x], Eager DetWoORAM and Parallel DetWoORAM provide slowdown of [1.2x, 1.8x, and 3.2x] and [1.1x, 1.1x, and 1.4x], for k= 3, 7, and 15, respectively.

Cryptography and Security,Performance

Yuxia Cheng,Qing Wu,Bei Wang,Wenzhi Chen

DOI: https://doi.org/10.1007/978-3-319-69471-9_4

2017-01-01

Abstract:Protecting data security and privacy is one of the top concerns in the public cloud. As the cloud infrastructure is complex, and it is difficult for cloud users to gain trust. Particularly, how to guarantee the confidentiality and integrity of in-memory user private data in untrusted cloud faces big challenges. The in-memory data is typically used for online processing that requires high performance and plaintext access in CPU, therefore simple data encryption is infeasible for in-memory data security protection. In this paper, we propose a secure in-memory data cache scheme based on the memcached key-value store system and leverage the new trusted Intel SGX processors to protect sensitive operations. Firstly, we build a secure enclave and design a trusted channel protocol using remote attestation mechanism. Secondly, we propose a cache server partitioning method that decouples the sensitive key-value operations with enclave protection. Thirdly, we implement a secure client library to maintain the original cache semantics for application compatibility. The experimental result showed that the proposed solutions achieves comparable performance with the traditional key-value store systems, while improves the level of data security in untrusted cloud.

Chao Liu,Cankun Hou,Tianyu Jiang,Jianting Ning,Hui Qiao,Yusen Wu

DOI: https://doi.org/10.1109/tifs.2024.3427311

IF: 7.231

2024-07-26

IEEE Transactions on Information Forensics and Security

Abstract:Data-driven landscape across finance, government, and healthcare, the continuous generation of information demands robust solutions for secure storage, efficient dissemination, and fine-grained access control. Blockchain technology emerges as a significant tool, offering decentralized storage while upholding the tenets of data security and accessibility. However, on-chain and off-chain strategies are still confronted with issues such as untrusted off-chain data storage, absence of data ownership, limited access control policy for clients, and a deficiency in data privacy and auditability. To solve these challenges, we propose a permissioned blockchain-based privacy-preserving fine-grained access control on-chain and off-chain system, namely FACOS. We applied three fine-grained access control solutions and comprehensively analyzed them in different aspects, which provides an intuitive perspective for system designers and clients to choose the appropriate access control method for their systems. Compared to similar work that only stores encrypted data in centralized or non-fault-tolerant IPFS systems, we enhanced off-chain data storage security and robustness by utilizing a highly efficient and secure asynchronous Byzantine fault tolerance (BFT) protocol in the off-chain environment. As each of the clients needs to be verified and authorized before accessing the data, we involved the Trusted Execution Environment (TEE)-based solution to verify the credentials of clients. Additionally, our evaluation results demonstrated that our system (https://github.com/cliu717/AsynchronousStorage) offers better scalability and practicality than other state-of-the-art designs. We deployed our system on Alibaba Cloud and Tencent Cloud and conducted multiple evaluations. The results indicate that it takes about 2.79 seconds for a client to execute the protocol for uploading and about 0.96 seconds for downloading. Compared to other decentralized systems, our system exhibits efficient latency for both download and upload operations.

computer science, theory & methods,engineering, electrical & electronic

Thore Thießen,Jan Vahrenhold

DOI: https://doi.org/10.4230/LIPIcs.ISAAC.2024.36

2024-09-18

Abstract:Oblivious RAM (ORAM) is a well-researched primitive to hide the memory access pattern of a RAM computation; it has a variety of applications in trusted computing, outsourced storage, and multiparty computation. In this paper, we study the so-called offline ORAM in which the sequence of memory access locations to be hidden is known in advance. Apart from their theoretical significance, offline ORAMs can be used to construct efficient oblivious algorithms. We obtain the first optimal offline ORAM with perfect security from oblivious priority queues via time-forward processing. For this, we present a simple construction of an oblivious priority queue with perfect security. Our construction achieves an asymptotically optimal (amortized) runtime of $\Theta(\log N)$ per operation for a capacity of $N$ elements and is of independent interest. Building on our construction, we additionally present efficient external-memory instantiations of our oblivious, perfectly-secure construction: For the cache-aware setting, we match the optimal I/O complexity of $\Theta(\frac{1}{B} \log \frac{N}{M})$ per operation (amortized), and for the cache-oblivious setting we achieve a near-optimal I/O complexity of $O(\frac{1}{B} \log \frac{N}{M} \log\log_M N)$ per operation (amortized).

Data Structures and Algorithms,Cryptography and Security