DF-ORAM: A Practical Dummy Free Oblivious RAM to Protect Outsourced Data Access Pattern

  • Qiumao Ma
  • Wensheng ZhangEmail author
  • Jinsheng Zhang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9955)


Oblivious RAM (ORAM) is a security-provable model that can be used to protect a client’s access pattern to remote storage. Existing ORAM constructions were designed mainly for communication efficiency, but the server-side storage efficiency was generally neglected. This paper proposes DF-ORAM, which has the following features when N blocks each of B bits are outsourced: (i) server-side storage overhead is 3N bits (i.e., no dummy blocks); (ii) no server-side computational cost; (iii) server-client communication cost is \(O(\log N\cdot B)\) bit per query; and (iv) client-side storage cost is \(O(\lambda \cdot B)\) bits where \(\lambda \) is a security parameter. Asymptotical and implementation-based evaluation demonstrate DF-ORAM to be the most communication-efficient and storage-efficient one among the existing ORAMs that do not require server-side computation.


Leaf Node Query Process Communication Cost Data Block Access Delay 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.



This work was partly supported by NSF under grant CNS-1422402.


  1. 1.
    Gentry, C., Goldman, K.A., Halevi, S., Julta, C., Raykova, M., Wichs, D.: Optimizing ORAM and using it efficiently for secure computation. In: De Cristofaro, E., Wright, M. (eds.) PETS 2013. LNCS, vol. 7981, pp. 1–18. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39077-7_1 CrossRefGoogle Scholar
  2. 2.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)CrossRefzbMATHMathSciNetGoogle Scholar
  3. 3.
    Goodrich, M.T., Mitzenmacher, M.: Mapreduce parallel cuckoo hashing and oblivious RAM simulations. In: Proceedings of the CoRR (2010)Google Scholar
  4. 4.
    Goodrich, M.T., Mitzenmacher, M.: Privacy-preserving access of outsourced data via oblivious RAM simulation. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, pp. 576–587. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22012-8_46 CrossRefGoogle Scholar
  5. 5.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Oblivious RAM simulation with efficient worst-case access overhead. In: Proceedings of the CCSW (2011)Google Scholar
  6. 6.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Privacy-preserving group data access via stateless oblivious RAM simulation. In: Proceedings of the SODA (2012)Google Scholar
  7. 7.
    Islam, M., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of the NDSS (2012)Google Scholar
  8. 8.
    Kushilevitz, E., Lu, S., Ostrovsky, R.: On the (in)security of hash-based oblivious RAM and a new balancing scheme. In: Proceedings of the SODA (2012)Google Scholar
  9. 9.
    Ma, Q., Zhang, J., Zhang, W., Qiao, D.: SE-ORAM: a storage-efficient oblivious RAM for privacy-preserving access to cloud storage. In: Proceedings of the 3rd IEEE International Conference on Cyber Security and Cloud Computing, Bejing, China (2016)Google Scholar
  10. 10.
    Moataz, T., Mayberry, T., Blass, E.O.: Constant communication ORAM with small blocksize. In: Proceedings of the CCS (2015)Google Scholar
  11. 11.
    Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-14623-7_27 CrossRefGoogle Scholar
  12. 12.
    Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with \(O((\log N)^3)\) worst-case cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, pp. 197–214. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-25385-0_11 CrossRefGoogle Scholar
  13. 13.
    Stefanov, E., Dijk, M.V., Shi, E., Fletcher, C., Ren, L., Yu, X., Devadas, S.: Path ORAM: an extremely simple oblivious RAM protocol. In: Proceedings of the CCS (2013)Google Scholar
  14. 14.
    Stefanov, E., Shi, E.: Multi-cloud oblivious storage. In: Proceedings of the CCS (2013)Google Scholar
  15. 15.
    Stefanov, E., Shi, E.: ObliviStore: high performance oblivious cloud storage. In: Proceedings of the S&P (2013)Google Scholar
  16. 16.
    Stefanov, E., Shi, E., Song, D.: Towards practical oblivious RAM. In: Proceedings of the NDSS (2011)Google Scholar
  17. 17.
    Wang, X.S., Huang, Y., Chan, T.H.H., Shelat, A., Shi, E.: SCORAM: oblivious RAM for secure computation. In: Proceedings of the CCS (2014)Google Scholar
  18. 18.
    Williams, P., Sion, R.: Single round access privacy on outsourced storage. In: Proceedings of the CCS (2012)Google Scholar
  19. 19.
    Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: Proceedings of the CCS (2008)Google Scholar
  20. 20.
    Williams, P., Sion, R., Tomescu, A.: PrivateFS: a parallel oblivious file system. In: Proceedings of the CCS (2012)Google Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  1. 1.Department of Computer ScienceIowa State UniversityAmesUSA

Personalised recommendations