Memory Access Pattern Protection for Resource-Constrained Devices

  • Yuto Nakano
  • Carlos Cid
  • Shinsaku Kiyomoto
  • Yutaka Miyake
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7771)


We propose a practice-oriented scheme for protecting RAM access pattern. We first consider an instance which relies on the use of a secure (trusted) hardware buffer; it achieves both security and performance levels acceptable in practice by adapting ideas from oblivious RAM mechanisms, yet without the expensive (re-)shuffling of buffers. Another instance requires no special hardware, but as a result leads to a higher, yet practical overhead. One of the main features of the proposal is to maintain the history of memory access to help hiding the access pattern. We claim that under reasonable assumptions, the first scheme with trusted memory is secure with overhead of only 6 ×, as is the second scheme with overhead of (2m + 2ℓ h  + 2) × where m and ℓ h are respectively the size of the buffer and history. We note that although the proposal is particularly focused on the software execution protection environment, its security may well be appropriate for most uses in the remote storage environment, to prevent access pattern leakage of cloud storage with much lower performance overhead than existing solutions.


Access Pattern Protection Oblivious RAM Shuffle Buffer 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ajtai, M.: Oblivious RAMs without cryptographic assumptions. In: Schulman, L.J. (ed.) STOC, pp. 181–190. ACM (2010)Google Scholar
  2. 2.
    Boneh, D., Mazieres, D., Popa, R.A.: Remote Oblivious Storage: Making Oblivious RAM Practical. Technical Report MIT-CSAIL-TR-2011-018, Massachusetts Institute of Technology (2011)Google Scholar
  3. 3.
    Chor, B., Goldreich, O., Kushilevitz, E., Sudan, M.: Private Information Retrieval. In: FOCS, pp. 41–50. IEEE Computer Society (1995)Google Scholar
  4. 4.
    Damgård, I., Meldgaard, S., Nielsen, J.B.: Perfectly Secure Oblivious RAM without Random Oracles. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 144–163. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  5. 5.
    Goldreich, O.: Towards a Theory of Software Protection and Simulation by Oblivious RAMs. In: Aho, A.V. (ed.) STOC, pp. 182–194. ACM (1987)Google Scholar
  6. 6.
    Goldreich, O., Ostrovsky, R.: Software Protection and Simulation on Oblivious RAMs. J. ACM 43(3), 431–473 (1996)MathSciNetzbMATHCrossRefGoogle Scholar
  7. 7.
    Goodrich, M.T.: Data-Oblivious External-Memory Algorithms for the Compaction, Selection, and Sorting of Outsourced Data. In: Rajaraman, R., Meyer auf der Heide, F. (eds.) SPAA, pp. 379–388. ACM (2011)Google Scholar
  8. 8.
    Goodrich, M.T., Mitzenmacher, M.: Privacy-Preserving Access of Outsourced Data via Oblivious RAM Simulation. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011, Part II. LNCS, vol. 6756, pp. 576–587. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  9. 9.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Oblivious RAM simulation with Efficient Worst-Case Access Overhead. In: Cachin, C., Ristenpart, T. (eds.) CCSW, pp. 95–100. ACM (2011)Google Scholar
  10. 10.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Practical Oblivious Storage. In: Bertino, E., Sandhu, R.S. (eds.) CODASPY, pp. 13–24. ACM (2012)Google Scholar
  11. 11.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Privacy-Preserving Group Data Access via Stateless Oblivious RAM Simulation. In: Rabani, Y. (ed.) SODA, pp. 157–167. SIAM (2012)Google Scholar
  12. 12.
    Kushilevitz, E., Lu, S., Ostrovsky, R.: On the (In)security of Hash-based Oblivious RAM and a New Balancing Scheme. In: Randall, D. (ed.) SODA, pp. 143–156. SIAM (2012)Google Scholar
  13. 13.
    Lorch, J.R., Mickens, J.W., Parno, B., Raykova, M., Schiffman, J.: Toward Practical Private Access to Data Centers via Parallel ORAM. IACR Cryptology ePrint Archive, 2012:133 (2012)Google Scholar
  14. 14.
    Lu, S., Ostrovsky, R.: Distributed Oblivious RAM for Secure Two-Party Computation. IACR Cryptology ePrint Archive, 2011:384 (2011)Google Scholar
  15. 15.
    Osvik, D.A., Shamir, A., Tromer, E.: Cache Attacks and Countermeasures: The Case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  16. 16.
    Pinkas, B., Reinman, T.: Oblivious RAM Revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  17. 17.
    Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with O((logN)3) Worst-Case Cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 197–214. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Stefanov, E., Shi, E., Song, D.: Towards Practical Oblivious RAM. CoRR, abs/1106.3652 (2011)Google Scholar
  19. 19.
    Williams, P., Sion, R.: Usable PIR. In: NDSS. The Internet Society (2008)Google Scholar
  20. 20.
    Williams, P., Sion, R.: SR-ORAM: Single Round-trip Oblivious RAM. In: ACNS, Industrial Track, pp. 19–33 (2012)Google Scholar
  21. 21.
    Zhuang, X., Zhang, T., Lee, H.-H.S., Pande, S.: Hardware Assisted Control Flow Obfuscation for Embedded Processors. In: Irwin, M.J., Zhao, W., Lavagno, L., Mahlke, S.A. (eds.) CASES, pp. 292–302. ACM (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Yuto Nakano
    • 1
  • Carlos Cid
    • 2
  • Shinsaku Kiyomoto
    • 1
  • Yutaka Miyake
    • 1
  1. 1.KDDI R&D Laboratories Inc.FujiminoJapan
  2. 2.Information Security GroupRoyal Holloway, University of LondonEghamUK

Personalised recommendations