Advertisement

Oblivious Hashing Revisited, and Applications to Asymptotically Efficient ORAM and OPRAM

  • T.-H. Hubert ChanEmail author
  • Yue Guo
  • Wei-Kai Lin
  • Elaine Shi
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10624)

Abstract

Oblivious RAM (ORAM) is a powerful cryptographic building block that allows a program to provably hide its access patterns to sensitive data. Since the original proposal of ORAM by Goldreich and Ostrovsky, numerous improvements have been made. To date, the best asymptotic overhead achievable for general block sizes is \(O(\log ^2 N/\log \log N)\), due to an elegant scheme by Kushilevitz et al., which in turn relies on the oblivious Cuckoo hashing scheme by Goodrich and Mitzenmacher.

In this paper, we make the following contributions: we first revisit the prior \(O(\log ^2 N/\log \log N)\)-overhead ORAM result. We demonstrate the somewhat incompleteness of this prior result, due to the subtle incompleteness of a core building block, namely, Goodrich and Mitzenmacher’s oblivious Cuckoo hashing scheme.

Even though we do show how to patch the prior result such that we can fully realize Goodrich and Mitzenmacher’s elegant blueprint for oblivious Cuckoo hashing, it is clear that the extreme complexity of oblivious Cuckoo hashing has made understanding, implementation, and proofs difficult. We show that there is a conceptually simple \(O(\log ^2 N/\log \log N)\)-overhead ORAM that dispenses with oblivious Cuckoo hashing entirely.

We show that such a conceptually simple scheme lends to further extensions. Specifically, we obtain the first \(O(\log ^2 N/\log \log N)\) Oblivious Parallel RAM (OPRAM) scheme, thus not only matching the performance of the best known sequential ORAM, but also achieving super-logarithmic improvements in comparison with known OPRAM schemes.

Keywords

Oblivious RAM Oblivious PRAM 

Notes

Acknowledgments

This work is supported in part by NSF grants CNS-1314857, CNS-1514261, CNS-1544613, CNS-1561209, CNS-1601879, CNS-1617676, an Office of Naval Research Young Investigator Program Award, a Packard Fellowship, a DARPA Safeware grant (subcontractor under IBM), a Sloan Fellowship, Google Faculty Research Awards, a Baidu Research Award, and a VMWare Research Award.

References

  1. 1.
    Adler, M., Chakrabarti, S., Mitzenmacher, M., Rasmussen, L.E.: Parallel randomized load balancing. Random Struct. Algorithms 13(2), 159–188 (1998)MathSciNetCrossRefzbMATHGoogle Scholar
  2. 2.
    Ajtai, M., Komlós, J., Szemerédi, E.: An O(N Log N) sorting network. In: STOC (1983)Google Scholar
  3. 3.
    Asharov, G., Chan, H., Nayak, K., Pass, R., Ren, L., Shi, E.: Oblivious computation with data locality. IACR Cryptology ePrint Archive 2017/772 (2017)Google Scholar
  4. 4.
    Bast, H., Hagerup, T.: Fast and reliable parallel hashing. In: SPAA (1991)Google Scholar
  5. 5.
    Boyle, E., Chung, K.-M., Pass, R.: Oblivious parallel RAM and applications. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 175–204. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-49099-0_7 CrossRefGoogle Scholar
  6. 6.
    Chan, T.-H.H., Chung, K.-M., Shi, E.: On the depth of oblivious parallel RAM. In: Asiacrypt (2017)Google Scholar
  7. 7.
    Chan, T.-H.H., Guo, Y., Lin, W.-K., Shi, E.: Oblivious hashing revisited, and applications to asymptotically efficient ORAM and OPRAM. Online full version of this paper, IACR Cryptology ePrint Archive 2017/924 (2017)Google Scholar
  8. 8.
    Chan, T.-H.H., Guo, Y., Lin, W.-K., Shi, E.: Cache-oblivious and data-oblivious sorting and applications. In: SODA (2018)Google Scholar
  9. 9.
    Chan, T.-H.H., Shi, E.: Circuit OPRAM: unifying statistically and computationally secure ORAMs and OPRAMs. In: TCC (2017)Google Scholar
  10. 10.
    Chen, B., Lin, H., Tessaro, S.: In: TCC, pp. 205–234 (2016)Google Scholar
  11. 11.
    Chung, K.-M., Liu, Z., Pass, R.: Statistically-secure ORAM with \(\tilde{O}(\log ^2n)\) overhead. In: Asiacrypt (2014)Google Scholar
  12. 12.
    Dietzfelbinger, M., Karlin, A., Mehlhorn, K., Meyer auF der Heide, F., Rohnert, H., Tarjan, R.E.: Dynamic perfect hashing: upper and lower bounds. SIAM J. Comput. 23(4), 738–761 (1994)MathSciNetCrossRefzbMATHGoogle Scholar
  13. 13.
    Dubhashi, D.P., Ranjan, D.: Balls and bins: a study in negative dependence. Random Struct. Algorithms 13(2), 99–124 (1998)MathSciNetCrossRefzbMATHGoogle Scholar
  14. 14.
    Fletcher, C.W., Ren, L., Kwon, A., van Dijk, M., Devadas, S.: Freecursive ORAM: [nearly] free recursion and integrity verification for position-based oblivious RAM. In: ASPLOS (2015)Google Scholar
  15. 15.
    Fletcher, C.W., Ren, L., Kwon, A., van Dijk, M., Stefanov, E., Devadas, S.: RAW Path ORAM: a low-latency, low-area hardware ORAM controller with integrity verification. IACR Cryptology ePrint Archive 2014/431 (2014)Google Scholar
  16. 16.
    Fletcher, C.W., Ren, L., Yu, X., van Dijk, M., Khan, O., Devadas, S.: Suppressing the oblivious RAM timing channel while making information leakage and program efficiency trade-offs. In: HPCA, pp. 213–224 (2014)Google Scholar
  17. 17.
    Fredman, M.L., Komlós, J., Szemerédi, E.: Storing a sparse table with O(1) worst case access time. J. ACM 31(3), 538–544 (1984)MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Gentry, C., Halevi, S., Lu, S., Ostrovsky, R., Raykova, M., Wichs, D.: Garbled RAM revisited. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 405–422. Springer, Heidelberg (2014).  https://doi.org/10.1007/978-3-642-55220-5_23 CrossRefGoogle Scholar
  19. 19.
    Goldreich, O.: Towards a theory of software protection and simulation by oblivious RAMs. In: STOC (1987)Google Scholar
  20. 20.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43, 431–473 (1996)MathSciNetCrossRefzbMATHGoogle Scholar
  21. 21.
    Goodrich, M.T.: Data-oblivious external-memory algorithms for the compaction, selection, and sorting of outsourced data. In: SPAA (2011)Google Scholar
  22. 22.
    Goodrich, M.T., Mitzenmacher, M.: Privacy-preserving access of outsourced data via oblivious RAM simulation. In: Aceto, L., Henzinger, M., Sgall, J. (eds.) ICALP 2011. LNCS, vol. 6756, pp. 576–587. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22012-8_46 CrossRefGoogle Scholar
  23. 23.
    Gordon, S.D., Katz, J., Kolesnikov, V., Krell, F., Malkin, T., Raykova, M., Vahlis, Y.: Secure two-party computation in sublinear (amortized) time. In: CCS (2012)Google Scholar
  24. 24.
    Hagerup, T.: Fast and optimal simulations between CRCW PRAMs. In: Finkel, A., Jantzen, M. (eds.) STACS 1992. LNCS, vol. 577, pp. 45–56. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-55210-3_172 CrossRefGoogle Scholar
  25. 25.
    Hagerup, T.: The log-star revolution. In: Finkel, A., Jantzen, M. (eds.) STACS 1992. LNCS, vol. 577, pp. 257–278. Springer, Heidelberg (1992).  https://doi.org/10.1007/3-540-55210-3_189 CrossRefGoogle Scholar
  26. 26.
    Kushilevitz, E., Lu, S., Ostrovsky, R.: On the (in)security of hash-based oblivious RAM and a new balancing scheme. In: SODA (2012)Google Scholar
  27. 27.
    Liu, C., Wang, X.S., Nayak, K., Huang, Y., Shi, E.: ObliVM: a programming framework for secure computation. In S & P (2015)Google Scholar
  28. 28.
    Lu, S., Ostrovsky, R.: How to garble ram programs. In: Eurocrypt (2013)Google Scholar
  29. 29.
    Maas, M., Love, E., Stefanov, E., Tiwari, M., Shi, E., Asanovic, K., Kubiatowicz, J., Song, D.: Phantom: practical oblivious computation in a secure processor. In: CCS (2013)Google Scholar
  30. 30.
    Matias, Y., Vishkin, U.: Converting high probability into nearly-constant time—with applications to parallel hashing. In: STOC, pp. 307–316 (1991)Google Scholar
  31. 31.
    Nayak , K., Katz, J.: An oblivious parallel ram with \(o(\log ^2n)\) parallel runtime blowup. https://eprint.iacr.org/2016/1141
  32. 32.
    Nayak, K., Wang, X.S., Ioannidis, S., Weinsberg, U., Taft, N., Shi, E.: GraphSC: parallel secure computation made easy. In: IEEE S & P (2015)Google Scholar
  33. 33.
    Ostrovsky, R., Shoup, V.: Private information storage (extended abstract). In: STOC, pp. 294–303 (1997)Google Scholar
  34. 34.
    Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-14623-7_27 CrossRefGoogle Scholar
  35. 35.
    Ren, L., Fletcher, C.W., Kwon, A., Stefanov, E., Shi, E., van Dijk, M., Devadas, S.: Constants count: practical improvements to oblivious RAM. In: USENIX Security Symposium, pp. 415–430 (2015)Google Scholar
  36. 36.
    Ren, L., Yu, X., Fletcher, C.W., van Dijk, M., Devadas, S.: Design space exploration and optimization of path oblivious RAM in secure processors. In: ISCA (2013)Google Scholar
  37. 37.
    Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with \(O((\log N)^3)\) worst-case cost. In: Asiacrypt (2011)Google Scholar
  38. 38.
    Stefanov, E., Shi, E.: Multi-cloud oblivious storage. In: CCS (2013)Google Scholar
  39. 39.
    Stefanov, E., Shi, E.: ObliviStore: high performance oblivious cloud storage. In: IEEE Symposium on Security and Privacy (S & P) (2013)Google Scholar
  40. 40.
    Stefanov, E., van Dijk, M., Shi, E., Fletcher, C., Ren, L., Yu, X., Devadas, S.: Path ORAM - an extremely simple oblivious ram protocol. In: CCS (2013)Google Scholar
  41. 41.
    Wang, X., Chan, H., Shi, E.: Circuit ORAM: on tightness of the Goldreich-Ostrovsky lower bound. In: CCS (2015)Google Scholar
  42. 42.
    Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS, pp. 139–148 (2008)Google Scholar
  43. 43.
    Williams, P., Sion, R., Tomescu, A.: PrivateFS: a parallel oblivious file system. In: CCS (2012)Google Scholar

Copyright information

© International Association for Cryptologic Research 2017

Authors and Affiliations

  • T.-H. Hubert Chan
    • 1
    Email author
  • Yue Guo
    • 2
  • Wei-Kai Lin
    • 2
  • Elaine Shi
    • 2
  1. 1.The University of Hong KongPokfulamHong Kong
  2. 2.Cornell UniversityIthacaUSA

Personalised recommendations