TITLE={Path {O-RAM:} An Extremely Simple Oblivious {RAM} Protocol},
URL={http://arxiv.org/abs/1202.5150},
VOLUME={abs/1202.5150},
YEAR={2012},
}
@THESIS{Maas:EECS-2014-89,
ABSTRACT={Confidentiality of data is a major problem as sensitive computations migrate to the cloud. Employees in a data center have physical access to machines and can carry out attacks that have traditionally only affected client-side crypto-devices such as smartcards. For example, an employee can snoop confidential data as it moves in and out of the processor to learn secret keys or other program information that can be used for targeted attacks. Secure processors have been proposed as a counter-measure to these attacks --- such processors are physically shielded and enforce confidentiality by encrypting all data outside the chip, e.g. in DRAM or non-volatile storage. While first proposals were academic in nature, this model is now starting to appear commercially, such as in the Intel SGX extensions. Although secure processors encrypt all data as it leaves the CPU, the memory addresses that are being accessed in DRAM are still transmitted in plaintext on the address bus. This represents an important source of information leakage that enables serious attacks that can, in the worst case, leak bits of cryptographic keys. To counter such attacks, we introduce PHANTOM, a new secure processor that obfuscates its memory access trace. To an adversary who can observe the processor's output pins, all memory access traces are computationally indistinguishable (a property known as obliviousness). We achieve obliviousness through a cryptographic construct known as Oblivious RAM (ORAM). Existing ORAM algorithms introduce a large (100-200x) overhead in the amount of data moved from memory, which makes ORAM inefficient on real-world workloads. To tackle this problem, we develop a highly parallel ORAM memory controller to reduce ORAM memory access latency and demonstrate the design as part of the PHANTOM secure processor, implemented on a Convey HC-2ex. The HC-2ex is a system that comprises an off-the-shelf x86 CPU paired with 4 high-end FPGAs with a highly parallel memory system. Our novel ORAM controller aggressively exploits the HC-2ex's high DRAM bank parallelism to reduce ORAM access latency and scales well to a large number of memory channels. PHANTOM is efficient in both area and performance: accessing 4KB of data from a 1GB ORAM takes 26.2us (13.5us until the data is available), a 32x slowdown over accessing 4KB from regular memory, while SQLite queries on a population database see 1.2-6x slowdown.},
AUTHOR={Maas, Martin},
INSTITUTION={EECS Department, University of California, Berkeley},
MONTH={05},
NUMBER={UCB/EECS-2014-89},
PAGES={1--87},
TITLE={PHANTOM: Practical Oblivious Computation in a Secure Processor},
TITLE={Inference Attacks on Property-Preserving Encrypted Databases},
URL={http://doi.acm.org/10.1145/2810103.2813651},
YEAR={2015},
}
@INPROCEEDINGS{Dautrich:2013:CPP:2452376.2452397,
ACMID={2452397},
ADDRESS={New York, NY, USA},
AUTHOR={Dautrich,Jr., Jonathan L. and Ravishankar, Chinya V.},
BOOKTITLE={Proceedings of the 16th International Conference on Extending Database Technology},
DOI={10.1145/2452376.2452397},
ISBN={978-1-4503-1597-5},
LOCATION={Genoa, Italy},
NUMPAGES={12},
PAGES={155--166},
PUBLISHER={ACM},
SERIES={EDBT '13},
TITLE={Compromising Privacy in Precise Query Protocols},
URL={http://doi.acm.org/10.1145/2452376.2452397},
YEAR={2013},
}
@INBOOK{Shi:2011,
ABSTRACT={Oblivious RAM is a useful primitive that allows a client to hide its data access patterns from an untrusted server in storage outsourcing applications. Until recently, most prior works on Oblivious RAM aim to optimize its amortized cost, while suffering from linear or even higher worst-case cost. Such poor worst-case behavior renders these schemes impractical in realistic settings, since a data access request can occasionally be blocked waiting for an unreasonably large number of operations to complete.},
AUTHOR={Shi, Elaine and Chan, T. -H. Hubert and Stefanov, Emil and Li, Mingfei},
BOOKTITLE={Advances in Cryptology -- ASIACRYPT 2011: 17th International Conference on the Theory and Application of Cryptology and Information Security, Seoul, South Korea, December 4-8, 2011. Proceedings},
DOI={10.1007/978-3-642-25385-0_11},
ISBN={978-3-642-25385-0},
LOCATION={Berlin, Heidelberg},
PAGES={197--214},
PUBLISHER={Springer Berlin Heidelberg},
TITLE={Oblivious RAM with ${O}( \log^3 {N} )$ Worst-Case Cost},
ABSTRACT={Oblivious RAM (ORAM) allows a client to access her data on a remote server while hiding the access pattern (which locations she is accessing) from the server. Beyond its immediate utility in allowing private computation over a client's outsourced data, ORAM also allows mutually distrustful parties to run secure-computations over their joint data with sublinear on-line complexity. In this work we revisit the tree-based ORAM of Shi et al. and show how to optimize its performance as a stand-alone scheme, as well as its performance within higher level constructions.},
AUTHOR={Gentry, Craig and Goldman, Kenny A. and Halevi, Shai and Julta, Charanjit and Raykova, Mariana and Wichs, Daniel},
BOOKTITLE={Privacy Enhancing Technologies: 13th International Symposium, PETS 2013, Bloomington, IN, USA, July 10-12, 2013. Proceedings},
DOI={10.1007/978-3-642-39077-7_1},
ISBN={978-3-642-39077-7},
LOCATION={Berlin, Heidelberg},
PAGES={1--18},
PUBLISHER={Springer Berlin Heidelberg},
TITLE={Optimizing ORAM and Using It Efficiently for Secure Computation},
