The Circle Game: Scalable Private Membership Test Using Trusted Hardware

Malware checking is changing from being a local service to a cloud-assisted one where users' devices query a cloud server, which hosts a dictionary of malware signatures, to check if particular applications are potentially malware. Whilst such an architecture gains all the benefits of cloud-based services, it opens up a major privacy concern since the cloud service can infer personal traits of the users based on the lists of applications queried by their devices. Private membership test (PMT) schemes can remove this privacy concern. However, known PMT schemes do not scale well to a large number of simultaneous users and high query arrival rates. We propose a simple PMT approach using a carousel: circling the entire dictionary through trusted hardware on the cloud server. Users communicate with the trusted hardware via secure channels. We show how the carousel approach, using different data structures to represent the dictionary, can be realized on two different commercial hardware security architectures (ARM TrustZone and Intel SGX). We highlight subtle aspects of securely implementing seemingly simple PMT schemes on these architectures. Through extensive experimental analysis, we show that for the malware checking scenario our carousel approach surprisingly outperforms Path ORAM on the same hardware by supporting a much higher query arrival rate while guaranteeing acceptable response latency for individual queries.

[1]  Elaine Shi,et al.  Onion ORAM: A Constant Bandwidth Blowup Oblivious RAM , 2016, TCC.

[2]  N. Asokan,et al.  The Untapped Potential of Trusted Execution Environments on Mobile Devices , 2013, IEEE Security & Privacy.

[3]  Michael Mitzenmacher,et al.  More Robust Hashing: Cuckoo Hashing with a Stash , 2008, ESA.

[4]  Elaine Shi,et al.  Oblivious Network RAM and Leveraging Parallelism to Achieve Obliviousness , 2015, ASIACRYPT.

[5]  Valtteri Niemi,et al.  Private Membership Test for Bloom Filters , 2015, TrustCom 2015.

[6]  Jian Liu,et al.  Private Membership Test for Bloom Filters , 2015, 2015 IEEE Trustcom/BigDataSE/ISPA.

[7]  Gernot Heiser,et al.  Last-Level Cache Side-Channel Attacks are Practical , 2015, 2015 IEEE Symposium on Security and Privacy.

[8]  Kai-Min Chung,et al.  Oblivious Parallel RAM and Applications , 2016, TCC.

[9]  Srinivas Devadas,et al.  Sanctum: Minimal Hardware Extensions for Strong Software Isolation , 2016, USENIX Security Symposium.

[10]  Youki Kadobayashi,et al.  Cryptographically Secure Bloom-Filters , 2009, Trans. Data Priv..

[11]  Eyal Kushilevitz,et al.  Private information retrieval , 1998, JACM.

[12]  Elaine Shi,et al.  Constants Count: Practical Improvements to Oblivious RAM , 2015, USENIX Security Symposium.

[13]  S. Srinivasa Rao,et al.  An optimal Bloom filter replacement , 2005, SODA '05.

[14]  Prasant Mohapatra,et al.  Predicting user traits from a snapshot of apps installed on a smartphone , 2014, MOCO.

[15]  Helger Lipmaa,et al.  An Oblivious Transfer Protocol with Log-Squared Communication , 2005, ISC.

[16]  Rafail Ostrovsky,et al.  Replication is not needed: single database, computationally-private information retrieval , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[17]  Tal Malkin,et al.  Secure anonymous database search , 2009, CCSW '09.

[18]  GoldreichOded,et al.  Software protection and simulation on oblivious RAMs , 1996 .

[19]  Craig Gentry,et al.  Single-Database Private Information Retrieval with Constant Communication Rate , 2005, ICALP.

[20]  Benny Pinkas,et al.  Faster Private Set Intersection Based on OT Extension , 2014, USENIX Security Symposium.

[21]  Yan Huang,et al.  Practicing Oblivious Access on Cloud Storage: the Gap, the Fallacy, and the New Way Forward , 2015, CCS.

[22]  Elaine Shi,et al.  Path ORAM: an extremely simple oblivious RAM protocol , 2012, CCS.

[23]  The Year in Review , 1990, Bio/Technology.

[24]  Carlos V. Rozas,et al.  Innovative instructions and software model for isolated execution , 2013, HASP '13.

[25]  Úlfar Erlingsson,et al.  A cool and practical alternative to traditional hash tables , 2006 .

[26]  Benny Pinkas,et al.  Phasing: Private Set Intersection Using Permutation-based Hashing , 2015, USENIX Security Symposium.

[27]  Trent Jaeger,et al.  Seeding clouds with trust anchors , 2010, CCSW '10.

[28]  Joan Feigenbaum,et al.  Using Intel Software Guard Extensions for Efficient Two-Party Secure Function Evaluation , 2016, Financial Cryptography Workshops.

[29]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[30]  Tarik Moataz,et al.  Constant Communication ORAM with Small Blocksize , 2015, CCS.

[31]  Paul G. Spirakis,et al.  Space Efficient Hash Tables with Worst Case Constant Access Time , 2003, Theory of Computing Systems.

[32]  Marcus Peinado,et al.  Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems , 2015, 2015 IEEE Symposium on Security and Privacy.

[33]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[34]  Larry Carter,et al.  Exact and approximate membership testers , 1978, STOC.

[35]  Benny Pinkas,et al.  Keyword Search and Oblivious Pseudorandom Functions , 2005, TCC.

[36]  V. Rich Personal communication , 1989, Nature.

[37]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[38]  Joshua Schiffman,et al.  Shroud: ensuring private access to large-scale data in the data center , 2013, FAST.

[39]  Sean W. Smith,et al.  Protecting client privacy with trusted computing at the server , 2005, IEEE Security & Privacy Magazine.

[40]  N. Asokan,et al.  The Untapped Potential of Trusted Execution Environments on Mobile Devices , 2014, IEEE Secur. Priv..

[41]  Philippe Gaborit,et al.  A Lattice-Based Computationally-Efficient Private Information Retrieval Protocol , 2007, IACR Cryptol. ePrint Arch..

[42]  Peter Williams,et al.  Usable PIR , 2008, NDSS.

[43]  Johann-Christoph Freytag,et al.  Almost Optimal Private Information Retrieval , 2002, Privacy Enhancing Technologies.

[44]  Ittai Anati,et al.  Innovative Technology for CPU Based Attestation and Sealing , 2013 .

[45]  Rasmus Pagh,et al.  Cuckoo Hashing , 2001, Encyclopedia of Algorithms.

[46]  Silvio Micali,et al.  Computationally Private Information Retrieval with Polylogarithmic Communication , 1999, EUROCRYPT.

[47]  Amr El Abbadi,et al.  TaoStore: Overcoming Asynchronicity in Oblivious Data Storage , 2016, 2016 IEEE Symposium on Security and Privacy (SP).

[48]  Angelos D. Keromytis,et al.  Blind Seer: A Scalable Private DBMS , 2014, 2014 IEEE Symposium on Security and Privacy.

[49]  Paul G. Spirakis,et al.  Space Efficient Hash Tables with Worst Case Constant Access Time , 2003, STACS.

[50]  Aniket Kate,et al.  ObliviAd: Provably Secure and Practical Online Behavioral Advertising , 2012, 2012 IEEE Symposium on Security and Privacy.