Perfectly Secure Oblivious Parallel RAM

We show that PRAMs can be obliviously simulated with perfect security, incurring only \(O(\log N \log \log N)\) blowup in parallel runtime, \(O(\log ^3 N)\) blowup in total work, and O(1) blowup in space relative to the original PRAM. Our results advance the theoretical understanding of Oblivious (Parallel) RAM in several respects. First, prior to our work, no perfectly secure Oblivious Parallel RAM (OPRAM) construction was known; and we are the first in this respect. Second, even for the sequential special case of our algorithm (i.e., perfectly secure ORAM), we not only achieve logarithmic improvement in terms of space consumption relative to the state-of-the-art, but also significantly simplify perfectly secure ORAM constructions. Third, our perfectly secure OPRAM scheme matches the parallel runtime of earlier statistically secure schemes with negligible failure probability. Since we remove the dependence (in performance) on the security parameter, our perfectly secure OPRAM scheme in fact asymptotically outperforms known statistically secure ones if (sub-)exponentially small failure probability is desired. Our techniques for achieving small parallel runtime are novel and we employ special expander graphs to derandomize earlier statistically secure OPRAM techniques—this is the first time such techniques are used in the constructions of ORAMs/OPRAMs.

[1]  Craig Gentry,et al.  Optimizing ORAM and Using It Efficiently for Secure Computation , 2013, Privacy Enhancing Technologies.

[2]  Srinivas Devadas,et al.  Freecursive ORAM: [Nearly] Free Recursion and Integrity Verification for Position-based Oblivious RAM , 2015 .

[3]  Mark Simkin,et al.  Oblivious RAM with Small Storage Overhead , 2018, IACR Cryptol. ePrint Arch..

[4]  Elaine Shi,et al.  ObliviStore: High Performance Oblivious Cloud Storage , 2013, 2013 IEEE Symposium on Security and Privacy.

[5]  Elaine Shi,et al.  PHANTOM: practical oblivious computation in a secure processor , 2013, CCS.

[6]  János Komlós,et al.  An 0(n log n) sorting network , 1983, STOC.

[7]  Elaine Shi,et al.  Oblivious Hashing Revisited, and Applications to Asymptotically Efficient ORAM and OPRAM , 2017, ASIACRYPT.

[8]  Zvi Galil,et al.  Explicit Constructions of Linear-Sized Superconcentrators , 1981, J. Comput. Syst. Sci..

[9]  Rafail Ostrovsky,et al.  Efficient Non-interactive Secure Computation , 2011, EUROCRYPT.

[10]  Torben Hagerup,et al.  Fast and Optimal Simulations between CRCW PRAMs , 1992, STACS.

[11]  Kartik Nayak,et al.  Oblivious Computation with Data Locality , 2017, IACR Cryptol. ePrint Arch..

[12]  Elaine Shi,et al.  Circuit ORAM: On Tightness of the Goldreich-Ostrovsky Lower Bound , 2015, IACR Cryptol. ePrint Arch..

[13]  Kartik Nayak,et al.  HOP: Hardware makes Obfuscation Practical , 2017, NDSS.

[14]  Srinivas Devadas,et al.  RAW Path ORAM: A Low-Latency, Low-Area Hardware ORAM Controller with Integrity Verification , 2014, IACR Cryptol. ePrint Arch..

[15]  Kai-Min Chung,et al.  Oblivious Parallel RAM and Applications , 2016, TCC.

[16]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[17]  Elaine Shi,et al.  Circuit OPRAM: Unifying Statistically and Computationally Secure ORAMs and OPRAMs , 2017, TCC.

[18]  E. Szemerédi,et al.  O(n LOG n) SORTING NETWORK. , 1983 .

[19]  Yuval Ishai,et al.  Binary AMD Circuits from Secure Multiparty Computation , 2016, TCC.

[20]  Kai-Min Chung,et al.  Statistically-secure ORAM with Õ(log2 n) Overhead , 2014, ASIACRYPT.

[21]  Guido Araujo,et al.  Performance implications of dynamic memory allocators on transactional memory systems , 2015, PPOPP.

[22]  Srinivas Devadas,et al.  Design space exploration and optimization of path oblivious RAM in secure processors , 2013, ISCA.

[23]  Akira Maruoka,et al.  Expanders obtained from affine transformations , 1987, Comb..

[24]  Elaine Shi,et al.  On the Depth of Oblivious Parallel RAM , 2017, ASIACRYPT.

[25]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[26]  Ioannis Demertzis,et al.  Searchable Encryption with Optimal Locality: Achieving Sublogarithmic Read Efficiency , 2018, IACR Cryptol. ePrint Arch..

[27]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[28]  Michael T. Goodrich,et al.  Privacy-preserving group data access via stateless oblivious RAM simulation , 2011, SODA.

[29]  Nicholas Pippenger,et al.  Self-routing superconcentrators , 1993, J. Comput. Syst. Sci..

[30]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[31]  Elaine Shi,et al.  Burst ORAM: Minimizing ORAM Response Times for Bursty Access Patterns , 2014, USENIX Security Symposium.

[32]  Stefano Tessaro,et al.  Oblivious Parallel RAM: Improved Efficiency and Generic Constructions , 2016, TCC.

[33]  Peter Williams,et al.  PrivateFS: a parallel oblivious file system , 2012, CCS.

[34]  Kartik Nayak,et al.  ObliVM: A Programming Framework for Secure Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[35]  Ivan Damgård,et al.  Perfectly Secure Oblivious RAM Without Random Oracles , 2011, IACR Cryptol. ePrint Arch..

[36]  Elaine Shi,et al.  GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation , 2015, ASPLOS.

[37]  Jonathan Katz,et al.  Secure two-party computation in sublinear (amortized) time , 2012, CCS.

[38]  Kai-Min Chung,et al.  Large-Scale Secure Computation: Multi-party Computation for (Parallel) RAM Programs , 2015, CRYPTO.

[39]  Rafail Ostrovsky,et al.  On the (in)security of hash-based oblivious RAM and a new balancing scheme , 2012, SODA.

[40]  Avi Wigderson,et al.  Completeness Theorems for Non-Cryptographic Fault-Tolerant Distributed Computation (Extended Abstract) , 1988, STOC.

[41]  Michael T. Goodrich,et al.  Privacy-Preserving Access of Outsourced Data via Oblivious RAM Simulation , 2010, ICALP.

[42]  Miklós Ajtai,et al.  Oblivious RAMs without cryptogrpahic assumptions , 2010, STOC '10.

[43]  Kartik Nayak,et al.  An Oblivious Parallel RAM with O(log2 N) Parallel Runtime Blowup , 2016, IACR Cryptology ePrint Archive.

[44]  Torben Hagerup,et al.  The Log-Star Revolution , 1992, STACS.

[45]  Srinivas Devadas,et al.  Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs , 2014, 2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA).