Efficient Privacy-Preserving Big Data Processing through Proxy-Assisted ORAM

We present a novel mechanism that allows a client to securely outsource his private data to the cloud while at the same time to delegate to a third party the right to run certain algorithms on his data. The mechanism is privacy-preserving, meaning that the third party only learns the result of his algorithm on the client’s data, while at the same time the access pattern on the client’s data is hidden from the cloud. To achieve this we combine recent advances in the field of Oblivious RAM and Secure Two-Party Computation: We develop an Oblivious RAM which is ran between the cloud and a proxy server, and which does not need the data to be decrypted at any point. The evaluation on the data is done by employing Yao’s garbled circuit solution for Secure Two-Party Computation.

[1]  Emmanuel Bresson,et al.  A Simple Public-Key Cryptosystem with a Double Trapdoor Decryption Mechanism and Its Applications , 2003, ASIACRYPT.

[2]  Michael T. Goodrich,et al.  Privacy-preserving group data access via stateless oblivious RAM simulation , 2011, SODA.

[3]  Andrew Chi-Chih Yao,et al.  How to generate and exchange secrets , 1986, 27th Annual Symposium on Foundations of Computer Science (sfcs 1986).

[4]  2013 ACM SIGSAC Conference on Computer and Communications Security, CCS'13, Berlin, Germany, November 4-8, 2013 , 2013, Conference on Computer and Communications Security.

[5]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[6]  Lior Malka,et al.  VMCrypt: modular software architecture for scalable secure computation , 2011, CCS '11.

[7]  Michiel H. M. Smid,et al.  On the false-positive rate of Bloom filters , 2008, Inf. Process. Lett..

[8]  David Chaum,et al.  Cryptographically Strong Undeniable Signatures, Unconditionally Secure for the Signer , 1991, CRYPTO.

[9]  Peter Williams,et al.  PrivateFS: a parallel oblivious file system , 2012, CCS.

[10]  Dan Bogdanov,et al.  Sharemind: A Framework for Fast Privacy-Preserving Computations , 2008, ESORICS.

[11]  Ting Yu,et al.  the ACM Conference on Computer and Communications Security, CCS'12, Raleigh, NC, USA, October 16-18, 2012 , 2012, CCS.

[12]  Elaine Shi,et al.  PHANTOM: practical oblivious computation in a secure processor , 2013, CCS.

[13]  Benny Pinkas,et al.  FairplayMP: a system for secure multi-party computation , 2008, CCS.

[14]  Helmut Veith,et al.  Secure two-party computations in ANSI C , 2012, CCS.

[15]  Jonathan Katz,et al.  Faster Secure Two-Party Computation Using Garbled Circuits , 2011, USENIX Security Symposium.

[16]  Elaine Shi,et al.  Path ORAM: an extremely simple oblivious RAM protocol , 2012, CCS.

[17]  Peter Williams,et al.  Building castles out of mud: practical access pattern privacy and correctness on untrusted storage , 2008, CCS.

[18]  Yuval Rabani,et al.  Proceedings of the Twenty-Third Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2012, Kyoto, Japan, January 17-19, 2012 , 2012, ACM-SIAM Symposium on Discrete Algorithms.

[19]  Yehuda Lindell,et al.  A Proof of Security of Yao’s Protocol for Two-Party Computation , 2009, Journal of Cryptology.

[20]  Benny Pinkas,et al.  Oblivious RAM Revisited , 2010, CRYPTO.

[21]  Rafail Ostrovsky,et al.  On the (in)security of hash-based oblivious RAM and a new balancing scheme , 2012, SODA.