Oblivious Hashing Revisited, and Applications to Asymptotically Efficient ORAM and OPRAM

Oblivious RAM (ORAM) is a powerful cryptographic building block that allows a program to provably hide its access patterns to sensitive data. Since the original proposal of ORAM by Goldreich and Ostrovsky, numerous improvements have been made. To date, the best asymptotic overhead achievable for general block sizes is \(O(\log ^2 N/\log \log N)\), due to an elegant scheme by Kushilevitz et al., which in turn relies on the oblivious Cuckoo hashing scheme by Goodrich and Mitzenmacher.

[1]  Rafail Ostrovsky,et al.  Garbled RAM Revisited , 2014, EUROCRYPT.

[2]  Michael Mitzenmacher,et al.  More Robust Hashing: Cuckoo Hashing with a Stash , 2008, ESA.

[3]  Uzi Vishkin,et al.  Converting high probability into nearly-constant time—with applications to parallel hashing , 1991, STOC '91.

[4]  Peter Williams,et al.  PrivateFS: a parallel oblivious file system , 2012, CCS.

[5]  Michael Mitzenmacher,et al.  The Power of Two Choices in Randomized Load Balancing , 2001, IEEE Trans. Parallel Distributed Syst..

[6]  Kartik Nayak,et al.  ObliVM: A Programming Framework for Secure Computation , 2015, 2015 IEEE Symposium on Security and Privacy.

[7]  Michael T. Goodrich,et al.  Privacy-Preserving Access of Outsourced Data via Oblivious RAM Simulation , 2010, ICALP.

[8]  Michael T. Goodrich,et al.  Data-oblivious external-memory algorithms for the compaction, selection, and sorting of outsourced data , 2011, SPAA '11.

[9]  Torben Hagerup,et al.  The Log-Star Revolution , 1992, STACS.

[10]  Srinivas Devadas,et al.  Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs , 2014, 2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA).

[11]  Srinivas Devadas,et al.  RAW Path ORAM: A Low-Latency, Low-Area Hardware ORAM Controller with Integrity Verification , 2014, IACR Cryptol. ePrint Arch..

[12]  Elaine Shi,et al.  Oblivious RAM with O((logN)3) Worst-Case Cost , 2011, ASIACRYPT.

[13]  Ling Ren,et al.  Path ORAM , 2012, J. ACM.

[14]  Torben Hagerup,et al.  Fast and Optimal Simulations between CRCW PRAMs , 1992, STACS.

[15]  Rafail Ostrovsky,et al.  On the (in)security of hash-based oblivious RAM and a new balancing scheme , 2012, SODA.

[16]  Stratis Ioannidis,et al.  GraphSC: Parallel Secure Computation Made Easy , 2015, 2015 IEEE Symposium on Security and Privacy.

[17]  Devdatt P. Dubhashi,et al.  Balls and bins: A study in negative dependence , 1996, Random Struct. Algorithms.

[18]  Elaine Shi,et al.  Towards Practical Oblivious RAM , 2011, NDSS.

[19]  Jonathan Katz,et al.  Secure two-party computation in sublinear (amortized) time , 2012, CCS.

[20]  Benny Pinkas,et al.  Oblivious RAM Revisited , 2010, CRYPTO.

[21]  Elaine Shi,et al.  Constants Count: Practical Improvements to Oblivious RAM , 2015, USENIX Security Symposium.

[22]  Stefano Tessaro,et al.  Oblivious Parallel RAM: Improved Efficiency and Generic Constructions , 2016, TCC.

[23]  Srinivas Devadas,et al.  Freecursive ORAM: [Nearly] Free Recursion and Integrity Verification for Position-based Oblivious RAM , 2015 .

[24]  Elaine Shi,et al.  ObliviStore: High Performance Oblivious Cloud Storage , 2013, 2013 IEEE Symposium on Security and Privacy.

[25]  Rafail Ostrovsky,et al.  How to Garble RAM Programs , 2013, EUROCRYPT.

[26]  Elaine Shi,et al.  PHANTOM: practical oblivious computation in a secure processor , 2013, CCS.

[27]  János Komlós,et al.  An 0(n log n) sorting network , 1983, STOC.

[28]  Torben Hagerup,et al.  Fast and reliable parallel hashing , 1991, SPAA '91.

[29]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[30]  Rafail Ostrovsky,et al.  Private information storage (extended abstract) , 1997, STOC '97.

[31]  Friedhelm Meyer auf der Heide,et al.  Dynamic perfect hashing: upper and lower bounds , 1988, [Proceedings 1988] 29th Annual Symposium on Foundations of Computer Science.

[32]  Srinivas Devadas,et al.  A Low-Latency, Low-Area Hardware Oblivious RAM Controller , 2015, 2015 IEEE 23rd Annual International Symposium on Field-Programmable Custom Computing Machines.

[33]  Elaine Shi,et al.  On the Depth of Oblivious Parallel RAM , 2017, ASIACRYPT.

[34]  M. Mitzenmacher,et al.  Parallel randomized load balancing , 1998 .

[35]  Peter Williams,et al.  Building castles out of mud: practical access pattern privacy and correctness on untrusted storage , 2008, CCS.

[36]  Srinivas Devadas,et al.  Design space exploration and optimization of path oblivious RAM in secure processors , 2013, ISCA.

[37]  János Komlós,et al.  Storing a sparse table with O(1) worst case access time , 1982, 23rd Annual Symposium on Foundations of Computer Science (sfcs 1982).

[38]  Kartik Nayak,et al.  An Oblivious Parallel RAM with O(log2 N) Parallel Runtime Blowup , 2016, IACR Cryptology ePrint Archive.

[39]  Kai-Min Chung,et al.  Statistically-secure ORAM with Õ(log2 n) Overhead , 2014, ASIACRYPT.

[40]  Elaine Shi,et al.  Multi-cloud oblivious storage , 2013, CCS.

[41]  Kartik Nayak,et al.  Oblivious Computation with Data Locality , 2017, IACR Cryptol. ePrint Arch..

[42]  Elaine Shi,et al.  Circuit ORAM: On Tightness of the Goldreich-Ostrovsky Lower Bound , 2015, IACR Cryptol. ePrint Arch..

[43]  Kai-Min Chung,et al.  Oblivious Parallel RAM and Applications , 2016, TCC.

[44]  Elaine Shi,et al.  Cache-Oblivious and Data-Oblivious Sorting and Applications , 2018, SODA.

[45]  E. Szemerédi,et al.  O(n LOG n) SORTING NETWORK. , 1983 .

[46]  Oded Goldreich,et al.  Towards a theory of software protection and simulation by oblivious RAMs , 1987, STOC.

[47]  Elaine Shi,et al.  Circuit OPRAM: Unifying Statistically and Computationally Secure ORAMs and OPRAMs , 2017, TCC.