Abstract
Oblivious Random Access Machine (ORAM) [4] was introduced in regard to secure the access patterns seen by a server when the data have been retrieved. Matrix based ORAM (M-ORAM) [5] is one of ORAM constructions. It has been introduced in the matrix data structure format and can achieve O(1) for both bandwidth overhead and computation complexity. With the impressive performance results; however, the given security proof is not well defined. We therefore revisit the paper to give a new proper proof method to construct the access sequence which is statically indistinguishable from random accesses. In addition according to our new security proof, M-ORAM has a security weakness in a specific circumstance. Hence, the improved M-ORAM construction which can solve the problem is also introduced.
Keywords
- Oblivious Random Access Machine (ORAM)
- Formal Data Structure
- Random Relocation
- History List
- Fixed Buffer Size
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
How can we generate k unique random integers in the range [1...n] with equal probablity?. https://www.quora.com/How-can-we-generate-k-unique-random-integers-in-the-range-1-n-with-equal-probablity. Accessed 30 May 2018
Boneh, D., Mazieres, D., Popa, R.A.: Remote oblivious storage: Making oblivious RAM practical. Technical report, MIT-CSAIL-TR-2011-018, Massachusetts Institute of Technology, March 2011. http://hdl.handle.net/1721.1/62006
Dautrich, J., Stefanov, E., Shi, E.: Burst ORAM: minimizing ORAM response times for bursty access patterns. In: Proceedings 23rd USENIX Security Symposium, San Diego, CA, pp. 749–764, August 2014
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)
Gordon, S., Miyaji, A., Su, C., Sumongkayothin, K.: A matrix based ORAM: design, implementation and experimental analysis. IEICE Trans. Inf. Syst. E99-D(8), 2044–2055 (2016)
Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of 19th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2012
Liu, C., Zhu, L., Wang, M., Tan, Y.: Search pattern leakage in searchable encryption: attacks and new construction. Inf. Sci.: Int. J. 265, 176–188 (2014)
Moataz, T., Mayberry, T., Blass, E.-O., Chan, A.H.: Resizable tree-based oblivious RAM. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 147–167. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_9
Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_27
Ren, L., Fletcher, C.W., Yu, X., Kwon, A., van Dijk, M., Devadas, S.: Unified oblivious-RAM: improving recursive ORAM with locality and pseudorandomness. Proceeding of IACR Cryptology ePrint Archive 2014/205 (2014)
Shi, E., Chan, T.H., Stefanov, E., Li, M.: Oblivious RAM with \({O}({log^{3}N})\) worst-case cost. In: Proceedings of 17th International Conference on the Theory and Application of Cryptology and Information Security, Seol, South Korea, pp. 197–214, December 2011
Stefanov, E., et al.: Path ORAM: an extremely simple oblivious RAM protocol. In: Proceedings ACM SIGSAC Conference on Computer and Communications Security, Berlin, Germany, pp. 299–310, November 2013
Stefanov, E., Shi, E., Song, D.X.: Towards practical oblivious RAM. In: Proceedings of the 19th Annual Network Distributed System Security Symposium, The Internet Society, San Diego, CA, USA, February 2012
Zhang, J., Ma, Q., Zhang, W., Qiao, D.: KT-ORAM: a bandwidth-efficient ORAM built on K-ary tree of PIR nodes. Proceedings of IACR Cryptology ePrint Archive 2014/624 (2014)
Acknowledgement
This research project was partially supported by Faculty of Information and Communication Technology, Mahidol University.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Sumongkayothin, K. (2018). M-ORAM Revisited: Security and Construction Updates. In: Su, C., Kikuchi, H. (eds) Information Security Practice and Experience. ISPEC 2018. Lecture Notes in Computer Science(), vol 11125. Springer, Cham. https://doi.org/10.1007/978-3-319-99807-7_33
Download citation
DOI: https://doi.org/10.1007/978-3-319-99807-7_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99806-0
Online ISBN: 978-3-319-99807-7
eBook Packages: Computer ScienceComputer Science (R0)