Abstract
We study the security of Oblivious Random Access Machines (ORAM) in the quantum world. First we introduce a new formal treatment of ORAMs, which is at the same time elegant and simpler than the known formalization by Goldreich and Ostrovsky. Then we define a new security model for ORAMs, based on a strong, adaptive, game-based security definition, which we show to be at least as strong as other existing notions in the literature. We extend such security notion to the post-quantum setting in the natural way, i.e., by considering classical ORAMs resistant against quantum adversaries. We show a standard quantum attack against an insecure instantiation of PathORAM, one of the most efficient general ORAM constructions to date, introduced by Stefanov et al. On the other hand, we show that PathORAM is post-quantum secure if instantiated using post-quantum underlying primitives. Furthermore, we initiate the study of quantum ORAMs (QORAMs), that is, ORAM constructions meant to be executed between quantum parties acting on arbitrary quantum data. We address many problems arising when formalizing QORAM security through a novel technique of independent interest (which we call safe extractor), modeling a quantum adversary able to extract information from a quantum system in a computationally undetectable way. Finally, we provide a secure QORAM construction (based on PathORAM and a quantum encryption scheme introduced by Alagic et al.) which has the interesting property of making read and write operations inherently equivalent.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
One might wonder why the definition of ORAM should depend on an encryption scheme, and why not on other cryptographic primitives, such as PRNGs or hash functions. The reason is that not all ORAM constructions use such primitives (cf. [19, 29, 36]), while the encryption of the database is a minimal requirement for security, and present in all known ORAM constructions to date. Such semantic artifice is therefore not restrictive in practice.
- 2.
Due to its size, the position map has to be stored recursively to smaller PathORAMs as in [33]. For ease of exposition (and without loss of generality), we will assume here that the position map is stored locally.
- 3.
Our PathQORAM construction is secure by using a merely post-quantum secure PRNG. However notice that, in a quantum scenario such as the one we consider, quantum mechanics allows to generate truly random numbers.
References
Alagic, G., Broadbent, A., Fefferman, B., Gagliardoni, T., Schaffner, C., St. Jules, M.: Computational security of quantum encryption. In: Nascimento, A.C.A., Barreto, P. (eds.) ICITS 2016. LNCS, vol. 10015, pp. 47–71. Springer, Cham (2016). doi:10.1007/978-3-319-49175-2_3
Ambainis, A., Rosmanis, A., Unruh, D.: Quantum attacks on classical proof systems: the hardness of quantum rewinding. In: FOCS (2014)
Anand, M.V., Targhi, E.E., Tabia, G.N., Unruh, D.: Post-quantum security of the CBC, CFB, OFB, CTR, and XTS modes of operation. In: Takagi, T. (ed.) PQCrypto 2016. LNCS, vol. 9606, pp. 44–63. Springer, Cham (2016). doi:10.1007/978-3-319-29360-8_4
Baldi, M., Bianchi, M., Chiaraluce, F., Rosenthal, J., Schipani, D.: Enhanced public key security for the mceliece cryptosystem. J. Cryptol. 29(1), 1–27 (2016)
Bellare, M., Desai, A., Jokipii, E., Rogaway, P.: A concrete security treatment of symmetric encryption. In: 38th Annual Symposium on Foundations of Computer Science, FOCS 1997, Miami Beach, Florida, USA, 19–22 October 1997, pp. 394–403 (1997)
Berlekamp, E.R., McEliece, R.J., van Tilborg, H.C.A.: On the inherent intractability of certain coding problems (Corresp.). IEEE Trans. Inf. Theory 24(3), 384–386 (1978)
Bernstein, D.J., Buchmann, J., Dahmen, E.: Post-Quantum Cryptography. Springer, Heidelberg (2009)
Boneh, D., Dagdelen, Ö., Fischlin, M., Lehmann, A., Schaffner, C., Zhandry, M.: Random oracles in a quantum world. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 41–69. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25385-0_3
Boneh, D., Zhandry, M.: Quantum-secure message authentication codes. In: Johansson, T., Nguyen, P.Q. (eds.) EUROCRYPT 2013. LNCS, vol. 7881, pp. 592–608. Springer, Heidelberg (2013). doi:10.1007/978-3-642-38348-9_35
Boneh, D., Zhandry, M.: Secure signatures and chosen ciphertext security in a quantum computing world. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8043, pp. 361–379. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40084-1_21
Brakerski, Z., Langlois, A., Peikert, C., Regev, O., Stehlé, D.: Classical hardness of learning with errors. In: STOC (2013)
Broadbent, A., Schaner, C.: Quantum cryptography beyond quantum key distribution. Des. Codes Crypt. 78(1), 351–382 (2016)
Daemen, J., Rijmen, V.: The Design of Rijndael: AES - The Advanced Encryption Standard. Information Security and Cryptography. Springer, Heidelberg (2002)
Dupuis, F., Nielsen, J.B., Salvail, L.: Secure two-party quantum evaluation of unitaries against specious adversaries. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 685–706. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_37
Gagliardoni, T., Karvelas, N.P., Katzenbeisser, S.: ORAMs in a quantum world. IACR Cryptology ePrint Archive (2017)
Garg, S., Mohassel, P., Papamanthou, C.: TWORAM: efficient oblivious RAM in two rounds with applications to searchable encryption. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 563–592. Springer, Heidelberg (2016). doi:10.1007/978-3-662-53015-3_20
Gentry, C., Halevi, S., Jutla, C., Raykova, M.: Private database access with HE-over-ORAM architecture. IACR ePrint, 2014/345 (2014)
Goldreich, O.: The Foundations of Cryptography - Volume 2, Basic Applications. Cambridge University Press, Cambridge (2004)
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)
Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Privacy-preserving group data access via stateless oblivious RAM simulation. In: SODA (2012)
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: a ring-based public key cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998). doi:10.1007/BFb0054868
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. Chapman and Hall/CRC Press, Boca Raton (2007)
Kushilevitz, E., Lu, S., Ostrovsky, R.: On the (in)security of hash-based oblivious RAM and a new balancing scheme. In: SODA (2012)
Lyubashevsky, V., Micciancio, D.: On bounded distance decoding, unique shortest vectors, and the minimum distance problem. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 577–594. Springer, Heidelberg (2009). doi:10.1007/978-3-642-03356-8_34
Maas, M., Love, E., Stefanov, E., Tiwari, M., Shi, E., Asanovic, K., Kubiatowicz, J., Song, D.: PHANTOM: practical oblivious computation in a secure processor. In: CCS (2013)
Maffei, M., Malavolta, G., Reinert, M., Schröder, D.: Privacy and access control for outsourced personal records. In: IEEE S&P (2015)
Micciancio, D., Peikert, C.: Hardness of SIS and LWE with small parameters. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 21–39. Springer, Heidelberg (2013). doi:10.1007/978-3-642-40041-4_2
Nielsen, M.A., Chuang, I.L.: Quantum Computation and Quantum Information. Cambridge University Press, Cambridge (2000)
Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010). doi:10.1007/978-3-642-14623-7_27
Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with O((logN)3) worst-case cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 197–214. Springer, Heidelberg (2011). doi:10.1007/978-3-642-25385-0_11
Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: FOCS (1994)
Stefanov, E., Shi, E.: Path O-RAM: an extremely simple oblivious RAM protocol. CoRR, abs/1202.5150 (2012)
Stefanov, E., Shi, E., Song, D.X.: Towards practical oblivious RAM. In: NDSS (2012)
Stefanov, E., van Dijk, M., Shi, E., Fletcher, C.W., Ren, L., Xiangyao, Y., Devadas, S.: Path ORAM: an extremely simple oblivious RAM protocol. In: CCS (2013)
Wang, X.S., Huang, Y., Chan, T.H., Shelat, A., Shi, E.: SCORAM: oblivious RAM for secure computation. IACR ePrint, 2014/671 (2014)
Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS (2008)
Williams, P., Sion, R., Tomescu, A.: Privatefs: a parallel oblivious file system. In: CCS 2012 (2012)
Yao, A.C.-C.: Theory and applications of trapdoor functions (extended abstract). In: FOCS (1982)
Zhandry, M.: How to construct quantum random functions. In: FOCS (2012)
Acknowledgments
We are grateful to the anonymous reviewers for insightful comments, and to Marc Fischlin and Christian Schaffner for many fruitful discussions. This work has been funded by CYSEC, CRISP, and the DFG as part of projects S4 and S5 within the CRC 1119 CROSSING. Tommaso Gagliardoni is supported by the EU ERC PERCY, grant agreement no. 32131.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Gagliardoni, T., Karvelas, N.P., Katzenbeisser, S. (2017). ORAMs in a Quantum World. In: Lange, T., Takagi, T. (eds) Post-Quantum Cryptography . PQCrypto 2017. Lecture Notes in Computer Science(), vol 10346. Springer, Cham. https://doi.org/10.1007/978-3-319-59879-6_23
Download citation
DOI: https://doi.org/10.1007/978-3-319-59879-6_23
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-59878-9
Online ISBN: 978-3-319-59879-6
eBook Packages: Computer ScienceComputer Science (R0)