M-ORAM Revisited: Security and Construction Updates

Sumongkayothin, Karin

doi:10.1007/978-3-319-99807-7_33

Karin Sumongkayothin¹⁵

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11125))

Included in the following conference series:

International Conference on Information Security Practice and Experience

1157 Accesses

Abstract

Oblivious Random Access Machine (ORAM) [4] was introduced in regard to secure the access patterns seen by a server when the data have been retrieved. Matrix based ORAM (M-ORAM) [5] is one of ORAM constructions. It has been introduced in the matrix data structure format and can achieve O(1) for both bandwidth overhead and computation complexity. With the impressive performance results; however, the given security proof is not well defined. We therefore revisit the paper to give a new proper proof method to construct the access sequence which is statically indistinguishable from random accesses. In addition according to our new security proof, M-ORAM has a security weakness in a specific circumstance. Hence, the improved M-ORAM construction which can solve the problem is also introduced.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

How can we generate k unique random integers in the range [1...n] with equal probablity?. https://www.quora.com/How-can-we-generate-k-unique-random-integers-in-the-range-1-n-with-equal-probablity. Accessed 30 May 2018
Boneh, D., Mazieres, D., Popa, R.A.: Remote oblivious storage: Making oblivious RAM practical. Technical report, MIT-CSAIL-TR-2011-018, Massachusetts Institute of Technology, March 2011. http://hdl.handle.net/1721.1/62006
Dautrich, J., Stefanov, E., Shi, E.: Burst ORAM: minimizing ORAM response times for bursty access patterns. In: Proceedings 23rd USENIX Security Symposium, San Diego, CA, pp. 749–764, August 2014
Google Scholar
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)
Article MathSciNet Google Scholar
Gordon, S., Miyaji, A., Su, C., Sumongkayothin, K.: A matrix based ORAM: design, implementation and experimental analysis. IEICE Trans. Inf. Syst. E99-D(8), 2044–2055 (2016)
Article Google Scholar
Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: Proceedings of 19th Annual Network and Distributed System Security Symposium, San Diego, CA, February 2012
Google Scholar
Liu, C., Zhu, L., Wang, M., Tan, Y.: Search pattern leakage in searchable encryption: attacks and new construction. Inf. Sci.: Int. J. 265, 176–188 (2014)
Article Google Scholar
Moataz, T., Mayberry, T., Blass, E.-O., Chan, A.H.: Resizable tree-based oblivious RAM. In: Böhme, R., Okamoto, T. (eds.) FC 2015. LNCS, vol. 8975, pp. 147–167. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-47854-7_9
Chapter Google Scholar
Pinkas, B., Reinman, T.: Oblivious RAM revisited. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 502–519. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_27
Chapter Google Scholar
Ren, L., Fletcher, C.W., Yu, X., Kwon, A., van Dijk, M., Devadas, S.: Unified oblivious-RAM: improving recursive ORAM with locality and pseudorandomness. Proceeding of IACR Cryptology ePrint Archive 2014/205 (2014)
Google Scholar
Shi, E., Chan, T.H., Stefanov, E., Li, M.: Oblivious RAM with \({O}({log^{3}N})\) worst-case cost. In: Proceedings of 17th International Conference on the Theory and Application of Cryptology and Information Security, Seol, South Korea, pp. 197–214, December 2011
Google Scholar
Stefanov, E., et al.: Path ORAM: an extremely simple oblivious RAM protocol. In: Proceedings ACM SIGSAC Conference on Computer and Communications Security, Berlin, Germany, pp. 299–310, November 2013
Google Scholar
Stefanov, E., Shi, E., Song, D.X.: Towards practical oblivious RAM. In: Proceedings of the 19th Annual Network Distributed System Security Symposium, The Internet Society, San Diego, CA, USA, February 2012
Google Scholar
Zhang, J., Ma, Q., Zhang, W., Qiao, D.: KT-ORAM: a bandwidth-efficient ORAM built on K-ary tree of PIR nodes. Proceedings of IACR Cryptology ePrint Archive 2014/624 (2014)
Google Scholar

Download references

Acknowledgement

This research project was partially supported by Faculty of Information and Communication Technology, Mahidol University.

Author information

Authors and Affiliations

Faculty of Infornation and Communication Technology, Mahidol University Nakhon Pathom, Phutthamonthon, Thailand
Karin Sumongkayothin

Authors

Karin Sumongkayothin
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Karin Sumongkayothin .

Editor information

Editors and Affiliations

University of Aizu, Aizuwakamatsu, Japan
Chunhua Su
Meiji University, Tokyo, Japan
Hiroaki Kikuchi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Sumongkayothin, K. (2018). M-ORAM Revisited: Security and Construction Updates. In: Su, C., Kikuchi, H. (eds) Information Security Practice and Experience. ISPEC 2018. Lecture Notes in Computer Science(), vol 11125. Springer, Cham. https://doi.org/10.1007/978-3-319-99807-7_33

Download citation

DOI: https://doi.org/10.1007/978-3-319-99807-7_33
Published: 06 September 2018
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-99806-0
Online ISBN: 978-3-319-99807-7
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics