## CryptoDB

### Paper: Simple and Efficient Two-Server ORAM

Authors: S. Dov Gordon Jonathan Katz Xiao Wang DOI: 10.1007/978-3-030-03332-3_6 Search ePrint Search Google Slides ASIACRYPT 2018 We show a protocol for two-server oblivious RAM (ORAM) that is simpler and more efficient than the best prior work. Our construction combines any tree-based ORAM with an extension of a two-server private information retrieval scheme by Boyle et al., and is able to avoid recursion and thus use only one round of interaction. In addition, our scheme has a very cheap initialization phase, making it well suited for RAM-based secure computation. Although our scheme requires the servers to perform a linear scan over the entire data, the cryptographic computation involved consists only of block-cipher evaluations.A practical instantiation of our protocol has excellent concrete parameters: for storing an N-element array of arbitrary size data blocks with statistical security parameter $\lambda$, the servers each store 4N encrypted blocks, the client stores $\lambda +2\log N$ blocks, and the total communication per logical access is roughly $10 \log N$ encrypted blocks.
##### BibTeX
@inproceedings{asiacrypt-2018-29187,
title={Simple and Efficient Two-Server ORAM},
booktitle={Advances in Cryptology – ASIACRYPT 2018},
series={Lecture Notes in Computer Science},
publisher={Springer},
volume={11274},
pages={141-157},
doi={10.1007/978-3-030-03332-3_6},
author={S. Dov Gordon and Jonathan Katz and Xiao Wang},
year=2018
}