Paper 2020/203

MACAO: A Maliciously-Secure and Client-Efficient Active ORAM Framework

Thang Hoang, Jorge Guajardo, and Attila A. Yavuz

Abstract

Oblivious Random Access Machine (ORAM) allows a client to hide the access pattern and thus, offers a strong level of privacy for data outsourcing. An ideal ORAM scheme is expected to offer desirable properties such as low client bandwidth, low server computation overhead and the ability to compute over encrypted data. S3ORAM (CCS’17) is an efficient active ORAM scheme, which takes advantage of secret sharing to provide ideal properties for data outsourcing such as low client bandwidth, low server computation and low delay. Despite its merits, S3ORAM only offers security in the semi-honest setting. In practice, an ORAM protocol is likely to operate in the presence of malicious adversaries who might deviate from the protocol to compromise the client privacy. In this paper, we propose MACAO, a new multi-server ORAM framework, which offers integrity, access pattern obliviousness against active adversaries, and the ability to perform secure computation over the accessed data. MACAO harnesses authenticated secret sharing techniques and tree-ORAM paradigm to achieve low client communication, efficient server computation, and low storage overhead at the same time. We fully implemented MACAO and conducted extensive experiments in real cloud platforms (Amazon EC2) to validate the performance of MACAO compared with the state-of-the-art. Our results indicate that MACAO can achieve comparable performance to S3ORAM while offering security against malicious adversaries. MACAO is a suitable candidate for integration into distributed file systems with encrypted computation capabilities towards enabling an oblivious functional data outsourcing infrastructure.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Network and Distributed Systems Security (NDSS) Symposium 2020
DOI
10.14722/ndss.2020.24313
Keywords
Oblivious RAMsecret sharingmulti-party computationprivacy-enhancing technologies
Contact author(s)
hoangm @ usf edu
History
2020-12-13: last of 3 revisions
2020-02-19: received
See all versions
Short URL
https://ia.cr/2020/203
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/203,
      author = {Thang Hoang and Jorge Guajardo and Attila A.  Yavuz},
      title = {MACAO: A Maliciously-Secure and Client-Efficient Active ORAM Framework},
      howpublished = {Cryptology ePrint Archive, Paper 2020/203},
      year = {2020},
      doi = {10.14722/ndss.2020.24313},
      note = {\url{https://eprint.iacr.org/2020/203}},
      url = {https://eprint.iacr.org/2020/203}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.