[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ skip to main content
10.1145/3322431.3325101acmconferencesArticle/Chapter ViewAbstractPublication PagessacmatConference Proceedingsconference-collections
research-article

CAOS: Concurrent-Access Obfuscated Store

Published: 28 May 2019 Publication History

Abstract

This paper proposes Concurrent-Access Obfuscated Store (CAOS), a construction for remote data storage that provides access-pattern obfuscation in a honest-but-curious adversarial model, while allowing for low bandwidth overhead and client storage. Compared to other approaches, the main advantage of CAOS is that it supports concurrent access without a proxy, for multiple read-only clients and a single read-write client. Concurrent access is achieved by letting clients maintain independent maps that describe how the data is stored. Even though the maps might diverge from client to client, the protocol guarantees that clients will always have access to the data. Efficiency and concurrency are achieved at the expense of perfect obfuscation: in CAOS the extent to which access patterns are hidden is determined by the resources allocated to its built-in obfuscation mechanism. To assess this trade-off we provide both a security and a performance analysis of CAOS. We additionally provide a proof-of-concept implementation available at https://github.com/meehien/caos.

References

[1]
n. d.}. CAOS Souce Code. https://github.com/meehien/caos
[2]
David Aldous and Persi Diaconis. 1986. Shuffling cards and stopping times. The American Mathematical Monthly, Vol. 93, 5 (1986), 333--348.
[3]
David Aldous and Jim Fill. 2002. Reversible Markov chains and random walks on graphs.
[4]
Fredrik Backåker. 2012. The Google Markov Chain: convergence speed and eigenvalues. Ph.D. Dissertation. Master Thesis, Uppsala University, Sweden.
[5]
Mihir Bellare, Anand Desai, David Pointcheval, and Phillip Rogaway. 1998. Relations Among Notions of Security for Public-Key Encryption Schemes. In Advances in Cryptology - CRYPTO '98, Vol. 1462. Springer, 26--45.
[6]
Benny Chor, Oded Goldreich, Eyal Kushilevitz, and Madhu Sudan. 1995. Private information retrieval. In Foundations of Computer Science, 1995. Proceedings., 36th Annual Symposium on. IEEE, 41--50.
[7]
Cloud Security Alliance. 2016. The Treacherous 12 - Cloud Computing Top Threats in 2016. Technical Report.
[8]
Reza Curtmola, Juan Garay, Seny Kamara, and Rafail Ostrovsky. {n. d.}. Searchable symmetric encryption: Improved definitions and efficient constructions. Proceedings of the 13th ACM Conference on Computer and communications security (CCS'06) ( {n. d.}), 79--88.
[9]
David Cash, Stanislaw Jarecki, Charanjit Jutla, Hugo Krawczyk, Marcel Rosu, and Michael Steiner. {n. d.}. Highly-Scalable Searchable Symmetric Encryption with Support for Boolean Queries. In Advances in Cryptology (CRYPTO '13). 353--373.
[10]
Srinivas Devadas, Marten van Dijk, Christopher W Fletcher, Ling Ren, Elaine Shi, and Daniel Wichs. 2016. Onion ORAM: A constant bandwidth blowup Oblivious RAM. In Theory of Cryptography. Springer, 145--174.
[11]
Persi Diaconis, James Allen Fill, and Jim Pitman. 1992. Analysis of top to random shuffles. Combinatorics, probability and computing, Vol. 1, 02 (1992), 135--155.
[12]
Oded Goldreich. 1987. Towards a theory of software protection and simulation by Oblivious RAMs. In STOC. ACM, 182--194.
[13]
Oded Goldreich and Rafail Ostrovsky. 1996. Software protection and simulation on Oblivious RAMs. Journal of the ACM (JACM), Vol. 43, 3 (1996), 431--473.
[14]
Mohammad Saiful Islam, Mehmet Kuzu, and Murat Kantarcioglu. 2012. Access Pattern disclosure on Searchable Encryption: Ramification, Attack and Mitigation. In NDSS, Vol. 20. 12.
[15]
Seny Kamara. 2014. Applied Crypto Highlights: Restricted Oblivious RAMs and Hidden Volume Encryption. http://outsourcedbits.org/2014/12/09/applied-crypto-highlights-restricted-oblivious-rams-and-hidden-volume-encryption/.
[16]
Ling Ren, Christopher Fletcher, Albert Kwon, Emil Stefanov, Elaine Shi, Marten Van Dijk, and Srinivas Devadas. 2015. Constants count: practical improvements to Oblivious RAM. In USENIX Security 15. 415--430.
[17]
Cetin Sahin, Victor Zakhary, Amr El Abbadi, Huijia Rachel Lin, and Stefano Tessaro. 2016. TaoStore: Overcoming Asynchronicity in Oblivious Data Storage. In Security and Privacy (SP), 2016 IEEE Symposium on. Oakland.
[18]
Seny Kamara and Charalampos Papamanthou. 2013. Parallel and Dynamic Searchable Symmetric Encryption.
[19]
Elaine Shi, John Bethencourt, TH Hubert Chan, Dawn Song, and Adrian Perrig. {n. d.}. Multi-dimensional range query over encrypted data. In IEEE S&P 2007. 350--364.
[20]
Emil Stefanov and Elaine Shi. 2013. Oblivistore: High performance oblivious cloud storage. In Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 253--267.
[21]
Emil Stefanov, Elaine Shi, and Dawn Song. 2012. Towards practical Oblivious RAM., Vol. 20 (2012), 12.
[22]
Emil Stefanov, Marten Van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings ACM Conference on Computer & communications security. 299--310.
[23]
Peter Williams, Radu Sion, and Alin Tomescu. {n. d.}. Privatefs: A parallel oblivious file system. In Proceedings of ACM CCS 2012. 977--988.

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences
SACMAT '19: Proceedings of the 24th ACM Symposium on Access Control Models and Technologies
May 2019
243 pages
ISBN:9781450367530
DOI:10.1145/3322431
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 May 2019

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. access pattern
  2. concurrent-access obfuscated store
  3. data obfuscation

Qualifiers

  • Research-article

Conference

SACMAT '19
Sponsor:

Acceptance Rates

SACMAT '19 Paper Acceptance Rate 12 of 52 submissions, 23%;
Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 88
    Total Downloads
  • Downloads (Last 12 months)3
  • Downloads (Last 6 weeks)0
Reflects downloads up to 20 Dec 2024

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media