Cryptology ePrint Archive: Report 2014/997

Constants Count: Practical Improvements to Oblivious RAM

Ling Ren and Christopher W. Fletcher and Albert Kwon and Emil Stefanov and Elaine Shi and Marten van Dijk and Srinivas Devadas

Abstract: Oblivious RAM (ORAM) is a cryptographic primitive that hides memory access patterns as seen by untrusted storage. This paper proposes Ring ORAM, the most bandwidth-efficient ORAM scheme for the small client storage setting in both theory and practice. Ring ORAM is the first tree-based ORAM whose bandwidth is independent of the ORAM bucket size, a property that unlocks multiple performance improvements. First, Ring ORAM’s overall bandwidth is 2.3x to 4x better than Path ORAM, the prior-art scheme for small client storage. Second, if memory can perform simple untrusted computation, Ring ORAM achieves constant online bandwidth (~60x improvement over Path ORAM for practical parameters). As a case study, we show Ring ORAM speeds up program completion time in a secure processor by 1.5x relative to Path ORAM. On the theory side, Ring ORAM features a tighter and significantly simpler analysis than Path ORAM.

Category / Keywords: cryptographic protocols /

Original Publication (in the same form): usenix 2015

Date: received 15 Dec 2014, last revised 7 Jul 2015

Contact author: renling at mit edu

Available format(s): PDF | BibTeX Citation

Version: 20150707:191912 (All versions of this report)

Short URL: ia.cr/2014/997

Discussion forum: Show discussion | Start new discussion