Paper 2015/121
Multi-User Oblivious RAM Secure Against Malicious Servers
Travis Mayberry and Erik-Oliver Blass and Guevara Noubir
Abstract
It has been an open question whether Oblivious RAM stored on a malicious server can be securely shared among multiple users. ORAMs are stateful, and users need to exchange updated state to maintain security. This is a challenge, as the motivation for using ORAM is that the users may not have a way to directly communicate. A malicious server can potentially tamper with state information and thus break security. We answer the question of multi-user ORAM on malicious servers affirmatively by providing several new, efficient multi-user ORAM constructions. We first show how to make the original square-root solution by Goldreich and the hierarchical one by Goldreich and Ostrovsky multi-user secure. We accomplish this by separating the \emph{critical} parts of the access, which depends on the state of the ORAM, from the non-critical parts that can be safely executed in any state. Our second and main contribution is a multi-user variant of Path ORAM. To enable secure meta-data update during evictions, we employ our first result, small multi-user secure classical ORAMs, as a building block. Depending on the block size, the overhead of our construction reaches a low $O(\log n)$ communication complexity per user, similar to state-of-the-art single-user ORAMs.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- oblivious ram
- Contact author(s)
- travism @ ccs neu edu
- History
- 2017-07-17: last of 6 revisions
- 2015-02-26: received
- See all versions
- Short URL
- https://ia.cr/2015/121
- License
-
CC BY