Cryptology ePrint Archive: Report 2017/1238

Efficient Oblivious Data Structures for Database Services on the Cloud

Thang Hoang and Ceyhun D. Ozkaptan and Gabriel Hackebeil and Attila A. Yavuz

Abstract: Database-as-a-service (DBaaS) allows the client to store and manage structured data on the cloud remotely. Despite its merits, DBaaS also brings significant privacy issues. Existing encryption techniques (e.g., SQL-aware encryption) can mitigate privacy concerns, but they still leak information through access patterns which are vulnerable to statistical inference attacks. Oblivious Random Access Machine (ORAM) can seal such leakages, but the recent studies showed significant challenges on the integration of ORAM into databases. Specifically, the direct usage of ORAM on databases is not only costly but also permits very limited query functionalities.

We propose new oblivious data structures called Oblivious Matrix Structure (OMAT) and Oblivious Tree Structure (OTREE), which allow tree-based ORAM to be integrated into database systems in a more efficient manner with diverse query functionalities supported. OMAT provides special ORAM packaging strategies for table structures, which not only offers a significantly better performance but also enables a broad range of query types that may not be practical in existing frameworks. OTREE allows oblivious conditional queries to be deployed on tree-indexed databases more efficient than existing techniques. We fully implemented our proposed techniques and evaluated their performance on a real cloud database with various metrics, compared with state-of-the-art counterparts.

Category / Keywords: cryptographic protocols / Privacy-enhancing Technologies; Oblivious Data Structure; ORAM

Date: received 18 Dec 2017, last revised 22 Dec 2017

Contact author: hoangmin at oregonstate edu

Available format(s): PDF | BibTeX Citation

Version: 20171223:030105 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]