Cryptology ePrint Archive: Report 2020/083

Metal: A Metadata-Hiding File-Sharing System

Weikeng Chen and Raluca Ada Popa

Abstract: File-sharing systems like Dropbox offer insufficient privacy because a compromised server can see the file contents in the clear. Although encryption can hide such contents from the servers, metadata leakage remains significant. The goal of our work is to develop a file-sharing system that hides metadata---including user identities and file access patterns.

Metal is the first file-sharing system that hides such metadata from malicious users and that has a latency of only a few seconds. The core of Metal consists of a new two-server multi-user oblivious RAM (ORAM) scheme, which is secure against malicious users, a metadata-hiding access control protocol, and a capability sharing protocol.

Compared with the state-of-the-art malicious-user file-sharing scheme PIR-MCORAM (Maffei et al.'17), which does not hide user identities, Metal hides the user identities and is 500x faster (in terms of amortized latency) or 10^5x faster (in terms of worst-case latency).

Category / Keywords: applications / anonymity

Original Publication (with minor differences): NDSS 2020
DOI: 10.14722/ndss.2020.24095

Date: received 28 Jan 2020, last revised 18 Oct 2020

Contact author: weikengchen at berkeley edu

Available format(s): PDF | BibTeX Citation

Note: More details of Metal can be found in https://www.oblivious.app/. Updated 10/18/20 for additional appendices.

Version: 20201019:053659 (All versions of this report)

Short URL: ia.cr/2020/083