Metal: A Metadata-Hiding File-Sharing System

Weikeng Chen; Raluca Ada Popa

Paper 2020/083

Metal: A Metadata-Hiding File-Sharing System

Weikeng Chen and Raluca Ada Popa

Abstract

File-sharing systems like Dropbox offer insufficient privacy because a compromised server can see the file contents in the clear. Although encryption can hide such contents from the servers, metadata leakage remains significant. The goal of our work is to develop a file-sharing system that hides metadata---including user identities and file access patterns. Metal is the first file-sharing system that hides such metadata from malicious users and that has a latency of only a few seconds. The core of Metal consists of a new two-server multi-user oblivious RAM (ORAM) scheme, which is secure against malicious users, a metadata-hiding access control protocol, and a capability sharing protocol. Compared with the state-of-the-art malicious-user file-sharing scheme PIR-MCORAM (Maffei et al.'17), which does not hide user identities, Metal hides the user identities and is 500x faster (in terms of amortized latency) or 10^5x faster (in terms of worst-case latency).

Note: More details of Metal can be found in https://www.oblivious.app/. Updated 10/18/20 for additional appendices.

Metadata

Available format(s): PDF
Category: Applications
Publication info: Published elsewhere. MINOR revision.NDSS 2020
DOI: 10.14722/ndss.2020.24095
Keywords: anonymity
Contact author(s): weikengchen @ berkeley edu
History: 2020-10-19: last of 3 revisions; 2020-01-28: received; See all versions
Short URL: https://ia.cr/2020/083
License: CC BY

BibTeX

@misc{cryptoeprint:2020/083,
      author = {Weikeng Chen and Raluca Ada Popa},
      title = {Metal: A Metadata-Hiding File-Sharing System},
      howpublished = {Cryptology ePrint Archive, Paper 2020/083},
      year = {2020},
      doi = {10.14722/ndss.2020.24095},
      note = {\url{https://eprint.iacr.org/2020/083}},
      url = {https://eprint.iacr.org/2020/083}
}