Paper 2023/1285
Waffle: An Online Oblivious Datastore for Protecting Data Access Patterns
Abstract
We present Waffle, a datastore that protects an application’s data access patterns from a passive persistent adversary. Waffle achieves this without prior knowledge of the input data access distribution, making it the first of its kind to adaptively handle input sequences under a passive persistent adversary. Waffle maintains a constant bandwidth and client-side storage overhead, which can be adjusted to suit the application owner’s preferences. This flexibility allows the owner to fine-tune system parameters and strike a balance between security and performance. Our evaluation, utilizing the Yahoo! Cloud Serving Benchmark (YCSB) benchmark and Redis as the backend storage, demonstrates promising results. The insecure baseline outperforms Waffle by a mere 5-6x, whereas Waffle outperforms Pancake—a state-of-the-art oblivious datastore under passive persistent adversaries—by 45-57%, and a concurrent ORAM system, TaoStore, by 102x.
Metadata
- Available format(s)
-
PDF
- Category
- Applications
- Publication info
- Published elsewhere. Minor revision. SIGMOD 2024
- Keywords
- Oblivious databaseonline algorithmtunable privacyaccess pattern attack mitigation
- Contact author(s)
-
smaiyya @ uwaterloo ca
svemula @ ucsb edu
agrawal @ cs ucsb edu
amr @ cs ucsb edu
florian kerschbaum @ uwaterloo ca - History
- 2023-10-18: revised
- 2023-08-27: received
- See all versions
- Short URL
- https://ia.cr/2023/1285
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1285,
author = {Sujaya Maiyya and Sharath Vemula and Divyakant Agrawal and Amr El Abbadi and Florian Kerschbaum},
title = {Waffle: An Online Oblivious Datastore for Protecting Data Access Patterns},
howpublished = {Cryptology {ePrint} Archive, Paper 2023/1285},
year = {2023},
url = {https://eprint.iacr.org/2023/1285}
}
