When a program accesses data stored in memory, disk, or on a remote server, its access patterns can leak information about the secret inputs and data. There has been decades of work that investigated how to make a program "oblivious", such that its access patterns leak nothing about the secret inputs or data. Past techniques, however, incur a considerable performance overhead. This project conceives and investigates new, relaxed notions of access pattern privacy, and discovers new algorithms that achieve such notions of privacy with little to no overhead. The project includes training of Ph.D. students and postdoctoral researchers, and mentoring activities focused on high school, undergraduate, and graduate students. This project rethinks the definition of access pattern privacy, including (but not limited to) a new notion called "differential obliviousness" that is the differential privacy analog for access patterns. The project establishes theoretical understanding, including new lower and upper bounds, of the extent to which various privacy notions impact the performance of programs. The investigators also explore the practical performance of new privacy-preserving algorithms in cloud outsourcing and database scenarios. The project develops open-source libraries for the new, differentially oblivious algorithms and data structures.
SaTC: CORE: Medium: Collaborative: Rethinking Access Pattern Privacy: From Theory to Practice