Examining Leakage of Access Counts in ORAM Constructions
Title | Examining Leakage of Access Counts in ORAM Constructions |
Publication Type | Conference Paper |
Year of Publication | 2018 |
Authors | Karvelas, Nikolaos P., Treiber, Amos, Katzenbeisser, Stefan |
Conference Name | Proceedings of the 2018 Workshop on Privacy in the Electronic Society |
Publisher | ACM |
Conference Location | New York, NY, USA |
ISBN Number | 978-1-4503-5989-4 |
Keywords | control theory, Cyber physical system, cyber physical systems, Database Security, Human Behavior, information leakage, number of accesses, oblivious RAM, privacy, pubcrawl, resilience, Resiliency, Scalability |
Abstract | Oblivious RAM is a cryptographic primitive that embodies one of the cornerstones of privacy-preserving technologies for database protection. While any Oblivious RAM (ORAM) construction offers access pattern hiding, there does not seem to be a construction that is safe against the potential leakage due to knowledge about the number of accesses performed by a client. Such leakage constitutes a privacy violation, as client data may be stored in a domain specific fashion. In this work, we examine this leakage by considering an adversary that can probe the server that stores an ORAM database, and who takes regular snapshots of it. We show that even against such a weak adversary, no major ORAM architecture is resilient, except for the trivial case, where the client scans the whole database in order to access a single element. In fact, we argue that constructing a non-trivial ORAM that is formally resilient seems impossible. Moreover, we quantify the leakage of different constructions to show which architecture offers the best privacy in practice. |
URL | https://dl.acm.org/citation.cfm?doid=3267323.3268963 |
DOI | 10.1145/3267323.3268963 |
Citation Key | karvelas_examining_2018 |