TY - GEN
T1 - Fast ORAM with Server-Aided Preprocessing and Pragmatic Privacy-Efficiency Trade-Off
AU - Kolesnikov, Vladimir
AU - Peceny, Stanislav
AU - Trieu, Ni
AU - Wang, Xiao
N1 - Publisher Copyright:
© 2023, The Author(s), under exclusive license to Springer Nature Switzerland AG.
PY - 2023
Y1 - 2023
N2 - Data-dependent accesses to memory are necessary for many real-world applications, but their cost remains prohibitive in secure computation. Prior work either focused on minimizing the need for data-dependent access in these applications, or reduced its cost by improving oblivious RAM for secure computation (SC-ORAM). Despite extensive efforts to improve SC-ORAM, the most concretely efficient solutions still require ≈ 0.7 s per access to arrays of 230 entries. This plainly precludes using MPC in a number of settings. In this work, we take a pragmatic approach, exploring how concretely cheap MPC RAM access could be made if we are willing to allow one of the participants to learn the access pattern. We design a highly efficient Shared-Output Client-Server ORAM (SOCS- ORAM ) that has constant overhead, uses one round-trip of interaction per access, and whose access cost is independent of array size. SOCS- ORAM is useful in settings with hard performance constraints, where one party in the computation is more trust-worthy and is allowed to learn the RAM access pattern. Our SOCS- ORAM is assisted by a third helper party that helps initialize the protocol and is designed for the honest-majority semi-honest corruption model. We implement our construction in C++ and report its performance. For an array of length 230 with 4B entries, we communicate 13B per access and take essentially no overhead beyond network latency.
AB - Data-dependent accesses to memory are necessary for many real-world applications, but their cost remains prohibitive in secure computation. Prior work either focused on minimizing the need for data-dependent access in these applications, or reduced its cost by improving oblivious RAM for secure computation (SC-ORAM). Despite extensive efforts to improve SC-ORAM, the most concretely efficient solutions still require ≈ 0.7 s per access to arrays of 230 entries. This plainly precludes using MPC in a number of settings. In this work, we take a pragmatic approach, exploring how concretely cheap MPC RAM access could be made if we are willing to allow one of the participants to learn the access pattern. We design a highly efficient Shared-Output Client-Server ORAM (SOCS- ORAM ) that has constant overhead, uses one round-trip of interaction per access, and whose access cost is independent of array size. SOCS- ORAM is useful in settings with hard performance constraints, where one party in the computation is more trust-worthy and is allowed to learn the RAM access pattern. Our SOCS- ORAM is assisted by a third helper party that helps initialize the protocol and is designed for the honest-majority semi-honest corruption model. We implement our construction in C++ and report its performance. For an array of length 230 with 4B entries, we communicate 13B per access and take essentially no overhead beyond network latency.
KW - Oblivious RAM
KW - Secure Computation
UR - http://www.scopus.com/inward/record.url?scp=85164964451&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85164964451&partnerID=8YFLogxK
U2 - 10.1007/978-3-031-34671-2_31
DO - 10.1007/978-3-031-34671-2_31
M3 - Conference contribution
AN - SCOPUS:85164964451
SN - 9783031346705
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 439
EP - 457
BT - Cyber Security, Cryptology, and Machine Learning - 7th International Symposium, CSCML 2023, Proceedings
A2 - Dolev, Shlomi
A2 - Gudes, Ehud
A2 - Paillier, Pascal
PB - Springer Science and Business Media Deutschland GmbH
T2 - 7th International Symposium on Cyber Security, Cryptology, and Machine Learning, CSCML 2023
Y2 - 29 June 2023 through 30 June 2023
ER -