Abstract
In recent research, it has been demonstrated that the pattern (or sequence) of memory access made to the server or external storage can leak very sensitive information even if the underlying data is encrypted. To mitigate this leakage, oblivious RAM (ORAM) has been proposed to provide provable security by hiding the access patterns. Ever since its introduction, substantial effort has been made to make ORAM more efficient. Different efficient ORAM protocols satisfy the original ORAM specification but vary in implementation details. While these ORAM protocols have been proved to be secure against an attacker who can observe the processor's output pins, the leakage from inside timing side-channels is still possible. In this paper, we identify three common leakage points in many efficient Path-ORAM implementations and design various timing side-channel attacks on them. Both FPGA-based and simulator-based experimental results show that significant amount of information can be leaked through inside timing side-channels. We also discuss several countermeasures to mitigate the proposed attacks. We hope that the analysis in this paper would motivate a new line of research to make ORAMs more secure to such attacks.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
