Abstract
Oblivious Random-Access Memory (ORAM) is becoming a fundamental component for modern outsourced storages as a cryptographic primitive to prevent information leakage from a user access pattern. The major obstacle to its proliferation has been its significant bandwidth overhead. Recently, several works proposed acceptable low-overhead constructions, but unfortunately they are only evaluated using algorithmic complexities which hide valuable constants that severely impact their practicality. Four of the most promising constructions are Path ORAM, Ring ORAM, XOR Ring ORAM, and Onion ORAM. However, they have never been thoroughly compared against each other and tested on the same experimental platform. To address this issue, we provide a thorough study and assessment of these recent ORAM constructions and implement them under the same testbed. We perform extensive experiments to provide insights into their performance characteristics, simplicity, and practicality in terms of processing time, server storage, client storage, and communication cost. Our extensive experiments show that despite the claimed algorithmic efficiency of Ring and Onion ORAMs and their judicious limited bandwidth requirements, Path ORAM stands out to be the simplest and most efficient ORAM construction.
Highlights
Outsourcing data to the cloud is becoming the norm nowadays, whether it is for business, research, leisure, or everyday life
As for Onion Oblivious RandomAccess Memory (ORAM), the number of exchanged data blocks is rather high equal to 2800. This contradicts the sole aim of Onion ORAM not to move other blocks between the server and the client by having the server perform additional Additive Homomorphic Encryption (AHE) processing to just send a unique block per read/write request. 1200 blocks out of the 2800 blocks are necessary for reading and writing the data blocks of the 600 requests, but the question arises as to where did the extra 1600 data blocks come from? It turns out that these extra 1600 exchanged data blocks are the data blocks from the leaf level of evicted paths that had to be stripped off from their encryption layers
ORAM has become an important component of modern secure outsourced storage
Summary
Outsourcing data to the cloud is becoming the norm nowadays, whether it is for business, research, leisure, or everyday life. ORAM was initially developed by Goldreich [4] and Ostrovsky [5] to provide software protection and later was used to provide protection for the access pattern of stored data. (1) Critical presentation of Path ORAM, Ring ORAM, XOR Ring ORAM and Onion ORAM (2) Qualitative performance comparison between the four considered ORAM schemes (3) Implementation of these four considered ORAMs on a unified experimental platform (4) Experimental assessment of the practical performance of the four considered ORAM schemes (5) Analysis of the practical suitability of each of the considered ORAMs. The rest of the paper is organized as follows.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have