research-article

Public Access

MOSE: Practical Multi-User Oblivious Storage via Secure Enclaves

Authors:

Rouzbeh Behnia,

Attila A. YavuzAuthors Info & Claims

CODASPY '20: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy

Pages 17 - 28

https://doi.org/10.1145/3374664.3375749

Published: 16 March 2020 Publication History

Abstract

Multi-user oblivious storage allows users to access their shared data on the cloud while retaining access pattern obliviousness and data confidentiality simultaneously. Most secure and efficient oblivious storage systems focus on the utilization of the maximum network bandwidth in serving concurrent accesses via a trusted proxy. How- ever, since the proxy executes a standard ORAM protocol over the network, the performance is capped by the network bandwidth and latency. Moreover, some important features such as access control and security against active adversaries have not been thoroughly explored in such proxy settings. In this paper, we propose MOSE, a multi-user oblivious storage system that is efficient and enjoys from some desirable security properties. Our main idea is to harness a secure enclave, namely Intel SGX, residing on the untrusted storage server to execute proxy logic, thereby, minimizing the network bottleneck of proxy-based designs. In this regard, we address various technical design chal- lenges such as memory constraints, side-channel attacks and scala- bility issues when enabling proxy logic in the secure enclave. We present a formal security model and analysis for secure enclave multi-user ORAM with access control. We optimize MOSE to boost its throughput in serving concurrent requests. We implemented MOSE and evaluated its performance on commodity hardware. Our evaluation confirmed the efficiency of MOSE, where it achieves approximately two orders of magnitudes higher throughput than the state-of-the-art proxy-based design, and also, its performance is scalable proportional to the available system resources.

References

[1]

Adil Ahmad, Kyungtae Kim, Muhammad Ihsanulhaq Sarfaraz, and Byoungyoung Lee. 2018. OBLIVIATE: A Data Oblivious File System for Intel SGX. (2018).

[2]

Daniel Apon, Jonathan Katz, Elaine Shi, and Aishwarya Thiruvengadam. 2014. Verifiable oblivious storage. In International Workshop on Public Key Cryptography. Springer, 131--148.

Digital Library

[3]

Dmitri Asonov and Johann-Christoph Freytag. 2002. Almost optimal private information retrieval. In International Workshop on Privacy Enhancing Technologies. Springer, 209--223.

[4]

Vincent Bindschaedler, Muhammad Naveed, Xiaorui Pan, XiaoFeng Wang, and Yan Huang. 2015. Practicing oblivious access on cloud storage: the gap, the fallacy, and the new way forward. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 837--849.

Digital Library

[5]

Erik-Oliver Blass, Travis Mayberry, and Guevara Noubir. 2017. Multi-client oblivious ram secure against malicious servers. In International Conference on Applied Cryptography and Network Security. Springer, 686--707.

[6]

Elette Boyle, Kai-Min Chung, and Rafael Pass. 2016. Oblivious parallel RAM and applications. In Theory of Cryptography Conference. Springer, 175--204.

[7]

David Cash, Paul Grubbs, Jason Perry, and Thomas Ristenpart. 2015. Leakage-abuse attacks against searchable encryption. In Proceedings of the 22nd ACM CCS . ACM, 668--679.

Digital Library

[8]

T-H Hubert Chan and Elaine Shi. 2017. Circuit OPRAM: Unifying statistically and computationally secure ORAMs and OPRAMs. In Theory of Cryptography Conference. Springer, 72--107.

Digital Library

[9]

Binyi Chen, Huijia Lin, and Stefano Tessaro. 2016. Oblivious parallel RAM: improved efficiency and generic constructions. In Theory of Cryptography Conference. Springer, 205--234.

[10]

Guoxing Chen, Sanchuan Chen, Yuan Xiao, Yinqian Zhang, Zhiqiang Lin, and Ten H Lai. 2018. Sgxpectre attacks: Stealing intel secrets from sgx enclaves via speculative execution. arXiv preprint arXiv:1802.09085 (2018).

[11]

Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. Cryptology ePrint Archive, Report 2016/086. http://eprint.iacr.org/2016/086.pdf.

[12]

Srinivas Devadas, Marten van Dijk, Christopher W Fletcher, Ling Ren, Elaine Shi, and Daniel Wichs. 2016. Onion oram: A constant bandwidth blowup oblivious ram. In Theory of Cryptography Conference . Springer, 145--174.

[13]

Judicael B Djoko, Jack Lange, and Adam J Lee. 2019. NEXUS: Practical and Secure Access Control on Untrusted Storage Platforms using Client-side SGX. In 2019 49th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 401--413.

[14]

Ben Fisch, Dhinakaran Vinayagamurthy, Dan Boneh, and Sergey Gorbunov. 2017. Iron: functional encryption using Intel SGX. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 765--782.

Digital Library

[15]

Christopher Fletcher, Muhammad Naveed, Ling Ren, Elaine Shi, and Emil Stefanov. 2015. Bucket ORAM: single online roundtrip, constant bandwidth oblivious RAM . Technical Report. IACR Cryptology ePrint Archive, Report 2015, 1065.

[16]

Benny Fuhry, Raad Bahmani, Ferdinand Brasser, Florian Hahn, Florian Kerschbaum, and Ahmad-Reza Sadeghi. 2017. HardIDX: Practical and secure index with SGX. In IFIP Annual Conference on Data and Applications Security and Privacy. Springer, 386--408.

[17]

Craig Gentry, Kenny A Goldman, Shai Halevi, Charanjit Julta, Mariana Raykova, and Daniel Wichs. 2013. Optimizing ORAM and using it efficiently for secure computation. In International Symposium on Privacy Enhancing Technologies Symposium. Springer, 1--18.

[18]

Oded Goldreich. 1987. Towards a theory of software protection and simulation by oblivious RAMs. In Proceedings of the nineteenth annual ACM symposium on Theory of computing. ACM, 182--194.

Digital Library

[19]

Johannes Götzfried, Moritz Eckert, Sebastian Schinzel, and Tilo Müller. 2017. Cache attacks on Intel SGX. In Proceedings of the 10th European Workshop on Systems Security. ACM, 2.

Digital Library

[20]

Paul Grubbs, Thomas Ristenpart, and Vitaly Shmatikov. 2017. Why your encrypted database is not secure. In Proceedings of the 16th Workshop on Hot Topics in Operating Systems. ACM, 162--168.

Digital Library

[21]

Marcus H"ahnel, Weidong Cui, and Marcus Peinado. 2017. High-resolution side channels for untrusted operating systems. In 2017 USENIX Annual Technical Conference (USENIX ATC 17). USENIX Association, Santa Clara, CA . 299--312.

[22]

Thang Hoang, Ceyhun D Ozkaptan, Attila A Yavuz, Jorge Guajardo, and Tam Nguyen. 2017. S3ORAM: A Computation-Efficient and Constant Client Bandwidth Blowup ORAM with Shamir Secret Sharing. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. ACM, 491--505.

Digital Library

[23]

Thang Hoang, Muslum Ozgur Ozmen, Yeongjin Jang, and Attila A Yavuz. 2019. Hardware-Supported ORAM in Effect: Practical Oblivious Search and Update on Very Large Dataset. Proceedings on Privacy Enhancing Technologies, Vol. 2019, 1 (2019), 172--191.

[24]

Intel Corporation. 2013. Intel Software Guard Extensions Programming Reference (rev1) . 329298-001US.

[25]

Intel Corporation. 2014. Intel Software Guard Extensions Programming Reference (rev2) . 329298-002US.

[26]

Sangho Lee, Ming-Wei Shih, Prasun Gera, Taesoo Kim, Hyesoon Kim, and Marcus Peinado. 2017. Inferring fine-grained control flow inside SGX enclaves with branch shadowing. In 26th USENIX Security Symposium, USENIX Security. 16--18.

Digital Library

[27]

Chang Liu, Liehuang Zhu, Mingzhong Wang, and Yu-an Tan. 2014. Search pattern leakage in searchable encryption: Attacks and new construction. Information Sciences, Vol. 265 (2014), 176--188.

Digital Library

[28]

Jacob R Lorch, Bryan Parno, James W Mickens, Mariana Raykova, and Joshua Schiffman. 2013. Shroud: ensuring private access to large-scale data in the data center. In FAST, Vol. 2013. 199--213.

[29]

Martin Maas, Eric Love, Emil Stefanov, Mohit Tiwari, Elaine Shi, Krste Asanovic, John Kubiatowicz, and Dawn Song. 2013. Phantom: Practical oblivious computation in a secure processor. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 311--324.

Digital Library

[30]

Matteo Maffei, Giulio Malavolta, Manuel Reinert, and Dominique Schröder. 2015. Privacy and access control for outsourced personal records. In Security and Privacy (SP), 2015 IEEE Symposium on. IEEE, 341--358.

Digital Library

[31]

Matteo Maffei, Giulio Malavolta, Manuel Reinert, and Dominique Schröder. 2017. Maliciously secure multi-client oram. In International Conference on Applied Cryptography and Network Security. Springer, 645--664.

[32]

Urs Müller. 2017. Software Grand Exposure:$$SGX$$ Cache Attacks Are Practical. In 11th USENIX Workshop on Offensive Technologies,$$WOOT$$ 2017, Vancouver, BC, Canada, August 14--15, 2017. USENIX.

[33]

Muhammad Naveed, Seny Kamara, and Charles V Wright. 2015. Inference attacks on property-preserving encrypted databases. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security. ACM, 644--655.

Digital Library

[34]

Kartik Nayak, Christopher Fletcher, Ling Ren, Nishanth Chandran, Satya Lokam, Elaine Shi, and Vipul Goyal. 2017. Hop: Hardware makes obfuscation practical. In 24th Annual Network and Distributed System Security Symposium, NDSS .

[35]

Kartik Nayak and Jonathan Katz. 2016. An Oblivious Parallel RAM with O (log2 N) Parallel Runtime Blowup. IACR Cryptology ePrint Archive, Vol. 2016 (2016), 1141.

[36]

Olga Ohrimenko, Felix Schuster, Cédric Fournet, Aastha Mehta, Sebastian Nowozin, Kapil Vaswani, and Manuel Costa. 2016. Oblivious Multi-Party Machine Learning on Trusted Processors. In USENIX Security Symposium . 619--636.

[37]

Ashay Rane, Calvin Lin, and Mohit Tiwari. 2015. Raccoon: Closing Digital Side-Channels through Obfuscated Execution. In USENIX Security Symposium. 431--446.

[38]

Ling Ren, Christopher W Fletcher, Albert Kwon, Emil Stefanov, Elaine Shi, Marten van Dijk, and Srinivas Devadas. 2014. Ring ORAM: Closing the Gap Between Small and Large Client Storage Oblivious RAM. IACR Cryptology ePrint Archive, Vol. 2014 (2014), 997.

[39]

Ling Ren, Xiangyao Yu, Christopher W Fletcher, Marten Van Dijk, and Srinivas Devadas. 2013. Design space exploration and optimization of path oblivious ram in secure processors. ACM SIGARCH Computer Architecture News, Vol. 41, 3 (2013), 571--582.

Digital Library

[40]

Cetin Sahin, Victor Zakhary, Amr El Abbadi, Huijia Lin, and Stefano Tessaro. 2016. Taostore: Overcoming asynchronicity in oblivious data storage. In Security and Privacy (SP), 2016 IEEE Symposium on. IEEE, 198--217.

[41]

Sajin Sasy, Sergey Gorbunov, and Christopher Fletcher. 2018. ZeroTrace: Oblivious memory primitives from Intel SGX. In Symposium on Network and Distributed System Security (NDSS) .

[42]

Elaine Shi, T-H Hubert Chan, Emil Stefanov, and Mingfei Li. 2011. Oblivious RAM with O ((logN) 3) worst-case cost. In Advances in Cryptology--ASIACRYPT 2011. Springer, 197--214.

[43]

Sean W. Smith and David Safford. 2001. Practical server privacy with secure coprocessors. IBM Systems Journal, Vol. 40, 3 (2001), 683--695.

Digital Library

[44]

Emil Stefanov and Elaine Shi. 2013a. Multi-cloud oblivious storage. In Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security. ACM, 247--258.

Digital Library

[45]

Emil Stefanov and Elaine Shi. 2013b. Oblivistore: High performance oblivious cloud storage. In Security and Privacy (SP), 2013 IEEE Symposium on. IEEE, 253--267.

Digital Library

[46]

Emil Stefanov, Elaine Shi, and Dawn Song. 2011. Towards practical oblivious RAM. arXiv preprint arXiv:1106.3652 (2011).

[47]

Emil Stefanov, Marten Van Dijk, Elaine Shi, Christopher Fletcher, Ling Ren, Xiangyao Yu, and Srinivas Devadas. 2013. Path ORAM: an extremely simple oblivious RAM protocol. In Proceedings of the 2013 ACM SIGSAC conference on Computer and Communications security. ACM, 299--310.

Digital Library

[48]

Jo Van Bulck, Marina Minkin, Ofir Weisse, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Thomas F. Wenisch, Yuval Yarom, and Raoul Strackx. 2018. Foreshadow: Extracting the Keys to the Intel SGX Kingdom with Transient Out-of-Order Execution. In Proceedings of the 27th USENIX Security Symposium. USENIX Association.

Digital Library

[49]

Jo Van Bulck, Nico Weichbrodt, Rüdiger Kapitza, Frank Piessens, and Raoul Strackx. 2017. Telling your secrets without page faults: Stealthy page table-based attacks on enclaved execution. In Proceedings of the 26th USENIX Security Symposium. USENIX Association.

Digital Library

[50]

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Giorgi Maisuradze, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida. 2019. RIDL: Rogue In-flight Data Load. In S&P.

[51]

Xiao Wang, Hubert Chan, and Elaine Shi. 2015. Circuit oram: On tightness of the goldreich-ostrovsky lower bound. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security . ACM, 850--861.

Digital Library

[52]

Xiao Shaun Wang, Kartik Nayak, Chang Liu, TH Chan, Elaine Shi, Emil Stefanov, and Yan Huang. 2014. Oblivious data structures. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security. ACM, 215--226.

Digital Library

[53]

Ofir Weisse, Jo Van Bulck, Marina Minkin, Daniel Genkin, Baris Kasikci, Frank Piessens, Mark Silberstein, Raoul Strackx, Thomas F. Wenisch, and Yuval Yarom. 2018. Foreshadow-NG: Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution. Technical report (2018).

[54]

Peter Williams, Radu Sion, and Alin Tomescu. 2012. Privatefs: A parallel oblivious file system. In Proceedings of the 2012 ACM conference on Computer and communications security. ACM, 977--988.

Digital Library

[55]

Yuanzhong Xu, Weidong Cui, and Marcus Peinado. 2015. Controlled-channel attacks: Deterministic side channels for untrusted operating systems. In IEEE Symposium on Security and Privacy (Oakland '15). IEEE, 640--656.

Digital Library

[56]

Yupeng Zhang, Jonathan Katz, and Charalampos Papamanthou. 2016. All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption. In 25th USENIX Security Symposium (USENIX Security 16). 707--720.

Cited By

Darzi SYavuz A(2024)Counter Denial of Service for Next-Generation Networks within the Artificial Intelligence and Post-Quantum Era2024 IEEE 6th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)10.1109/TPS-ISA62245.2024.00025(138-147)Online publication date: 28-Oct-2024
https://doi.org/10.1109/TPS-ISA62245.2024.00025
Che YCheng DWang XWang R(2024)Opca: Enabling Optimistic Concurrent Access for Multiple Users in Oblivious Data StorageIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2024.344162335:11(1891-1903)Online publication date: Nov-2024
https://doi.org/10.1109/TPDS.2024.3441623
Dou HDan ZXu PWang WXu SChen TJin H(2024)Dynamic Searchable Symmetric Encryption With Strong Security and RobustnessIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.335033019(2370-2384)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3350330
Show More Cited By

Index Terms

MOSE: Practical Multi-User Oblivious Storage via Secure Enclaves
1. Security and privacy
  1. Security services
    1. Privacy-preserving protocols

Recommendations

Isogrammic-Fusion ORAM: Improved Statistically Secure Privacy-Preserving Cloud Data Access for Thin Clients
ASIACCS '18: Proceedings of the 2018 on Asia Conference on Computer and Communications Security

We study oblivious random access machine (ORAM) simulation, in cloud computing environments where a thin client outsources her data to a server using O(1)-sized messages.
ObliviStore: High Performance Oblivious Cloud Storage
SP '13: Proceedings of the 2013 IEEE Symposium on Security and Privacy

We design and build ObliviStore, a high performance, distributed ORAM-based cloud data store secure in the malicious model. To the best of our knowledge, ObliviStore is the fastest ORAM implementation known to date, and is faster by 10X or more in ...
Attestation Transparency: Building secure Internet services for legacy clients
ASIA CCS '16: Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security

Internet services can provide a wealth of functionality, yet their usage raises privacy, security and integrity concerns for users. This is caused by a lack of guarantees about what is happening on the server side. As a worst case scenario, the service ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '20: Proceedings of the Tenth ACM Conference on Data and Application Security and Privacy

March 2020

392 pages

ISBN:9781450371070

DOI:10.1145/3374664

General Chairs:
Vassil Roussev
University of New Orleans, USA
,
Bhavani Thuraisingham
University of Texas at Dallas, USA
,
Program Chairs:
Barbara Carminati
University of Insubria, Italy
,
Murat Kantarcioglu
University of Texas at Dallas, USA

Copyright © 2020 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 March 2020

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF

Conference

CODASPY '20

Sponsor:

SIGSAC

CODASPY '20: Tenth ACM Conference on Data and Application Security and Privacy

March 16 - 18, 2020

LA, New Orleans, USA

Acceptance Rates

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
488
Total Downloads

Downloads (Last 12 months)139
Downloads (Last 6 weeks)19

Reflects downloads up to 22 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Darzi SYavuz A(2024)Counter Denial of Service for Next-Generation Networks within the Artificial Intelligence and Post-Quantum Era2024 IEEE 6th International Conference on Trust, Privacy and Security in Intelligent Systems, and Applications (TPS-ISA)10.1109/TPS-ISA62245.2024.00025(138-147)Online publication date: 28-Oct-2024
https://doi.org/10.1109/TPS-ISA62245.2024.00025
Che YCheng DWang XWang R(2024)Opca: Enabling Optimistic Concurrent Access for Multiple Users in Oblivious Data StorageIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2024.344162335:11(1891-1903)Online publication date: Nov-2024
https://doi.org/10.1109/TPDS.2024.3441623
Dou HDan ZXu PWang WXu SChen TJin H(2024)Dynamic Searchable Symmetric Encryption With Strong Security and RobustnessIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.335033019(2370-2384)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3350330
Han JSusilo WLi NHuang X(2024)OLBS: Oblivious Location-Based ServicesIEEE Transactions on Information Forensics and Security10.1109/TIFS.2023.334787419(2231-2243)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TIFS.2023.3347874
Chamani JDemertzis IPapadopoulos DPapamanthou CJalili R(2023)GraphOS: Towards Oblivious Graph ProcessingProceedings of the VLDB Endowment10.14778/3625054.362506716:13(4324-4338)Online publication date: 1-Sep-2023
https://dl.acm.org/doi/10.14778/3625054.3625067
Will NMaziero C(2023)Intel Software Guard Extensions Applications: A SurveyACM Computing Surveys10.1145/359302155:14s(1-38)Online publication date: 17-Jul-2023
https://dl.acm.org/doi/10.1145/3593021
Godhani PBharadhwaj RSural SRanise SCarbone RTakabi D(2023)Poster: APETEEt -- Secure Enforcement of ABAC Policies using Trusted Execution EnvironmentProceedings of the 28th ACM Symposium on Access Control Models and Technologies10.1145/3589608.3595079(47-49)Online publication date: 24-May-2023
https://dl.acm.org/doi/10.1145/3589608.3595079
Zhang HXu CLu RZhu LZhang CGuan Y(2023)Non-Interactive Multi-Client Searchable Symmetric Encryption With Small Client StorageIEEE Transactions on Services Computing10.1109/TSC.2023.330171216:6(3972-3985)Online publication date: Nov-2023
https://doi.org/10.1109/TSC.2023.3301712
Li HHuang QHuang JSusilo W(2023)Public-Key Authenticated Encryption With Keyword Search Supporting Constant Trapdoor Generation and Fast SearchIEEE Transactions on Information Forensics and Security10.1109/TIFS.2022.322430818(396-410)Online publication date: 2023
https://doi.org/10.1109/TIFS.2022.3224308
Sehrawat VYeo FVassilyev D(2023)Star-Specific Key-Homomorphic PRFs From Learning With Linear RegressionIEEE Access10.1109/ACCESS.2023.329484411(73235-73267)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3294844
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Figures

Tables

Media

View Table of Conten