research-article

Public Access

ρ: Relaxed Hierarchical ORAM

Authors:

Chandrasekhar Nagarajan,

Rajeev Balasubramonian,

Mohit TiwariAuthors Info & Claims

ASPLOS '19: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems

Pages 659 - 671

https://doi.org/10.1145/3297858.3304045

Published: 04 April 2019 Publication History

Abstract

Applications in the cloud are vulnerable to several attack scenarios. In one possibility, an untrusted cloud operator can examine addresses on the memory bus and use this information leak to violate privacy guarantees, even if data is encrypted. The Oblivious RAM (ORAM) construct was introduced to eliminate such information leak and these frameworks have seen many innovations in recent years. In spite of these innovations, the overhead associated with ORAM is very significant. This paper takes a step forward in reducing ORAM memory bandwidth overheads. We make the case that, similar to a cache hierarchy, a lightweight ORAM that fronts the full-fledged ORAM provides a boost in efficiency. The lightweight ORAM has a smaller capacity and smaller depth, and it can relax some of the many constraints imposed on the full-fledged ORAM. This yields a 2-level hierarchy with a relaxed ORAM and a full ORAM. The relaxed ORAM adopts design parameters that are optimized for efficiency and not capacity. We introduce a novel metadata management technique to further reduce the bandwidth for relaxed ORAM access. Relaxed ORAM accesses preserve the indistinguishability property and are equipped with an integrity verification system. Finally, to eliminate information leakage through LLC and relaxed ORAM hit rates, we introduce a deterministic memory scheduling policy. On a suite of memory-intensive applications, we show that the best Relaxed Hierarchical ORAM (ρ) model yields a performance improvement of 50%, relative to a Freecursive ORAM baseline.

References

[1]

S. Aga and S. Narayanasamy. 2017. InvisiMem: Smart Memory for Trusted Computing. In International Symposium on Computer Architecture.

Digital Library

[2]

A. Awad, Y. Wang, D. Shands, and Y. Solihin. 2017. ObfusMem: A Low-Overhead Access Obfuscation for Trusted Memories. In International Symposium on Computer Architecture.

Digital Library

[3]

Andrew Baumann, Marcus Peinado, and Galen Hunt. 2015. Shielding Applications from an Untrusted Cloud with Haven. ACM Transactions on Computer Systems (TOCS)33, 3 (2015), 8.

Digital Library

[4]

N. Chatterjee, R. Balasubramonian, M. Shevgoor, S. Pugsley, A. Udipi, A. Shafiee, K. Sudan, M. Awasthi, and Z. Chishti. 2012. USIMM: the Utah SImulated Memory Module. Technical Report. University of Utah. UUCS-12-002.

[5]

Claire Cain Miller. {n. d.}. Revelations of N.S.A. Spying Cost U.S. TechCompanies. https://tinyurl.com/y9syuvwg.

[6]

Wind Company. 2007. Wind River Simics Full System Simulator. http://www.windriver.com/products/simics/

[7]

C. Fletcher, L. Ren, A. Kwon, M. van Dijk, and S. Devadas. 2015. Freecursive ORAM: {Nearly} Free Recursion and Integrity Verification for Position-based Oblivious RAM. In Proceedings of ASPLOS.

Digital Library

[8]

C. Fletcher, L. Ren, X. Yu, M. van Dijk, O. Khan, and S. Devadas. 2014. Suppressing the Oblivious RAM Timing Channel While Making Information Leakage and Program Efficiency Trade-Offs. In HPCA.

[9]

C. Gentry, K. A. Goldman, S. Halevi, C. S. Jutla, M. Raykova, and D.Wichs. 2013. Optimizing oram and using it efficiently for secure computation. In Proceedings of PET.

[10]

O. Goldreich. 1987. Towards a Theory of Software Protection and Simulation by Oblivious RAMs. In Proceedings of STOC.

Digital Library

[11]

O. Goldreich and R. Ostrovsky. 1996. Software Protection and Simulation on Oblivious RAMs. J. ACM (1996).

Digital Library

[12]

V. Goyal and A. Jain. 2013. On Concurrently Secure Computation in the Multiple Ideal Query Model. In Proceedings of EUROCRYPT.

[13]

S. Gueron. 2016. A Memory Encryption Engine Suitable for General Purpose Processors. In Proceedings of IACR.

[14]

Zecheng He and Ruby B Lee. 2017. How secure is your cache against side-channel attacks?. In Proceedings of the 50th Annual IEEE/ACM International Symposium on Microarchitecture. ACM, 341--353.

Digital Library

[15]

Hi Tech Global. 2018. Hybrid Memory Cube Module. http://www.hitechglobal.com/Accessories/HybridMemoryCube-HMC.htm.

[16]

M. Y. Hsiao. 1970. A Class of Optimal Minimum Odd-weight-column SEC-DED Codes. IBM Journal of Research and Development 14 (1970). Issue 4.

Digital Library

[17]

Micron Technology Inc. 2006. DDR3 SDRAM Part MT41J256M8.

[18]

M. Islam, M. Kuzu, and M. Kantarcioglu. 2012. Access Pattern Disclosure on Searchable Encryption: Ramification, Attack, and Mitigation. In Proceedings of NDSS.

[19]

B. Jacob, S. W. Ng, and D. T. Wang. 2008. Memory Systems - Cache,DRAM, Disk. Elsevier.

Digital Library

[20]

J. Jeddeloh and B. Keeth. 2012. Hybrid Memory Cube -- New DRAM Architecture Increases Density and Performance. In Symposium on VLSI Technology.

[21]

Jordan Robertson and Michael Riley. {n. d.}. The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies. https://tinyurl.com/ycywjdmo.

[22]

P. Kocher, D. Genkin, D. Gruss, W. Haas, M. Hamburg, M. Lipp, S. Mangard, T. Prescher, M. Schwarz, and Y. Yarom. 2018. Spectre Attacks: Exploiting Speculative Execution. https://spectreattack.com/spectre.pdf.

[23]

T. S. Lehman, A. D. Hilton, and B. C. Lee. 2016. Poison Ivy: Safe Speculation for Secure Memory. In Proceedings of MICRO.

Digital Library

[24]

S. Li, K. Chen, M. Y. Hsieh, N. Muralimanohar, C. D. Kersey, D. Chad,J. B. Brockman, A. F. Rodrigues, and N. P. Jouppi. 2011. System Implications of Memory Reliability in Exascale Computing. In SC.

Digital Library

[25]

Chang Liu, Austin Harris, Martin Maas, Michael Hicks, Mohit Tiwari, and Elaine Shi. 2015. Ghost Rider: A Hardware-Software System for Memory Trace Oblivious Computation. In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems.

Digital Library

[26]

M. Maas, E. Love, E. Stefanov, M. Tiwari, E. Shi, K. Asanovic, J. Kubiatowic, and D. Song. 2013. PHANTOM: Practical Oblivious Computation in a Secure Processor. In Proceedings of CCS.

Digital Library

[27]

J. T. Pawlowski. 2011. Hybrid memory cube (HMC). In Hotchips.

[28]

Ling Ren, Christopher W Fletcher, Albert Kwon, Emil Stefanov, Elaine Shi, Marten van Dijk, and Srinivas Devadas. 2014. Ring ORAM: Closing the Gap Between Small and Large Client Storage Oblivious RAM. IACR Cryptology ePrint Archive(2014).

[29]

L. Ren, X. Yu, C. Fletcher, M. van Dijk, and S. Devadas. 2013. Design Space Exploration and Optimization of Path Oblivious RAM in Secure Processors. In Proceedings of ISCA.

Digital Library

[30]

Thomas Ristenpart, Eran Tromer, Hovav Shacham, and Stefan Savage. 2009. Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-party Compute Clouds. In Proceedings of the 16th ACM conference on Computer and Communications Security. 199--212.

Digital Library

[31]

S. Rixner, W. Dally, U. Kapasi, P. Mattson, and J. Owens. 2000. Memory Access Scheduling. In Proceedings of ISCA.

Digital Library

[32]

Brian Rogers, Siddhartha Chhabra, Yan Solihin, and Milos Prvulovic. 2007. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly. In Proceedings of MICRO.

Digital Library

[33]

A. Shafiee, R. Balasubramonian, M. Tiwari, and F. Li. 2018. SecureDIMM: Moving ORAM Primitives Closer to Memory. In Proceedings of HPCA.

[34]

E. Shi, T. Chan, E. Stefanov, and M. Li. 2011. Oblivious RAM with O((logN)3)Worst-Case Cost. In Proceedings of ASIACRYPT.

Digital Library

[35]

A. Sodani. 2016. Knights Landing (KNL): 2nd Generation Intel Xeon Phi Processor. https://www.alcf.anl.gov/files/HC27.25.710-Knights-Landing-Sodani-Intel.pdf.

[36]

E. Stefanov and E. Shi. 2013. ObliviStore: High Performance Oblivious Cloud Storage. In Proceedings of IEEE S&P.

Digital Library

[37]

E. Stefanov, M. van Dijk, E. Shi, C. Fletcher, L. Ren, X. Yu, andS. Devadas. 2013. Path ORAM: An Extremely Simple Oblivious RAM Protocol. In Proceedings of CCS.

Digital Library

[38]

M. Taassori, A. Nag, K. Hodgson, A. Shafiee, and R. Balasubramonian. 2018. Memory: The Dominant Bottleneck in Genomic Workloads. In Proceedings of AACBB Workshop, in conjunction with HPCA-24.

[39]

M. Taassori, A. Shafiee, and R. Balasubramonian. 2018. VAULT: Reducing Paging Overheads in SGX with Efficient Integrity Verification Structures. In Proceedings of ASPLOS.

Digital Library

[40]

Rujia Wang, Youtao Zhang, and Jun Yang. 2018. D-ORAM: Path-ORAM Delegation for Low Execution Interference on Cloud Servers with Untrusted Memory. In High Performance Computer Architecture(HPCA), 2018 IEEE International Symposium on. IEEE, 416--427.

[41]

Yao Wang, Andrew Ferraiuolo, and G. Edward Suh. 2014. Timing Channel Protection for a Shared Memory Controller. In HPCA.

[42]

A.C. Yao. 1986. How to Generate and Exchange Secrets. In FOCS.

Digital Library

[43]

Xiangyao Yu, Syed Kamran Haider, Ling Ren, Christopher W. Fletcher, Albert Kwon, Marten van Dijk, and Srinivas Devadas. 2015. PrORAM:dynamic prefetcher for oblivious RAM. In Proceedings of the 42nd Annual International Symposium on Computer Architecture, Portland, OR, USA, June 13--17, 2015.

Digital Library

[44]

Xian Zhang, Guangyu Sun, Chao Zhang, Weiqi Zhang, Yun Liang, Tao Wang, Yiran Chen, and Jia Di. 2015. Fork Path: Improving Efficiency of ORAM by Removing Redundant Memory Accesses. In Proceedings of the 48th International Symposium on Microarchitecture.

Digital Library

[45]

X. Zhuang, T. Zhang, and S. Pande. 2004. HIDE: An Infrastructure for Efficiently Protecting Information Leakage on the Address Bus. In Proceedings of ASPLOS.

Digital Library

Cited By

Hayashibara NKawabata K(2024)Caching and Prefetching for Improving ORAM Performance2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)10.1109/DSN-W60302.2024.00016(17-20)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN-W60302.2024.00016
Cheng WSang DZeng LWang YBrinkmann A(2023)Tianji: Securing a Practical Asynchronous Multi-User ORAMIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.324118420:6(5143-5155)Online publication date: Nov-2023
https://doi.org/10.1109/TDSC.2023.3241184
Ren L(2023)Oblivious RAM-Based Secure ProcessorsEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1553-1(1-3)Online publication date: 30-Apr-2023
https://doi.org/10.1007/978-3-642-27739-9_1553-1
Show More Cited By

Index Terms

ρ: Relaxed Hierarchical ORAM
1. Computer systems organization
  1. Dependable and fault-tolerant systems and networks
    1. Processors and memory architectures
2. Security and privacy
  1. Security in hardware
    1. Hardware security implementation
      1. Hardware-based security protocols

Recommendations

Examining Leakage of Access Counts in ORAM Constructions
WPES'18: Proceedings of the 2018 Workshop on Privacy in the Electronic Society

Oblivious RAM is a cryptographic primitive that embodies one of the cornerstones of privacy-preserving technologies for database protection. While any Oblivious RAM (ORAM) construction offers access pattern hiding, there does not seem to be a ...
Three-Party ORAM for Secure Computation
Proceedings, Part I, of the 21st International Conference on Advances in Cryptology -- ASIACRYPT 2015 - Volume 9452

An Oblivious RAM ORAM protocol [13] allows a client to retrieve $${\mathrm {N}}$$-th element of a data array $${\mathsf {D}}$$ stored by the server s.t. the server learns no information about $${\mathrm {N}}$$. A related notion is that of an ORAM for ...
PrORAM: Fast $O (log n)$ Authenticated Shares ZK ORAM
Advances in Cryptology – ASIACRYPT 2021
Abstract
We construct a concretely efficient Zero Knowledge (ZK) Oblivious RAM (ORAM) for ZK Proof (ZKP) systems based on authenticated sharings of arithmetic values. It consumes $2 log n$ oblivious transfers (OTs) of length- $2 σ$ secrets per access of an ... $\frac{}{}^{}$
$^{}$

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

ASPLOS '19: Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems

April 2019

1126 pages

ISBN:9781450362405

DOI:10.1145/3297858

General Chairs:
Iris Bahar
Brown University
,
Maurice Herlihy
Brown University
,
Program Chairs:
Emmett Witchel
University of Texas, Austin
,
Alvin Lebeck
Duke University

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 April 2019

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Conference

ASPLOS '19

Sponsor:

ASPLOS '19: Architectural Support for Programming Languages and Operating Systems

April 13 - 17, 2019

RI, Providence, USA

Acceptance Rates

ASPLOS '19 Paper Acceptance Rate 74 of 351 submissions, 21%;

Overall Acceptance Rate 535 of 2,713 submissions, 20%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
607
Total Downloads

Downloads (Last 12 months)94
Downloads (Last 6 weeks)8

Reflects downloads up to 29 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Hayashibara NKawabata K(2024)Caching and Prefetching for Improving ORAM Performance2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops (DSN-W)10.1109/DSN-W60302.2024.00016(17-20)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN-W60302.2024.00016
Cheng WSang DZeng LWang YBrinkmann A(2023)Tianji: Securing a Practical Asynchronous Multi-User ORAMIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.324118420:6(5143-5155)Online publication date: Nov-2023
https://doi.org/10.1109/TDSC.2023.3241184
Ren L(2023)Oblivious RAM-Based Secure ProcessorsEncyclopedia of Cryptography, Security and Privacy10.1007/978-3-642-27739-9_1553-1(1-3)Online publication date: 30-Apr-2023
https://doi.org/10.1007/978-3-642-27739-9_1553-1
Rajat RWang YAnnavaram MHardavellas NCampanoni SGrot BKarpuzcu U(2022)PageORAM : An Efficient DRAM Page Aware ORAM StrategyProceedings of the 55th Annual IEEE/ACM International Symposium on Microarchitecture10.1109/MICRO56248.2022.00021(91-107)Online publication date: 1-Oct-2022
https://dl.acm.org/doi/10.1109/MICRO56248.2022.00021
Raoufi MZhang YYang J(2022)IR-ORAM: Path Access Type Based Memory Intensity Reduction for Path-ORAM2022 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA53966.2022.00034(360-372)Online publication date: Apr-2022
https://doi.org/10.1109/HPCA53966.2022.00034
Cao DZhang MLu HYe XFan DChe YWang R(2021)Streamline Ring ORAM Accesses through Spatial and Temporal Optimization2021 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA51647.2021.00012(14-25)Online publication date: Feb-2021
https://doi.org/10.1109/HPCA51647.2021.00012
Tian WLi RXu ZXiao W(2020)Loco-Store: Locality-based Oblivious Data StorageIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2020.3009428(1-1)Online publication date: 2020
https://doi.org/10.1109/TDSC.2020.3009428
Balasubramonian R(2019)Innovations in the Memory SystemSynthesis Lectures on Computer Architecture10.2200/S00933ED1V01Y201906CAC04814:2(1-151)Online publication date: 10-Sep-2019
https://doi.org/10.2200/S00933ED1V01Y201906CAC048
Che YHong YWang R(2019)Imbalance-Aware Scheduler for Fast and Secure Ring ORAM Data Retrieval2019 IEEE 37th International Conference on Computer Design (ICCD)10.1109/ICCD46524.2019.00087(604-612)Online publication date: Nov-2019
https://doi.org/10.1109/ICCD46524.2019.00087

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents