Go to DBLP homepageRevisiting Secure Multi-Server Oblivious RAMs
Abstract: Oblivious RAM (ORAM) facilitates search and update on outsourced encrypted databases without leaking access patterns. Since ORAM typically requires large client storage and high computational overhead, many studies proposed more efficient ORAM schemes. For example, Thang et al. proposed a multi-server ORAM, S3ORAM, by utilizing Shamir’s secret sharing and secure multi-party computation, instead of fully homomorphic encryption to enhance the efficiency. However, recent studies show that Shamir’s secret sharing is no longer secure in Galois Fields. To solve this security problem while achieving the efficiency, we propose two ORAM schemes: (1) BSS-ORAM by applying Blakley’s secret sharing to S3ORAM, aiming to improve security with high efficiency, and (2) VH-BSS-ORAM, which further prevents size pattern leakage by storage padding. According to our analysis, BSS-ORAM is secure in Galois Fields with the same computational overhead of S3ORAM; and VH-BSS-ORAM further hides size pattern with higher overhead compared to S3ORAM.
Loading