Welcome to the resource topic for 2022/1506
ORTOA: One Round Trip Oblivious Access
Authors: Sujaya Maiyya, Yuval Steinhart, Divyakant Agrawal, Prabhanjan Ananth, Amr El AbbadiAbstract:
Cloud based storage-as-a-service is quickly gaining popularity due
to its many advantages such as scalability and pay-as-you-use cost
model. However, storing data in the clear on third-party servers
creates vulnerabilities, especially pertaining to data privacy. Applications typically encrypt their data before off-loading it to cloud
storage to ensure data privacy. To serve a client’s read or write
requests, an application either reads or updates the encrypted data
on the cloud, revealing the type of client access to the untrusted
cloud. An adversary however can exploit this information leak to
compromise a user’s privacy by tracking read/write access patterns.
Existing approaches (used in Oblivious RAM (ORAM) and frequency
smoothing datastores) hide the type of client access by always reading the data followed by writing it, sequentially, irrespective of a
read or write request, rendering one of these rounds redundant
with respect to a client request. To mitigate this redundancy, we
propose ORTOA- a One Round Trip Oblivious Access protocol that
reads or writes data stored on remote storage in one round without revealing the type of access. To our knowledge, ORTOA is the
first generalized protocol to obfuscate the type of access in a single
round, reducing the communication overhead in half. ORTOA hides
the type of individual access as well as the read/write workload
distribution of an application, and due to its generalized design,
it can be integrated with many existing obliviousness techniques
that hide access patterns such as ORAM or frequency smoothing.
Our experimental evaluations show that ORTOA’s throughput is
2.8x that of a baseline that requires two rounds to hide the type of
access; and the baseline incurs 1.9x higher latency than ORTOA.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .