Towards a theory of software protection and simulation by oblivious RAMs
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Efficient computation on oblivious RAMs
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
Caches and Hash Trees for Efficient Memory Integrity Verification
HPCA '03 Proceedings of the 9th International Symposium on High-Performance Computer Architecture
Specifying and Verifying Hardware for Tamper-Resistant Software
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Implementing an untrusted operating system on trusted hardware
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Efficient Memory Integrity Verification and Encryption for Secure Processors
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
Fast Secure Processor for Inhibiting Software Piracy and Tampering
Proceedings of the 36th annual IEEE/ACM International Symposium on Microarchitecture
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions
Proceedings of the 32nd annual international symposium on Computer Architecture
Improving Cost, Performance, and Security of Memory Encryption and Authentication
Proceedings of the 33rd annual international symposium on Computer Architecture
A low-cost memory remapping scheme for address bus protection
Proceedings of the 15th international conference on Parallel architectures and compilation techniques
Virtual monotonic counters and count-limited objects using a TPM without a trusted OS
Proceedings of the first ACM workshop on Scalable trusted computing
The Trusted Execution Module: Commodity General-Purpose Trusted Computing
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
A low-cost memory remapping scheme for address bus protection
Journal of Parallel and Distributed Computing
IVEC: off-chip memory integrity protection for both security and reliability
Proceedings of the 37th annual international symposium on Computer architecture
DRAMSim2: A Cycle Accurate Memory System Simulator
IEEE Computer Architecture Letters
Oblivious RAM with o((logn)3) worst-case cost
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
A secure processor architecture for encrypted computation on untrusted programs
Proceedings of the seventh ACM workshop on Scalable trusted computing
Path ORAM: an extremely simple oblivious RAM protocol
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
PHANTOM: practical oblivious computation in a secure processor
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Generalized external interaction with tamper-resistant hardware with bounded information leakage
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
Hi-index | 0.00 |
Keeping user data private is a huge problem both in cloud computing and computation outsourcing. One paradigm to achieve data privacy is to use tamper-resistant processors, inside which users' private data is decrypted and computed upon. These processors need to interact with untrusted external memory. Even if we encrypt all data that leaves the trusted processor, however, the address sequence that goes off-chip may still leak information. To prevent this address leakage, the security community has proposed ORAM (Oblivious RAM). ORAM has mainly been explored in server/file settings which assume a vastly different computation model than secure processors. Not surprisingly, naïvely applying ORAM to a secure processor setting incurs large performance overheads. In this paper, a recent proposal called Path ORAM is studied. We demonstrate techniques to make Path ORAM practical in a secure processor setting. We introduce background eviction schemes to prevent Path ORAM failure and allow for a performance-driven design space exploration. We propose a concept called super blocks to further improve Path ORAM's performance, and also show an efficient integrity verification scheme for Path ORAM. With our optimizations, Path ORAM overhead drops by 41.8%, and SPEC benchmark execution time improves by 52.4% in relation to a baseline configuration. Our work can be used to improve the security level of previous secure processors.