Towards a theory of software protection and simulation by oblivious RAMs
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Private information storage (extended abstract)
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Architectural support for copy and tamper resistant software
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
Outbound Authentication for Programmable Secure Coprocessors
ESORICS '02 Proceedings of the 7th European Symposium on Research in Computer Security
Keeping Secrets in Hardware: The Microsoft Xbox Case Study
CHES '02 Revised Papers from the 4th International Workshop on Cryptographic Hardware and Embedded Systems
AEGIS: architecture for tamper-evident and tamper-resistant processing
ICS '03 Proceedings of the 17th annual international conference on Supercomputing
HIDE: an infrastructure for efficiently protecting information leakage on the address bus
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
A 21.54 Gbits/s Fully Pipelined AES Processor on FPGA
FCCM '04 Proceedings of the 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines
Proceedings of the 40th Annual IEEE/ACM International Symposium on Microarchitecture
Building castles out of mud: practical access pattern privacy and correctness on untrusted storage
Proceedings of the 15th ACM conference on Computer and communications security
Lest we remember: cold-boot attacks on encryption keys
Communications of the ACM - Security in the Browser
DMP: deterministic shared memory multiprocessing
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Complete information flow tracking from the gates up
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Predictive black-box mitigation of timing channels
Proceedings of the 17th ACM conference on Computer and communications security
Determinating timing channels in compute clouds
Proceedings of the 2010 ACM workshop on Cloud computing security workshop
SP '11 Proceedings of the 2011 IEEE Symposium on Security and Privacy
Privacy-preserving access of outsourced data via oblivious RAM simulation
ICALP'11 Proceedings of the 38th international conference on Automata, languages and programming - Volume Part II
Differential privacy under fire
SEC'11 Proceedings of the 20th USENIX conference on Security
Predictive mitigation of timing channels in interactive systems
Proceedings of the 18th ACM conference on Computer and communications security
On the (in)security of hash-based oblivious RAM and a new balancing scheme
Proceedings of the twenty-third annual ACM-SIAM symposium on Discrete Algorithms
Privacy-preserving group data access via stateless oblivious RAM simulation
Proceedings of the twenty-third annual ACM-SIAM symposium on Discrete Algorithms
Oblivious RAM with o((logn)3) worst-case cost
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Chisel: constructing hardware in a Scala embedded language
Proceedings of the 49th Annual Design Automation Conference
Proceedings of the 39th Annual International Symposium on Computer Architecture
Single round access privacy on outsourced storage
Proceedings of the 2012 ACM conference on Computer and communications security
PrivateFS: a parallel oblivious file system
Proceedings of the 2012 ACM conference on Computer and communications security
A secure processor architecture for encrypted computation on untrusted programs
Proceedings of the seventh ACM workshop on Scalable trusted computing
OS-Sommelier: memory-only operating system fingerprinting in the cloud
Proceedings of the Third ACM Symposium on Cloud Computing
Design space exploration and optimization of path oblivious RAM in secure processors
Proceedings of the 40th Annual International Symposium on Computer Architecture
ObliviStore: High Performance Oblivious Cloud Storage
SP '13 Proceedings of the 2013 IEEE Symposium on Security and Privacy
Path ORAM: an extremely simple oblivious RAM protocol
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Path ORAM: an extremely simple oblivious RAM protocol
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
We introduce PHANTOM [1] a new secure processor that obfuscates its memory access trace. To an adversary who can observe the processor's output pins, all memory access traces are computationally indistinguishable (a property known as obliviousness). We achieve obliviousness through a cryptographic construct known as Oblivious RAM or ORAM. We first improve an existing ORAM algorithm and construct an empirical model for its trusted storage requirement. We then present PHANTOM, an oblivious processor whose novel memory controller aggressively exploits DRAM bank parallelism to reduce ORAM access latency and scales well to a large number of memory channels. Finally, we build a complete hardware implementation of PHANTOM on a commercially available FPGA-based server, and through detailed experiments show that PHANTOM is efficient in both area and performance. Accessing 4KB of data from a 1GB ORAM takes 26.2us (13.5us for the data to be available), a 32x slowdown over accessing 4KB from regular memory, while SQLite queries on a population database see 1.2-6x slowdown. PHANTOM is the first demonstration of a practical, oblivious processor and can provide strong confidentiality guarantees when offloading computation to the cloud.