Towards a theory of software protection and simulation by oblivious RAMs
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
Efficient computation on oblivious RAMs
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Petal: distributed virtual disks
Proceedings of the seventh international conference on Architectural support for programming languages and operating systems
Private information storage (extended abstract)
STOC '97 Proceedings of the twenty-ninth annual ACM symposium on Theory of computing
GPFS: A Shared-Disk File System for Large Computing Clusters
FAST '02 Proceedings of the Conference on File and Storage Technologies
UMAC: Fast and Secure Message Authentication
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
A Digital Signature Based on a Conventional Encryption Function
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
FOCS '95 Proceedings of the 36th Annual Symposium on Foundations of Computer Science
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Practical server privacy with secure coprocessors
IBM Systems Journal - End-to-end security
Protecting Client Privacy with Trusted Computing at the Server
IEEE Security and Privacy
On anonymizing query logs via token-based hashing
Proceedings of the 16th international conference on World Wide Web
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
SCOPE: easy and efficient parallel processing of massive data sets
Proceedings of the VLDB Endowment
Building castles out of mud: practical access pattern privacy and correctness on untrusted storage
Proceedings of the 15th ACM conference on Computer and communications security
Persona: an online social network with user-defined privacy
Proceedings of the ACM SIGCOMM 2009 conference on Data communication
Almost optimal private information retrieval
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Traffic analysis attacks on a continuously-observablesteganographic file system
IH'07 Proceedings of the 9th international conference on Information hiding
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
Finding a needle in Haystack: facebook's photo storage
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Oblivious RAM simulation with efficient worst-case access overhead
Proceedings of the 3rd ACM workshop on Cloud computing security workshop
On the (in)security of hash-based oblivious RAM and a new balancing scheme
Proceedings of the twenty-third annual ACM-SIAM symposium on Discrete Algorithms
Oblivious RAM with o((logn)3) worst-case cost
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Revisiting the computational practicality of private information retrieval
FC'11 Proceedings of the 15th international conference on Financial Cryptography and Data Security
ObliviAd: Provably Secure and Practical Online Behavioral Advertising
SP '12 Proceedings of the 2012 IEEE Symposium on Security and Privacy
Single round access privacy on outsourced storage
Proceedings of the 2012 ACM conference on Computer and communications security
PrivateFS: a parallel oblivious file system
Proceedings of the 2012 ACM conference on Computer and communications security
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Hi-index | 0.00 |
Recent events have shown online service providers the perils of possessing private information about users. Encrypting data mitigates but does not eliminate this threat: the pattern of data accesses still reveals information. Thus, we present Shroud, a general storage system that hides data access patterns from the servers running it, protecting user privacy. Shroud functions as a virtual disk with a new privacy guarantee: the user can look up a block without revealing the block's address. Such a virtual disk can be used for many purposes, including map lookup, microblog search, and social networking. Shroud aggressively targets hiding accesses among hundreds of terabytes of data. We achieve our goals by adapting oblivious RAM algorithms to enable large-scale parallelization. Specifically, we show, via new techniques such as oblivious aggregation, how to securely use many inexpensive secure coprocessors acting in parallel to improve request latency. Our evaluation combines large-scale emulation with an implementation on secure coprocessors and suggests that these adaptations bring private data access closer to practicality.