[Colloq] Thesis Defense - Practical Oblivious RAM and its Applications - Travis Mayberry - Friday, June 26, 3pm. WVH 366

[Fong, Andy]

Title: Practical Oblivious RAM and its Applications

Abstract:
For many reasons, including cost advantages, reliability and convenience, users are outsourcing more and more of their data to cloud platforms such as Amazon AWS, Apple iCloud, Microsoft Skydrive, etc.  If a user wishes to ensure privacy of their data from the cloud provider, they must of course encrypt it before uploading.  Unfortunately, this might not be enough.  When, where and how the data is accessed from the cloud can often reveal as much or more private information than the data itself.  This access pattern also needs to be hidden from the cloud provider to ensure maximum privacy.

The main cryptographic construction used to perform this hiding is called Oblivious RAM.  When the user accesses data on the server, they also shuffle and reencrypt portions of the data so that two accesses to the same file aren't recognizable as being the same.  Although ORAM constructions have existed with good asymptotic complexity, there remain several barriers to adoption in regards to practical performance and usability.  This dissertation addresses some of those problems in an effort to make ORAM practical for real world applications.

First, we study how bandwidth can be drastically reduced by taking advantage of not only the storage ability of the cloud, but its computational capabilities as well.  Using recent advances in homomorphic encryption, ORAM schemes can be augmented to trade communication complexity for server computation, which is comparatively very cheap on current cloud platforms.

Beyond the traditional bar of communication complexity, there are additional usability problems that ORAM constructions have.  We show how constructions relying initially on a fixed size database (an unfortunately requirement for the cloud, which counts scalability as one of its main assets) can be expanded to allow dynamic resizing.  We also show how to create the first ORAM constructions which are secure for multiple concurrent users, previous schemes relying on a single user only.

Finally, we show that for some specific use cases a restricted type of write-only ORAM can be used to achieve sufficient privacy while drastically reducing the user's overhead.  We also show that this ORAM is independently interesting for hidden volume disk encryption, and provide some of the first formal definitions for such encryption schemes.

Committee:
Agnes Chan
Erik-Oliver Blass
Daniel Wichs
Seny Kamara (Microsoft Research)
Gene Tsudik (University of California, Irvine)


Andrew W. Fong
Assistant Director for Graduate Admissions and Enrollment

Northeastern University
College of Computer and Information Science
360 Huntington Avenue
451 West Village H
Boston, MA 02115
617-373-8493
a.fong at neu.edu

Facebook<https://www.facebook.com/ccisatnu?ref=hl> | Instagram<https://instagram.com/ccisatnu/> | LinkedIn<https://www.linkedin.com/groups/Northeastern-University-College-Computer-Information-1943637?gid=1943637&mostPopular=&trk=tyah&trkInfo=idx%3A1-1-1%2CtarId%3A1426606862845%2Ctas%3ANortheastern+University+College+of+Com> | Twitter<https://twitter.com/CCISatNU>