Privacy-Preserving Group Data Access via Stateless Oblivious RAM Simulation (1105.4125v1)

Abstract: We study the problem of providing privacy-preserving access to an outsourced honest-but-curious data repository for a group of trusted users. We show that such privacy-preserving data access is possible using a combination of probabilistic encryption, which directly hides data values, and stateless oblivious RAM simulation, which hides the pattern of data accesses. We give simulations that have only an $O(\log n)$ amortized time overhead for simulating a RAM algorithm, $\cal A$, that has a memory of size $n$, using a scheme that is data-oblivious with very high probability assuming the simulation has access to a private workspace of size $O(n^\nu)$, for any given fixed constant $\nu>0$. This simulation makes use of pseudorandom hash functions and is based on a novel hierarchy of cuckoo hash tables that all share a common stash. We also provide results from an experimental simulation of this scheme, showing its practicality. In addition, in a result that may be of some theoretical interest, we also show that one can eliminate the dependence on pseudorandom hash functions in our simulation while having the overhead rise to be $O(\log^2 n)$.

• The paper introduces a method for privacy-preserving group data access in outsourced storage, combining probabilistic encryption with stateless Oblivious RAM (ORAM) simulation.
• A key technique involves using a hierarchy of cuckoo hash tables with a shared stash to achieve efficient data obfuscation and an amortized time overhead of O(log n).
• This research offers a practical solution for secure cloud computing environments against "honest-but-curious" adversaries and provides a foundation for future work on more complex threat models.

Overview of Privacy-Preserving Group Data Access via Stateless Oblivious RAM Simulation

This paper introduces a comprehensive method for achieving privacy-preserving access to a shared outsourced data repository by a group of trusted users. The paper leverages principles of probabilistic encryption juxtaposed with stateless Oblivious RAM (ORAM) simulation to safeguard data privacy effectively. The innovative approach underscores the use of a shared stash across a hierarchy of cuckoo hash tables, ensuring a balance between simplicity and effectiveness.

The paper focuses on users outsourcing data to "honest-but-curious" repositories managed by semi-trusted providers such as cloud services. These repositories may have incentives to infer data from access patterns despite performing required protocols without tampering with stored data. The proposed ORAM technique explicitly addresses these privacy concerns by obfuscating access patterns and maintaining data encryption.

Key Contributions

1. Data Obfuscation with Probabilistic Encryption: Users encrypt shared data with a group key using probabilistic encryption, rendering reconstruction of data values computationally infeasible for the repository manager.
2. Stateless ORAM with Cuckoo Hash Tables: The stateless ORAM simulation uses a hierarchy of cuckoo hash tables sharing a common stash, minimizing memory overhead and ensuring a lightweight reconstruction mechanism after simulated access. This design achieves an amortized time overhead of $O(\log n)$, where $n$ denotes the dataset size.
3. Analysis and Empirical Validation: The paper provides an analytical assessment of failure rates, depicting strong probabilistic guarantees for stash sizing $O(\log n)$, and demonstrates practical applicability through experimental evaluation.
4. Alternative Non-Cryptographic Construction: For theoretical completeness, the authors extend their approach to avoid pseudorandom functions, albeit with an increased overhead to $O(\log^2 n)$.

Implications and Speculation

The implications of these results are multifaceted in secure cloud computing environments. Practically, this forms a critical step towards wider adoption of outsourced data services where privacy is paramount. Theoretically, this research lays groundwork for advanced considerations in secure multi-party computations and paves the way for handling larger datasets in cloud systems while preserving user privacy standards.

Given the empirical strength of the shared stash mechanism and the efficient data access simulation, this paper raises intriguing possibilities for its wider application in distributed systems beyond cloud repositories. Future development may focus on adapting these techniques to environments where adversaries have more aggressive threat models or where collusion between insiders and service providers is plausible.

Conclusion

This paper presents a profound development in stateless ORAM simulations coupled with probabilistic encryption, providing a relatively uncomplicated yet robust solution to privacy concerns in outsourced data environments. While current applications are restricted to honest-but-curious models, future research has significant potential to evolve this foundation to address more complex and dynamic adversary behaviors in cloud computing architectures.