practicing oblivious access on cloud storage: the gap ... · practicing oblivious access on cloud...
TRANSCRIPT
![Page 1: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/1.jpg)
Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New
Way Forward
Vincent Bindschaedler1, Muhammad Naveed1,3, Xiaorui Pan2, XiaoFeng Wang2, and Yan Huang2
1University of Illinois at Urbana-Champaign 2Indiana University Bloomington
3Cornell University
![Page 2: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/2.jpg)
Cloud Storage
User Side
Application
Cloud Storage Service
file1
file4
file2
file3
![Page 3: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/3.jpg)
Cloud Storage
User Side
Application
get(file1)
put(file1, data1)
get(file2)
Cloud Storage Service
file1
file4
file2
file3
![Page 4: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/4.jpg)
Cloud Storage
User Side
Application
get(file1)
put(file1, data1)
get(file2)
Cloud Storage Service
file1
file4
file2
file3
![Page 5: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/5.jpg)
Cloud Storage
User Side
Application
get(file1)
put(file1, data1)
get(file2)
Cloud Storage Service
file1
file4
file2
file3
Leaks access pattern
![Page 6: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/6.jpg)
Background: Oblivious RAM• Obliviousness: • For any fixed size request sequence, the associated storages accesses
observed (by the cloud) are statistically independent of the requests
• Techniques • Operates on fixed size data blocks • Encrypt blocks with ciphertext indistinguishability • Dummy accesses, re-encryption, shuffling, etc.
![Page 7: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/7.jpg)
Oblivious Cloud Storage
Trusted User Side
OR
AM
Client
Application
Cloud Storage Service
![Page 8: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/8.jpg)
Oblivious Cloud Storage
Trusted User Side
OR
AM
Client
Application
get(key1)
put(key1, val1)
get(key2)
Cloud Storage Service
![Page 9: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/9.jpg)
Oblivious Cloud Storage
Trusted User Side
OR
AM
Client
Application
get(key1)
put(key1, val1)
get(key2)
Cloud Storage Servicedownload(object57)
download(object32)
upload(object15, data4)
download(object3)
download(object28)
upload(object65, data19)
download(object11)
download(object44)
upload(object73, data26)
![Page 10: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/10.jpg)
How close is ORAM to practice?• Are ORAM designs in line with the constraints of real-world
cloud services?
• How close are ORAM techniques to offering practical support to cloud applications?
• Are we on the right track to narrow the gap?
![Page 11: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/11.jpg)
Assumptions in ORAM literature1. Bandwidth overhead is a good proxy metric • So, minimizing it optimizes application performance
2. Application is not taken into account • Implicit assumption that application has no impact on performance
Assumptions influence the way the problem is thought about and guide the research agenda.
![Page 12: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/12.jpg)
Contribution
![Page 13: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/13.jpg)
Contribution
Chose 4 representative ORAM designs
ORAM Literature
1
![Page 14: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/14.jpg)
Contribution
Chose 4 representative ORAM designs
ORAM Literature
1
Build ORAM Systems
![Page 15: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/15.jpg)
Cloud Storage Evaluation Platform
2
Performance Data
App
ORAM
Contribution
Chose 4 representative ORAM designs
ORAM Literature
1
Build ORAM Systems
![Page 16: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/16.jpg)
Cloud Storage Evaluation Platform
2
Performance Data
App
ORAM
Contribution
Chose 4 representative ORAM designs
ORAM Literature
1
Build ORAM Systems
New understanding
How ORAMs work on cloud storage
What real apps need
3
![Page 17: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/17.jpg)
Cloud Storage Evaluation Platform
2
Performance Data
App
ORAM
Contribution
Chose 4 representative ORAM designs
ORAM Literature
1
Build ORAM Systems
New understanding
How ORAMs work on cloud storage
What real apps need
3
CURIOUS
(New ORAM Framework)
4
Design
![Page 18: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/18.jpg)
ORAM Systems We Built
1. Tree-based: PathORAM 2. Layered-based: LayeredORAM 3. Large messages-based: PracticalOS 4. Partition-based: ObliviStore
1. [PathORAM] Stefanov, Emil, et al. "Path ORAM: An Extremely Simple Oblivious RAM Protocol." CCS 2013.
2. [LayeredORAM] Goodrich, Michael, et al. "Oblivious RAM simulation with efficient worst-case access overhead." CCSW 2011.3. [PracticalOS] Goodrich, Michael, et al. "Practical oblivious storage." CODASPY 2012.
4. [ObliviStore] Stefanov, Emil, and Elaine Shi. "Oblivistore: High performance oblivious cloud storage." S&P 2013.
![Page 19: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/19.jpg)
Application Selection
•We use Filebench: filesystem benchmarking tool
• Able to emulate several applications, e.g.: • Mail server • File server • Web proxy • Web server
![Page 20: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/20.jpg)
Methodology
![Page 21: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/21.jpg)
Methodology
client
Amazon S3
bucket extract logs application tracesFilebench accesses
![Page 22: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/22.jpg)
Methodology
client
Amazon S3
bucket extract logs application tracesFilebench accesses
client
PathORAM
ObliviStore
PracticalOS
LayeredORAM
No ORAM
application
varmail
webproxy
webserver
fileserver
Amazon S3
performance data
accesses
requests
![Page 23: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/23.jpg)
Findings
![Page 24: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/24.jpg)
Bandwidth overhead as a proxy for response time
![Page 25: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/25.jpg)
Bandwidth overhead as a proxy for response time
![Page 26: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/26.jpg)
Bandwidth overhead as a proxy for monetary cost
![Page 27: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/27.jpg)
Bandwidth overhead as a proxy for monetary cost
![Page 28: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/28.jpg)
Bandwidth overhead as a proxy for monetary cost
PathORAM
![Page 29: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/29.jpg)
Application traces
Time
…
time interval without ORAM
Time
…
time interval with ORAM
• Slowdown := time with ORAM / time without ORAM
![Page 30: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/30.jpg)
Application Traces• According to slowdown measurements: • ObliviStore could easily handle two applications (i.e., varmail and
webproxy), but could not handle the other two (i.e., webserver and fileserver)
• PathORAM could not handle any of the four applications (it experienced slowdowns ranging from 3 to 92)
• In all cases, the monetary cost of running on top of ORAM was roughly 100 times (or more) than running without ORAM
![Page 31: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/31.jpg)
PracticalOS & LayeredORAM• Neither of the two schemes could support any of the
applications
• PracticalOS has a low response time for requests • but a long and expensive reshuffling phase
• The cost of operating PracticalOS for varmail is roughly 15 USD / min
![Page 32: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/32.jpg)
Main Findings• Bandwidth overhead is not the bottleneck • Network latency is the bottleneck
• Many real applications require the ORAM to process requests concurrently
• Downloads and uploads do not have the same cost
![Page 33: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/33.jpg)
Asynchronicity & Concurrent Request Processing• ObliviStore can process multiple requests concurrently and
offer an asynchronous interface
• Others (e.g., PathORAM) are fundamentally synchronous • The current request must be fully completed before the processing of
the next request can start
• ORAM schemes do not appear to consider asynchronicity as a crucial property • 3 out of 39 published papers have this property
![Page 34: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/34.jpg)
Asynchronicity is a MUST!
• Asynchronicity has never been a main design goal. • But, we found that:
1. Asynchronicity is not only desirable but actually necessary • No synchronous ORAM scheme can fully support cloud applications
2. Asynchronicity is difficult • E.g., the implementation of ObliviStore did not get it right
![Page 35: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/35.jpg)
Bandwidth Asymmetricity• S3: the monetary cost of an upload is 12.5 times that of a download
![Page 36: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/36.jpg)
Bandwidth AsymmetricityM
edia
n Re
spon
se T
ime
(ms)
0
30
60
90
120
1KB 2KB 4KB 8KB 16KB 32KB 64KB
GET PUT
• S3: the monetary cost of an upload is 12.5 times that of a download
![Page 37: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/37.jpg)
Bandwidth AsymmetricityM
edia
n Re
spon
se T
ime
(ms)
0
30
60
90
120
1KB 2KB 4KB 8KB 16KB 32KB 64KB
GET PUT
• S3: the monetary cost of an upload is 12.5 times that of a download
![Page 38: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/38.jpg)
Bandwidth-only evaluation is INACCURATE!
• Overhead evaluation: total bandwidth only in existing literature • Bandwidth overhead := download overhead + upload overhead
• But, experimentally, their performance and monetary cost are different • Failure to incorporate this experimental insight in our thinking could lead
us to make incorrect conclusions about how schemes perform in practice • Example: which is better?
• Scheme 1: 20 download overhead, 20 upload overhead • Scheme 2: 40 download overhead, 10 upload overhead
![Page 39: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/39.jpg)
CURIOUS
![Page 40: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/40.jpg)
Novel ORAM Framework: CURIOUS• Based on our findings, we propose CURIOUS
• Simple design: • Flexible due to modular design • Simple concurrency model
• Also, it preserves properties that applications expect from cloud • e.g., reliability
![Page 41: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/41.jpg)
CURIOUS performs better than ObliviStoreSl
owdo
wn
1
1.75
2.5
3.25
4
varmail webproxy webserver fileserver
ObliviStore CURIOUS
![Page 42: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/42.jpg)
CURIOUS performs better than ObliviStoreSl
owdo
wn
1
1.75
2.5
3.25
4
varmail webproxy webserver fileserver
ObliviStore CURIOUS
• Monetary cost is only half to two-thirds
![Page 43: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/43.jpg)
CURIOUS performs better than ObliviStoreSl
owdo
wn
1
1.75
2.5
3.25
4
varmail webproxy webserver fileserver
ObliviStore CURIOUS
• Monetary cost is only half to two-thirds
![Page 44: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/44.jpg)
CURIOUS performs better than ObliviStoreSl
owdo
wn
1
1.75
2.5
3.25
4
varmail webproxy webserver fileserver
ObliviStore CURIOUS
• Monetary cost is only half to two-thirds
![Page 45: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/45.jpg)
CURIOUS performs better than ObliviStoreSl
owdo
wn
1
1.75
2.5
3.25
4
varmail webproxy webserver fileserver
ObliviStore CURIOUS
• Even though • CURIOUS uses 2X the bandwidth of ObliviStore
• Monetary cost is only half to two-thirds
![Page 46: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/46.jpg)
Conclusions• Oblivious RAM has come a long way… • … and there is a long way to go still… • But we found: • In theory there is no difference between theory and practice • But in practice, there is.
• Lesson: • align theory to practice • evaluate theory on practical systems
![Page 47: Practicing Oblivious Access on Cloud Storage: the Gap ... · Practicing Oblivious Access on Cloud Storage: the Gap, Fallacy, and the New Way Forward Vincent Bindschaedler 1, Muhammad](https://reader035.vdocuments.us/reader035/viewer/2022062919/5ee08d0aad6a402d666bb76f/html5/thumbnails/47.jpg)
Open-Source Code (BSD license)• Our entire system including CURIOUS, the 4 representative
ORAM schemes (PathORAM, LayeredORAM, PracticalOS, ObliviStore), and our evaluation platform is open-source.
• Uses Amazon S3 as storage backend.
• Download URL: oblivious-storage.com
• Contact: [email protected]