CryptoDB
Simple and Efficient Two-Server ORAM
| Authors: | |
|---|---|
| Download: | |
| Presentation: | Slides |
| Conference: | ASIACRYPT 2018 |
| Abstract: | We show a protocol for two-server oblivious RAM (ORAM) that is simpler and more efficient than the best prior work. Our construction combines any tree-based ORAM with an extension of a two-server private information retrieval scheme by Boyle et al., and is able to avoid recursion and thus use only one round of interaction. In addition, our scheme has a very cheap initialization phase, making it well suited for RAM-based secure computation. Although our scheme requires the servers to perform a linear scan over the entire data, the cryptographic computation involved consists only of block-cipher evaluations.A practical instantiation of our protocol has excellent concrete parameters: for storing an N-element array of arbitrary size data blocks with statistical security parameter $$\lambda $$, the servers each store 4N encrypted blocks, the client stores $$\lambda +2\log N$$ blocks, and the total communication per logical access is roughly $$10 \log N$$ encrypted blocks. |
BibTeX
@inproceedings{asiacrypt-2018-29187,
title={Simple and Efficient Two-Server ORAM},
booktitle={Advances in Cryptology – ASIACRYPT 2018},
series={Lecture Notes in Computer Science},
publisher={Springer},
volume={11274},
pages={141-157},
doi={10.1007/978-3-030-03332-3_6},
author={S. Dov Gordon and Jonathan Katz and Xiao Wang},
year=2018
}