Oblix: An Efficient Oblivious Search Index
Pratyush Mishra,Rishabh Poddar,Jerry Chen,Alessandro Chiesa,Raluca Ada Popa +4 more
- pp 279-296
TLDR
Oblix is presented, a search index for encrypted data that is oblivious (provably hides access patterns), is dynamic (supports inserts and deletes), and has good efficiency, and is demonstrated in several applications.Abstract:
Search indices are fundamental building blocks of many systems, and there is great interest in running them on encrypted data. Unfortunately, many known schemes that enable search queries on encrypted data achieve efficiency at the expense of security, as they reveal access patterns to the encrypted data. In this paper we present Oblix, a search index for encrypted data that is oblivious (provably hides access patterns), is dynamic (supports inserts and deletes), and has good efficiency. Oblix relies on a combination of novel oblivious-access techniques and recent hardware enclave platforms (e.g., Intel SGX). In particular, a key technical contribution is the design and implementation of doubly-oblivious data structures, in which the client's accesses to its internal memory are oblivious, in addition to accesses to its external memory at the server. These algorithms are motivated by hardware enclaves like SGX, which leak access patterns to both internal and external memory. We demonstrate the usefulness of Oblix in several applications: private contact discovery for Signal, private retrieval of public keys for Key Transparency, and searchable encryption that hides access patterns and result sizes.read more
Citations
More filters
Book
A Pragmatic Introduction to Secure Multi-Party Computation
TL;DR: This monograph provides an introduction to multi-party computation for practitioners interested in building privacy-preserving applications and researchers who want to work in the area and provides a starting point for building applications using MPC and for developing MPC protocols, implementations, tools, and applications.
Posted Content
SGX-LKL: Securing the Host OS Interface for Trusted Execution.
Christian Priebe,Divya Muthukumaran,Joshua Lind,Huanzhou Zhu,Shujie Cui,Vasily A. Sartakov,Peter Pietzuch +6 more
TL;DR: SGX-LKL, a system for running Linux binaries inside of Intel SGX enclaves that only exposes a minimal, protected and oblivious host interface, is described and it is shown that SGX- LKL protects TensorFlow training with a 21% overhead.
Proceedings Article
BITE: Bitcoin Lightweight Client Privacy using Trusted Execution
TL;DR: A new approach to protect the privacy of light clients in Bitcoin using the trusted execution capabilities of commonly available SGX enclaves called BITE, which provides significantly improved privacy protection for light clients without compromising the performance of the assisting full nodes.
Proceedings ArticleDOI
MicroScope: enabling microarchitectural replay attacks
Dimitrios Skarlatos,Mengjia Yan,Bhargava Gopireddy,Read Sprabery,Josep Torrellas,Christopher W. Fletcher +5 more
TL;DR: This work introduces Microarchitectural Replay Attacks, whereby an SGX adversary can denoise nearly arbitrary microar- chitectural side channels in a single run of the victim, by causing the victim to repeatedly replay on a page faulting instruction.
Journal ArticleDOI
ObliDB: oblivious query processing for secure databases
Saba Eskandarian,Matei Zaharia +1 more
TL;DR: ObliDB is introduced, an oblivious database engine design that is the first system to provide obliviousness for general database read workloads over multiple access methods and supports a broad range of queries, including aggregation, joins, insertions, deletions and point queries.
References
More filters
Proceedings ArticleDOI
Practical techniques for searches on encrypted data
TL;DR: This work describes the cryptographic schemes for the problem of searching on encrypted data and provides proofs of security for the resulting crypto systems, and presents simple, fast, and practical algorithms that are practical to use today.
Journal ArticleDOI
Software protection and simulation on oblivious RAMs
Oded Goldreich,Rafail Ostrovsky +1 more
TL;DR: This paper shows how to do an on-line simulation of an arbitrary RAM by a probabilistic oblivious RAM with a polylogaithmic slowdown in the running time, and shows that a logarithmic slowdown is a lower bound.
Book ChapterDOI
A Certified Digital Signature
TL;DR: A practical digital signature system based on a conventionalryption function which is as secure as the conventional encryption function is described, without the several years delay required for certification of an untested system.
Proceedings ArticleDOI
Searchable symmetric encryption: improved definitions and efficient constructions
TL;DR: In this paper, the authors proposed a searchable symmetric encryption (SSE) scheme for the multi-user setting, where queries to the server can be chosen adaptively during the execution of the search.
Proceedings ArticleDOI
Innovative instructions and software model for isolated execution
Frank Mckeen,Ilya Alexandrovich,Alex Berenzon,Carlos V. Rozas,Hisham Shafi,Vedvyas Shanbhogue,Uday R. Savagaonkar +6 more
TL;DR: This paper analyzes the threats and attacks to applications, then describes the ISA extension for generating a HW based container, and describes the programming model of this container.