Group ORAM for privacy and access control in outsourced personal records
Article type: Research Article
Authors: Maffei, Matteoa | Malavolta, Giuliob | Reinert, Manuelc; * | Schröder, Dominiqueb
Affiliations: [a] TU Wien, Favoritenstraße 9-11, Stiege 2, 1040 Wien, Austria. E-mail: matteo.maffei@tuwien.ac.at | [b] Nuremberg Campus of Technology, Fürther Str 246c, Eingang 5, 2. OG, room 11.2.23, 90429 Nürnberg, Germany. E-mails: giulio.malavolta@fau.de, dominique.schroeder@fau.de | [c] Saarland University, Saarland Informatics Campus E9.1, 66041 Saarbrücken, Germany. E-mail: reinert.manuel@gmail.com
Correspondence: [*] Corresponding author. E-mail: reinert.manuel@gmail.com.
Abstract: Cloud storage has rapidly become a cornerstone of many IT infrastructures, constituting a seamless solution for the backup, synchronization, and sharing of large amounts of data. Putting user data in the direct control of cloud service providers, however, raises security and privacy concerns related to the integrity of outsourced data, the accidental or intentional leakage of sensitive information, the profiling of user activities and so on. Furthermore, even if the cloud provider is trusted, users having access to outsourced files might be malicious and misbehave. These concerns are particularly serious in sensitive applications like personal health records and credit score systems. To tackle this problem, we present ΠGORAM, a definitional framework for Group Oblivious RAM, in which we formalize several security and privacy properties such as secrecy, integrity, anonymity, and obliviousness. ΠGORAM allows per entry access control, as selected by the data owner. ΠGORAM is the first framework to define such a wide range of security and privacy properties for outsourced storage. Regarding obliviousness, we tackle two different attacker models: our first definition protects against an honest-but-curious server while our second definition protects against such a server colluding with malicious clients. In the latter model, we prove a server-side computational lower bound of Ω(n) where n is the number of entries in the database, i.e., every operations requires to process a constant fraction of the database. Furthermore, we present two constructions: a pure cryptographic instantiation, which achieves an O(n) amortized communication and computation complexity and a construction based on a trusted proxy with logarithmic communication and server-side computational complexity. The second construction bypasses the previously established lower bound leveraging a trusted party. Both schemes achieve secrecy, integrity, and obliviousness with respect to a server colluding with malicious clients, but not anonymity due to the deployed access control mechanism. In the former model, we present a cryptographic system that achieves secrecy, integrity, obliviousness, and anonymity. In the process of designing an efficient construction, we developed three new, generally applicable cryptographic schemes, namely, batched zero-knowledge proof of shuffle correctness, the hash-and-proof paradigm, which even improves upon the former, and an accountability technique based on chameleon signatures, which we consider of independent interest. We implemented our constructions in Amazon Elastic Compute Cloud (EC2) and ran a performance evaluation demonstrating the scalability and efficiency of our construction.
Keywords: Group ORAM, oblivious RAM, cloud storage, provable security, privacy-enhancing technologies
DOI: 10.3233/JCS-171030
Journal: Journal of Computer Security, vol. 27, no. 1, pp. 1-47, 2019