Abstract
This paper presents a new, co-designed compiler and architecture called GhostRider for supporting privacy preserving computation in the cloud. GhostRider ensures all programs satisfy a property called memory-trace obliviousness (MTO): Even an adversary that observes memory, bus traffic, and access times while the program executes can learn nothing about the program's sensitive inputs and outputs. One way to achieve MTO is to employ Oblivious RAM (ORAM), allocating all code and data in a single ORAM bank, and to also disable caches or fix the rate of memory traffic. This baseline approach can be inefficient, and so GhostRider's compiler uses a program analysis to do better, allocating data to non-oblivious, encrypted RAM (ERAM) and employing a scratchpad when doing so will not compromise MTO. The compiler can also allocate to multiple ORAM banks, which sometimes significantly reduces access times.We have formalized our approach and proved it enjoys MTO. Our FPGA-based hardware prototype and simulation results show that GhostRider significantly outperforms the baseline strategy.
- Trusted Platform Module (TPM) Summary. http://www.trustedcomputinggroup.org/resources/trusted_platform_module_tpm_summary.Google Scholar
- J. Agat. Transforming out Timing Leaks. In POPL, pages 40--53, 2000. Google Scholar
Digital Library
- G. Barthe and T. Rezk. Non-interference for a JVM-like language. In TLDI '05, pages 103--112, 2005. Google Scholar
Digital Library
- G. Barthe, T. Rezk, A. Russo, and A. Sabelfeld. Security of multithreaded programs by compilation. ACM Trans. Inf. Syst. Secur., 13(3):21:1--21:32, 2010. Google Scholar
Digital Library
- G. Barthe, T. Rezk, and M. Warnier. Preventing Timing Leaks Through Transactional Branching Instructions. Electron. Notes Theor. Comput. Sci., 153(2):33--55, 2006. Google Scholar
Digital Library
- F. Bavera and E. Bonelli. Type-based information flow analysis for bytecode languages with variable object field policies. In SAC, pages 347--351, 2008. Google Scholar
Digital Library
- M. Blanton, A. Steele, and M. Aliasgar. Data-Oblivious Graph Algorithms for Secure Computation and Outsourcing. In ASIACCS, 2013. Google Scholar
Digital Library
- E. Bonelli, A. Compagnoni, and R. Medel. Information flow analysis for a typed assembly language with polymorphic stacks. In CASSIS, pages 37--56, 2006. Google Scholar
Digital Library
- R. Chow, P. Golle, M. Jakobsson, E. Shi, J. Staddon, R. Masuoka, and J. Molina. Controlling data in the cloud: outsourcing computation without outsourcing control. In ACM Cloud Computing Security Workshop (CCSW), pages 85--90, 2009. Google Scholar
Digital Library
- C. Computer. The convey HC2 architectural overview. http://www.conveycomputer.com/files/4113/5394/7097/Convey_HC-2_Architectual_Overview.pdf.Google Scholar
- H. Consortium. Hybrid memory cube. http://hybridmemorycube.org/.Google Scholar
- B. Coppens, I. Verbauwhede, K. D. Bosschere, and B. D. Sutter. Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors. In IEEE S & P, pages 45--60, 2009. Google Scholar
Digital Library
- Z. Deng and G. Smith. Lenient array operations for practical secure information flow. In CSF, pages 115--124, 2004. Google Scholar
Digital Library
- D. Eppstein, M. T. Goodrich, and R. Tamassia. Privacy-preserving data-oblivious geometric algorithms for geographic data. In GIS, pages 13--22, 2010. Google Scholar
Digital Library
- C. W. Fletcher, M. v. Dijk, and S. Devadas. A secure processor architecture for encrypted computation on untrusted programs. In STC, 2012. Google Scholar
Digital Library
- C. W. Fletcher, L. Ren, A. Kwon, M. van Dijk, E. Stefanov, and S. Devadas. RAW Path ORAM: A low-latency, low-area hardware ORAM controller with integrity verification. IACR Cryptology ePrint Archive, page 431, 2014.Google Scholar
- C. W. Fletcher, L. Ren, X. Yu, M. van Dijk, O. Khan, and S. Devadas. Suppressing the Oblivious RAM timing channel while making information leakage and program efficiency trade-offs. In HPCA, pages 213--224, 2014.Google Scholar
Cross Ref
- M. Garey and D. Johnson. Computers and Intractability: A Guide to the Theory of NP-Completeness. W.H. Freeman, 1979. Google Scholar
Digital Library
- T. Gilmont, J. didier Legat, and J. jacques Quisquater. Enhancing security in the memory management unit. In EUROMICRO, 1999.Google Scholar
Cross Ref
- O. Goldreich. Towards a theory of software protection and simulation by oblivious RAMs. In STOC, 1987. Google Scholar
Digital Library
- O. Goldreich and R. Ostrovsky. Software protection and simulation on oblivious RAMs. J. ACM, 1996. Google Scholar
Digital Library
- M. T. Goodrich and M. Mitzenmacher. Privacy-Preserving Access of Outsourced Data via Oblivious RAM Simulation. In ICALP, pages 576--587, 2011. Google Scholar
Digital Library
- M. T. Goodrich, M. Mitzenmacher, O. Ohrimenko, and R. Tamassia. Privacy-preserving group data access via stateless oblivious RAM simulation. In SODA, 2012. Google Scholar
Digital Library
- M. T. Goodrich, O. Ohrimenko, and R. Tamassia. Data-oblivious graph drawing model and algorithms. CoRR, abs/1209.0756, 2012.Google Scholar
- T. C. Group. Trusted computing group. http://www.trustedcomputinggroup.org/.Google Scholar
- J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest we remember: cold-boot attacks on encryption keys. Commun. ACM, 52(5):91--98, 2009. Google Scholar
Digital Library
- D. Hedin and D. Sands. Timing aware information flow security for a javacard-like bytecode. Electron. Notes Theor. Comput. Sci., 141(1):163--182, Dec. 2005. Google Scholar
Digital Library
- N. Kobayashi and K. Shirane. Type-based information flow analysis for low-level languages. In APLAS, 2002.Google Scholar
- P. C. Kocher, J. Jaffe, B. Jun, and P. Rohatgi. Introduction to differential power analysis. J. Cryptographic Engineering, 1(1):5--27, 2011.Google Scholar
Cross Ref
- E. Kushilevitz, S. Lu, and R. Ostrovsky. On the (In)security of Hash-based Oblivious RAM and a New Balancing Scheme. In SODA, 2012. Google Scholar
Digital Library
- D. Lie, J. Mitchell, C. A. Thekkath, and M. Horowitz. Specifying and Verifying Hardware for Tamper-Resistant Software. In IEEE S & P, 2003. Google Scholar
Digital Library
- C. Liu, A. Harris, M. Maas, M. Hicks, M. Tiwari, and E. Shi. GhostRider: A hardware-software system for memory trace oblivious computation. Technical Report CS-TR-5041, University of Maryland, Department of Computer Science, Jan. 2015.Google Scholar
- C. Liu, M. Hicks, and E. Shi. Memory Trace Oblivious Program Execution. In CSF, 2013. Google Scholar
Digital Library
- J. R. Lorch, B. Parno, J. W. Mickens, M. Raykova, and J. Schiffman. Shroud: ensuring private access to large-scale data in the data center. In FAST, 2013. Google Scholar
Digital Library
- M. Maas, E. Love, E. Stefanov, M. Tiwari, E. Shi, K. Asanovic, J. Kubiatowicz, and D. Song. Phantom: Practical Oblivious Computation in a Secure Processor. In CCS, 2013. Google Scholar
Digital Library
- R. Medel, A. Compagnoni, and E. Bonelli. A typed assembly language for non-interference. In ICTCS, pages 360--374, 2005. Google Scholar
Digital Library
- G. Morrisett, D. Walker, K. Crary, and N. Glew. From system F to typed assembly language. ACM Trans. Program. Lang. Syst., 21(3):527--568, 1999. Google Scholar
Digital Library
- A. Pnueli, M. Siegel, and E. Singerman. Translation Validation. In TACAS, 1998. Google Scholar
Digital Library
- F. Pottier and V. Simonet. Information flow inference for ML. ACM Trans. Program. Lang. Syst., 25(1):117--158, 2003. Google Scholar
Digital Library
- L. Ren, X. Yu, C. W. Fletcher, M. Van Dijk, and S. Devadas. Design space exploration and optimization of path oblivious ram in secure processors. In ISCA, 2013. Google Scholar
Digital Library
- riscv.org. Launching the Open-Source Rocket Chip Generator, Oct. 2014. https://blog.riscv.org/2014/10/launching-the-open-source-rocket-chip-generator/.Google Scholar
- B. Rogers, S. Chhabra, Y. Solihin, and M. Prvulovic. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance- Friendly. In MICRO, pages 183--196, 2007. Google Scholar
Digital Library
- A. Sabelfeld and A. C. Myers. Language-based information-flow security. IEEE Journal on Selected Areas in Communications, 21(1):5--19, Jan. 2003. Google Scholar
Digital Library
- E. Shi, T.-H. H. Chan, E. Stefanov, and M. Li. Oblivious RAM with O((logN)3) worst-case cost. In ASIACRYPT, pages 197--214, 2011. Google Scholar
Digital Library
- S. Skorobogatov. Low temperature data remanence in static RAM. Technical Report UCAM-CL-TR-536, University of Cambridge, Computer Laboratory, June 2002.Google Scholar
- E. Stefanov, M. van Dijk, E. Shi, T.-H. H. Chan, C. Fletcher, L. Ren, X. Yu, and S. Devadas. Path ORAM: an Extremely Simple Oblivious RAM Protocol. IACR Cryptology ePrint Archive, 2013. http://eprint.iacr.org/2013/280. Google Scholar
Digital Library
- G. E. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: architecture for tamper-evident and tamper-resistant processing. In ICS, pages 160--171, 2003. Google Scholar
Digital Library
- D. L. C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. Mitchell, and M. Horowitz. Architectural support for copy and tamper resistant software. SIGOPS Oper. Syst. Rev., 34(5):168--177, Nov. 2000. Google Scholar
Digital Library
- A. Vasudevan, J. McCune, J. Newsome, A. Perrig, and L. van Doorn. CARMA: A Hardware Tamper-Resistant Isolated Execution Environment on Commodity x86 Platforms. In ASIACCS, May 2012. Google Scholar
Digital Library
- H. Vo, Y. Lee, A. Waterman, and K. Asanovic. A Case for OS-Friendly Hardware Accelerators. In WIVOSCA, 2013.Google Scholar
- A. Waterman, Y. Lee, D. A. Patterson, and K. Asanovic. The RISC-V Instruction Set Manual, Volume I: Base User- Level ISA. Technical Report UCB/EECS-2011-62, EECS Department, University of California, Berkeley, May 2011.Google Scholar
- L. Whitney. Microsoft Urges Laws to Boost Trust in the Cloud. http://news.cnet.com/8301-1009_3-10437844-83.html.Google Scholar
- P. Williams and R. Sion. Single round access privacy on outsourced storage. In CCS, 2012. Google Scholar
Digital Library
- P. Williams, R. Sion, and B. Carbunar. Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In CCS, pages 139--148, 2008. Google Scholar
Digital Library
- S. A. Zdancewic. Programming Languages for Information Security. PhD thesis, 2002. Google Scholar
Digital Library
- X. Zhuang, T. Zhang, and S. Pande. Hide: an infrastructure for efficiently protecting information leakage on the address bus. SIGARCH Comput. Archit. News, 32(5):72--84, Oct. 2004. Google Scholar
Digital Library
Index Terms
GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation
Recommendations
GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation
ASPLOS '15: Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating SystemsThis paper presents a new, co-designed compiler and architecture called GhostRider for supporting privacy preserving computation in the cloud. GhostRider ensures all programs satisfy a property called memory-trace obliviousness (MTO): Even an adversary ...
GhostRider: A Hardware-Software System for Memory Trace Oblivious Computation
ASPLOS'15This paper presents a new, co-designed compiler and architecture called GhostRider for supporting privacy preserving computation in the cloud. GhostRider ensures all programs satisfy a property called memory-trace obliviousness (MTO): Even an adversary ...
Distributed oblivious RAM for secure two-party computation
TCC'13: Proceedings of the 10th theory of cryptography conference on Theory of CryptographyWe present a new method for secure two-party Random Access Memory (RAM) program computation that does not require taking a program and first turning it into a circuit. The method achieves logarithmic overhead compared to an insecure program execution.
...







Comments