This library implements an Oblivious RAM (ORAM) for secure enclave applications.
Oblivious RAM (ORAM) is a technique that allows a client to fully hide its pattern of accesses to memory stored by an untrusted third party, such as a cloud server. ORAM is costly, with a proven asymptotically logarithmic overhead that is at least (10 \times) to (100 \times) in practice. However, in some applications only some of the accesses to the untrusted memory may be sensitive. In this work, we introduce ON-OFF ORAM: an extension to ORAM schemes that allows the client to avoid the unnecessary overhead of protecting non-sensitive accesses by switching between two modes: ON, in which the client's memory accesses are oblivious just like in regular ORAM, and OFF, in which they are not. We implement ON-OFF Path ORAM---an application of the ON-OFF extension to Path ORAM, suitable for protecting the memory accesses of enclaves---and show performance improvements both in online and total overhead.
This crate assumes that ORAM clients are running inside a secure enclave architecture that provides memory encryption. It does not perform encryption-on-write and thus is not secure without memory encryption.
Rust 1.81 or higher.
- Original Path ORAM paper, which introduced the standard "vanilla" variant of Path ORAM on which this library is based.
- Path ORAM retrospective paper, containing a high-level overview of developments related to Path ORAM.
- Oblix paper, which describes the oblivious stash data structure this library implements.
The authors of this code are Woiciech Wisniewski ([@wciszewski] and Emanuele Ragnoli[@u2135]
This project is dual-licensed under either the MIT license or the Apache License, Version 2.0. You may select, at your option, one of the above-listed licenses.