IEEE Access (Jan 2020)

FedORAM: A Federated Oblivious RAM Scheme

  • Alexandre Pujol,
  • Liam Murphy,
  • Christina Thorpe

DOI
https://doi.org/10.1109/ACCESS.2020.3027516
Journal volume & issue
Vol. 8
pp. 187687 – 187699

Abstract

Read online

Instant messaging (IM) applications, even with end-to-end encryption enabled, pose privacy issues due to metadata and pattern leakage. Our goal is to develop a model for a privacy preserving IM application, by designing an IM application that focuses on hiding metadata and discussion patterns. To solve the issue of privacy preservation through the obfuscation of metadata, cryptographic constructions like Oblivious Random Access Machines (ORAM) have been proposed in recent years. However, although they completely hide the user access patterns, they incur high computational costs, often resulting in excessively slow performance in practice. We propose a new federated model, FedORAM, which is the first ORAM scheme that uses a federation of servers to hide metadata for an IM use case. In order to investigate the trade-off between security and performance, we propose two versions of FedORAM: Weak FedORAM and Strong FedORAM. Strong FedORAM uses a tree-based federation architecture to ensure strong obliviousness, but with an increased overhead cost. Weak FedORAM has a more simple federated architecture that only uses Oblivious Transfer (OT) to increase communication speed, but with security consequences. Our results show that both constructions are faster than a similar client-server ORAM scheme. Furthermore, Weak FedORAM has a response time of less than 2 seconds per message for a middle-sized federation.

Keywords