Ostrovsky, R. "Efficient Computation on Oblivious RAMs" M.I.T. Ph.D. thesis in Computer Science, June 1992.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....which interact with memory must check that the output not only follows the problem specification but also is consistent with the input sequence. The question of checking a sequence of stores and retrieves from a random access memory has been addressed by the papers of Goldreich [7] and Ostrovsky [15]. These two papers actually solve the harder problem of software protection against a very powerful adversary. Consequently, the overheads involved in checking the sequence of memory accesses is quite large. In this paper, we provide checkers not only for RAMs but also for the more restricted ....

....v (i concatenated with v) This prevents the adversary from making up values for memory locations, but it does not prevent the write once (or replay) attack. That is, the adversary might continue to return old, obsolete value, tag pairs from a location. A similar problem was addressed in [7] and [15]. We address the problem in section 5.1.2. 3.3 Universal one way hash functions The advantage of This technique assumes only a reliable but not secret memory for the checker. 5 Let U be a family of functions where 8f 2 E, f : D 7 R. Following Naor and Yung [14] we say that U is a family of ....

R. Ostrovsky, Efficient computation on oblivious rams, Proc. 22nd ACM Symposium on Theory of Computing, pages 514--523, 1990.

....3.1. 2 Previous Work A more primitive version of the copy protection application for secure coprocessors appeared in [28, 56] a secureCPU approach using oblivious memory references (i.e. apparently random patterns of memory accesses) giving a poly logarithmic slow down, appears in [18] and [35]. 3.2 Electronic Currency We have shown how to keep licensed proprietary software encrypted and allow only execute access. A natural application is to allow charging on a pay per use or metered basis. In addition to controlling access to the software according to the terms of a license, some ....

Rafail Ostrovsky. Efficient computation on oblivious RAMs. In Proceedings of the Twenty Second Annual ACM Symposium on Theory of Computing, pages 514--523, May 1990.

.... that, to recover D, or even a significant portion of it, the adversary would have to generate a covering set of inputs, which appears to be hard in practice Finally, we draw the reader s attention to the Goldreich software protection model [12] see also the recent work of Ostrovsky (to appear in [26]; abstract in these proceedings [9] We do not review the details of the model here, but merely point out that our database protection goal is a special case of the goal of the software vendor in the Goldreich model. In [12] the end user feeds an encrypted program 0 and a cleartext input x ....

R. Ostrovsky. Efficient Computation on Oblivious RAMs, Proceedings of the 22nd STOC (1990), ACM, to appear.

....blind all values in the database without adding a new password login pair. This prevents the sysadmin from concluding with certainty that anything was in fact stolen, based on past versions of the hidden data file. Note that the cryptotrojan acts very similar to an Oblivious RAM [Go87] also [Os90] with respect to how it tries to hide its actions from the user. 4.2.3 Information blinding and leaking transmitting: The final portion of the DPS attack is geared towards enabling the attacker to retrieve the hidden file without getting caught. One approach is as follows. Let s assume the ....

R. Ostrovsky, Efficient Computation on Oblivious RAMs. ACM STOC, 1990.

....trusted memory, irrespective of the size of the stack and the queue. We also perform only a constant number of untrusted memory operations for each stack push and pop. We assume a signature scheme that is collision computation resistant and 2 nd preimage resistant. Goldreich [8] and Ostrovsky [14] give solutions for oblivious machines. A machine is oblivious if the sequence in which it accesses memory locations is equivalent for any two programs with the same running time. This work solves a different problem yet relies on techniques for protecting the integrity of memory (e.g. Ostrovsky ....

R. Ostrovsky. Efficient computations on oblivious rams. In Proceedings of the 19th Annual Symposium on Theory of Computing. ACM, 1990.

....long as the checksum values are stored in tamper proof memory. Note that the privacy level is a function of the subsystem component using the data. If host RAM data is processed by the host CPU, moving the data to the secure coprocessor for encryption is either useless or prohibitively expensive [29, 61] the data must appear in plaintext form to the host CPU and is vulnerable to online attacks. However, if the host RAM data is serving as backing store for secure coprocessor data pages (see section 4.1.3) encryption is appropriate. Similarly, encrypting the secondary store via the host CPU ....

....3.3.2. Previous Work A more primitive version of the copy protection application for secure coprocessors appeared in [46, 104] a secure CPU approach using oblivious memory references (i.e. apparently random patterns of memory accesses) giving a poly logarithmic slow down, appears in [29] and [61]. The secure coprocessor approach improves on these approaches by enabling the protection of large applications, permitting fault tolerant operation (see section 6.4) and when coupled with the electronic currency application described in section 3.4, allowing novel methods of charging for use. ....

Rafail Ostrovsky. Efficient computation on oblivious RAMs. In Proceedings of the Twenty Second Annual ACM Symposium on Theory of Computing, pages 514--523, May 1990.

....importance. In this paper, we define a suitable model for checking such programs and present checkers for various problems of storage and retrieval. The question of checking a sequence of stores and retrieves from a random access memory has been addressed by the papers of Goldreich[5] and Ostrovsky[6]. These two papers actually solve the harder problem of software protection against a very powerful adversary. Consequently, the overheads involved in checking the sequence of memory accesses is quite large. In this paper, we provide checkers not only for RAMs but also for the more restricted ....

R. Ostrovsky. Efficient computation on oblivious rams. In 22nd ACM Symposium on Theory of Computing, pages 514--523, 1990.

....which interact with memory must check that the output not only follows the problem specification but also is consistent with the input sequence. The question of checking a sequence of stores and retrieves from a random access memory has been addressed by the papers of Goldreich [9] and Ostrovsky [18]. These two papers actually solve the harder problem of software protection against a very powerful adversary. Consequently, the overheads involved in checking the sequence of memory accesses is quite large. In this paper, we provide checkers not only for RAMs but also for the more restricted ....

....v (i concatenated with v) This prevents the adversary from making up values for memory locations, but it does not prevent the write once (or replay) attack. That is, the adversary might continue to return old, obsolete value, tag pairs from a location. A similar problem was addressed in [9] and [18]. We address the problem in section 5.1.2. 3.3 Universal one way hash functions The advantage of this technique is that it assumes only a reliable but not secret memory for the checker. Let U be a family of functions where 8f 2 U , f : D 7 R. Following Naor and Yung [17] we say that U is a ....

R. Ostrovsky, Efficient computation on oblivious rams, Proc. 22nd ACM Symposium on Theory of Computing, pages 514--523, 1990.

....(resp. digital signature) scheme. The scheme supports not only insert and delete but also cut and paste. The updates require a logarithmic (in the message length) number of applications of the given (non incremental) scheme. It uses 2 3 trees. Encryption. We extend ideas on software protection [Go, Os] to provide the first incremental encryption scheme. The efficiency here is however not as good as for our signature schemes. 1.4 From theory to practice Instantiation. The schemes specified above are defined in terms of abstract primitives: the XOR scheme can use any PRF and the tree scheme ....

....access pattern. The translation from oblivious simulation of RAM to an incremental encryption scheme is quite obvious: the role of the processor is played by the user, whereas the remote memory is associated with the encryption. A software protection scheme with polylogarithmic overhead exists [Os], but is also amortized, and using this results in an incremental encryption scheme whose efficiency is in the end not better than that of the trivial solution above. However the ideas of the software protection schemes of [Go, Os] can be adapted to derive an incremental encryption scheme for ....

[Article contains additional citation context not shown here]

R. Ostrovsky. Efficient Computations on Oblivious RAMs. STOC 90.

....3.1. 2 Previous Work A more primitive version of the copy protection application for secure coprocessors appeared in [28, 56] a secureCPU approach using oblivious memory references (i.e. apparently random patterns of memory accesses) giving a poly logarithmic slow down, appears in [18] and [35]. 3.2 Electronic Currency We have shown how to keep licensed proprietary software encrypted and allow only execute access. A natural application is to allow charging on a pay per use or metered basis. In addition to controlling access to the software according to the terms of a license, some ....

Rafail Ostrovsky. Efficient computation on oblivious RAMs. In Proceedings of the Twenty Second Annual ACM Symposium on Theory of Computing, pages 514--523, May 1990.

No context found.

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" M.I.T. Ph.D. thesis in Computer Science, June 1992.

No context found.

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" STOC, 1990.

No context found.

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" M.I.T. Ph.D. thesis in Computer Science, June 1992.

No context found.

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" STOC, 1990.

....an arbitrary RAM by a probabilistic oblivious RAM with a poly logarithmic slowdown in the running time. On the other hand, we show that a logarithmic slowdown is a lower bound. This paper unifies and extends abstracts of [G 87] and [Ost 90] and is a refinement of the second author Ph.D. thesis [Ost 92]. Practical applications of this work appear in U.S. Patent No. 07 395.882 [GO 92] y Current Address: Department of Computer Science and Applied Mathematics, Weizmann Institute of Science, Rehovot, Israel. e mail: oded wisdom.weizmann.AC.IL z Bell Communications Research, 445 South Street, ....

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" M.I.T. Ph.D. thesis in Computer Science, June 1992.

....In particular, we show how to do an on line simulation of an arbitrary RAM by a probabilistic oblivious RAM with a poly logarithmic slowdown in the running time. On the other hand, we show that a logarithmic slowdown is a lower bound. This paper unifies and extends abstracts of [G 87] and [Ost 90] and is a refinement of the second author Ph.D. thesis [Ost 92] Practical applications of this work appear in U.S. Patent No. 07 395.882 [GO 92] y Current Address: Department of Computer Science and Applied Mathematics, Weizmann Institute of Science, Rehovot, Israel. e mail: ....

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" STOC, 1990.

....In particular, we show how to do an on line simulation of an arbitrary RAM input by a probabilistic oblivious RAM with a poly logarithmic slowdown in the running time. On the other hand, we show that a logarithmic slowdown is a lower bound. This paper unifies and extends abstracts of [G] and [Ost]. y Partially supported by the Fund for Promotion of Research at the Technion; Current Addr: Computer Sci. Dept. Technion, Haifa, Israel. e mail: oded cs.technion.AC.IL z University of California at Berkeley and International Computer Science Institute at Berkeley. Supported by an NSF ....

Ostrovsky, R. "Efficient Computation on Oblivious RAMs" STOC, 1990.

No context found.

R. Ostrovsky. Efficient computation on oblivious RAMs. In Proc.of the 22th STOC, pages 514--523, 1990.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC