revisiting square root oram
play

Revisiting Square Root ORAM Efficient Random Access in Multi-Party - PowerPoint PPT Presentation

Oct 10, 2022 •239 likes •504 views

Revisiting Square Root ORAM Efficient Random Access in Multi-Party Computation Samee Zahur Xiao Wang Mariana Raykova Adri Gascn Jack Doerner Jonathan Katz David Evans oblivc.org/sqoram Secure multi-party computation applications Set

  1. Revisiting Square Root ORAM Efficient Random Access in Multi-Party Computation Samee Zahur Xiao Wang Mariana Raykova Adrià Gascón Jack Doerner Jonathan Katz David Evans oblivc.org/sqoram

  2. Secure multi-party computation applications Set intersection Iris code matching [FNP04] [LCPLB12] Matrix factorization for recommendations [NIWJTB13] Median computation Linear ridge-regression [AMP04] [NWIJBT13]

  3. Random Access

  4. Hiding access pattern Linear scan Oblivious RAM Access every element Continually shuffle elements around Per-access cost: Θ(log 𝑞 𝑜) Per-access cost: Θ 𝑜

  5. Linear scan Figure from: Wang, Chan, Shi. Cir ircuit it Oram am . CCS’15

  6. (our work) 6

  7. Approach: revisit old schemes Classic “square root” scheme by Goldreich and Ostrovsky (1996). Considered slow for MPC because of per-access hash evaluation. Per-access amortized cost: Θ 𝑜 log 𝑜

  8. Four-element ORAM Larger Sizes

  9. 4-Block ORAM Cost: 5 𝐶 + 𝐶 +2 𝐶 +3 𝐶 + … = 11 𝐶 every 3 accesses

  10. Comparison Our scheme Linear scan Cost: 4 𝐶 = 12 𝐶 /3 Cost: 11 𝐶 /3

  11. Four-element ORAM Larger Sizes

  12. Position map 0 1 2 3 0 1 2 3 3 0 2 1 1 3 0 2

  13. Keeping position map updated Position map

  14. Keeping position map updated Position map

  15. Rinse and repeat 1. Shuffle elements 2. Recreate position map 3. Service 𝑈 = 𝑜 log 𝑜 accesses

  16. Creating position map

  17. Creating position map

  18. Inverse permutation 𝑞 𝜌 𝐵 ⋅ 𝑞 𝜌 𝐶 = 𝜌 𝐵 ⋅ 𝑞 𝜌 𝐵

  19. Inverse permutation 𝜌 𝐵 𝜌 𝐶 𝜌 𝐶 = 𝜌 𝐵 ⋅ 𝑞 𝜌 𝐵 Bob computes −1 ⋅ 𝜌 𝐵 −1 = 𝑞 −1 ⋅ 𝜌 𝐵 𝜌 𝐶 −1 𝜌 𝐶 = 𝑞 −1 ⋅ 𝜌 𝐵 −1 ⋅ 𝜌 𝐵 = 𝑞 −1

  20. Rinse and repeat 1. Shuffle elements at Θ 𝑜 log 𝑜 2. Recreate position map 3. Service 𝑈 = 𝑜 log 𝑜 accesses

  21. Access time

  22. Initialization cost

  23. Benchmarks Circuit Square-root Task Parameters Linear scan ORAM ORAM 2 10 searches 1020 s 5041 s 825 s Binary search 2 15 elements 2 10 vertices Breadth-first 4570 s 3750 s 680 s 2 13 edges search 2 9 pairs - 189000 s 119000 s Stable matching ≈ 7 days 2850 s 1920 s N = 2 14 scrypt hashing

  24. Conclusion We revisited a well-known scheme and used it to • Lower initialization cost • Improve breakeven point Shows that asymptotic costs are not the final word, concrete costs require more consideration.

  25. Download oblivc.org/sqoram Contact for help: Samee Zahur <samee@virginia.edu>

Recommend

Square Root of Not: Square Root of Not: . . . A Major Difference Between Square Root of

Square Root of Not: Square Root of Not: . . . A Major Difference Between Square Root of

Quantum Mechanics Quantum Logic Alternative Quantum . . . Square Root of Not: . . . Square Root of Not: Square Root of Not: . . . A Major Difference Between Square Root of Not Is . . . Why Factoring Large . . . Fuzzy and Quantum

381 views • 17 slides
Towards Practical ORAM Guevara Noubir College of Computer and Information Science Northeastern

Towards Practical ORAM Guevara Noubir College of Computer and Information Science Northeastern

Towards Practical ORAM Guevara Noubir College of Computer and Information Science Northeastern University, Boston, MA noubir@ccs.neu.edu 1 Outline Motivation Model Original Papers [1987 - 1996] Square root ORAM &amp;

1.06k views • 77 slides
5/15/2019 Square Root - Direct Method Square Root - Direct Method In IEEE floating point standard

5/15/2019 Square Root - Direct Method Square Root - Direct Method In IEEE floating point standard

5/15/2019 Square Root - Direct Method Square Root - Direct Method In IEEE floating point standard a real number is To help the calculation of represented as : 1 2 the representation of R must be changed into = 1

167 views • 4 slides
Clustering and K-means Root Mean Square Error (RMS) Data: ! x 1 , ! x 2 , , ! x N R d

Clustering and K-means Root Mean Square Error (RMS) Data: ! x 1 , ! x 2 , , ! x N R d

Clustering and K-means Root Mean Square Error (RMS) Data: ! x 1 , ! x 2 , , ! x N R d Approximations: ! z 1 , ! z 2 , , ! z N R d x i ! ! N 1 2 Root Mean Square error = y i 2 z N i = 1 PCA based predic&gt;on Data: !

766 views • 17 slides
Course on Inverse Problems Albert Tarantola Lesson XV: Square Root Variable Metric Algorithm The

Course on Inverse Problems Albert Tarantola Lesson XV: Square Root Variable Metric Algorithm The

Institut de Physique du Globe de Paris &amp; Universit Pierre et Marie Curie (Paris VI) Course on Inverse Problems Albert Tarantola Lesson XV: Square Root Variable Metric Algorithm The Square Root Variable Metric Algorithm for Least-Squares

316 views • 13 slides
Design of the ARM VFP-11 Divide and Square Root Synthesisable Macrocell Neil Burgess Chris

Design of the ARM VFP-11 Divide and Square Root Synthesisable Macrocell Neil Burgess Chris

Design of the ARM VFP-11 Divide and Square Root Synthesisable Macrocell Neil Burgess Chris Hinds School of Engineering ARM Design Center Cardiff University Cambridge WALES, UK UK Key points New high-performance radix-4 SRT square

589 views • 26 slides
Aarhus MPC workshop 2016 *Joint work with Travis Mayberry and Erik-Oliver Blass Part I ORAM

Aarhus MPC workshop 2016 *Joint work with Travis Mayberry and Erik-Oliver Blass Part I ORAM

Tarik Moataz June 2 nd 2016 Aarhus MPC workshop 2016 *Joint work with Travis Mayberry and Erik-Oliver Blass Part I ORAM Overview Part II C-ORAM*: Constant Communication ORAM with homomorphic Encryption Part III CH f -ORAM**: Constant

957 views • 52 slides
The smoothed multivariate square-root Lasso: an optimization lens on concomitant estimation

The smoothed multivariate square-root Lasso: an optimization lens on concomitant estimation

The smoothed multivariate square-root Lasso: an optimization lens on concomitant estimation Joseph Salmon http://josephsalmon.eu IMAG, Univ. Montpellier, CNRS Series of works with: Quentin Bertrand (INRIA) Mathurin Massias (University of

881 views • 61 slides
Insights and algorithms for the multivariate square-root lasso Aaron J. Molstad Department of

Insights and algorithms for the multivariate square-root lasso Aaron J. Molstad Department of

Insights and algorithms for the multivariate square-root lasso Aaron J. Molstad Department of Statistics and Genetics Institute University of Florida June 12th, 2020 Statistical Learning Seminar Outline of the talk 1. Multivariate response

1.3k views • 86 slides
The Square Root Phenomenon in Planar Graphs Survey and New Results Dniel Marx Institute for

The Square Root Phenomenon in Planar Graphs Survey and New Results Dniel Marx Institute for

The Square Root Phenomenon in Planar Graphs Survey and New Results Dniel Marx Institute for Computer Science and Control, Hungarian Academy of Sciences (MTA SZTAKI) Budapest, Hungary Dagstuhl Seminar 16221: Algorithms for Optimization

1.19k views • 107 slides
Can we Beat the Square Root Bound for ECDLP over F p 2 via Representation? NutMiC 2019 , Paris

Can we Beat the Square Root Bound for ECDLP over F p 2 via Representation? NutMiC 2019 , Paris

Can we Beat the Square Root Bound for ECDLP over F p 2 via Representation? NutMiC 2019 , Paris Claire Delaplace Alexander May Elliptic Curve O y 4 K : Field of characteristic = 2 , 3 E : y 2 = f ( x ) = x 3 + ax + b 2 x 2 2 4 2

801 views • 52 slides
Can we Beat the Square Root Bound for ECDLP over F p 2 via Representation? JNCF 2020 , Luminy

Can we Beat the Square Root Bound for ECDLP over F p 2 via Representation? JNCF 2020 , Luminy

Can we Beat the Square Root Bound for ECDLP over F p 2 via Representation? JNCF 2020 , Luminy Claire Delaplace Alexander May Elliptic Curve O y 4 K : Field of characteristic = 2 , 3 E : y 2 = f ( x ) = x 3 + ax + b 2 x 2 2 4 2

847 views • 53 slides
JUST THE MATHS SLIDES NUMBER 13.2 INTEGRATION APPLICATIONS 2 (Mean values) &amp; (Root

JUST THE MATHS SLIDES NUMBER 13.2 INTEGRATION APPLICATIONS 2 (Mean values) &amp; (Root

JUST THE MATHS SLIDES NUMBER 13.2 INTEGRATION APPLICATIONS 2 (Mean values) &amp; (Root mean square values) by A.J.Hobson 13.2.1 Mean values 13.2.2 Root mean square values UNIT 13.2 - INTEGRATION APPLICATIONS 2 MEAN &amp; ROOT MEAN

326 views • 6 slides
A Manufacturers Guide to CRM S P E A K E R S Clint Oram, CSO at SugarCRM Ross Peetoom,

A Manufacturers Guide to CRM S P E A K E R S Clint Oram, CSO at SugarCRM Ross Peetoom,

W E B I N A R A Manufacturers Guide to CRM S P E A K E R S Clint Oram, CSO at SugarCRM Ross Peetoom, Director of Operations at Intelestream SugarCRM Elite Partner D A T E March 27, 2019 Speakers Introduction Ross Peetoom Clint Oram

686 views • 30 slides
Extending the square root method to account for model noise in the ensemble Kalman filter Patrick

Extending the square root method to account for model noise in the ensemble Kalman filter Patrick

Extending the square root method to account for model noise in the ensemble Kalman filter Patrick Nima Raanes , 1 , 2 , Alberto Carrassi 1 , and Laurent Bertino 1 1 Nansen Environmental and Remote Sensing Center 2 Mathematical Institute,

659 views • 46 slides
Simple and Efficient Two-Server ORAM Dov Gordon (George Mason U.) Jonathan Katz (U. of Maryland)

Simple and Efficient Two-Server ORAM Dov Gordon (George Mason U.) Jonathan Katz (U. of Maryland)

Simple and Efficient Two-Server ORAM Dov Gordon (George Mason U.) Jonathan Katz (U. of Maryland) Xiao Wang (MIT &amp; Boston U.) What is ORAM Outsourced memory storage, allowing oblivious memory access (read and write). Any 2 sequences

393 views • 25 slides
Vdashneg, Diversity and Square Root Board Inc Initial Design and Intent of the Framework

Vdashneg, Diversity and Square Root Board Inc Initial Design and Intent of the Framework

Vdashneg, Diversity and Square Root Board Inc Initial Design and Intent of the Framework Architecture Interaction among teams. Interaction among teams. Testing Experience Plurals Demo RMI Service Create Start Game

449 views • 14 slides
Formal Verification of a State-of-the-Art Integer Square Root Guillaume Melquiond Rapha el

Formal Verification of a State-of-the-Art Integer Square Root Guillaume Melquiond Rapha el

Introduction Fixed-point Proof Conclusion Formal Verification of a State-of-the-Art Integer Square Root Guillaume Melquiond Rapha el Rieu-Helft Inria, TrustInSoft, Universit e Paris-Saclay June 11th, 2019 Melquiond, Rieu-Helft

766 views • 44 slides
Lecture 8: approximating the square root linear search l = [&quot;The Strokes&quot;, &quot;Bon

Lecture 8: approximating the square root linear search l = [&quot;The Strokes&quot;, &quot;Bon

Lecture 8: approximating the square root linear search l = [&quot;The Strokes&quot;, &quot;Bon Iver&quot;, &quot;Arcade Fire&quot;, &quot;The Black Keys&quot;, &quot;Pixies&quot;, &quot;The White Stripes&quot;, &quot;Neutral Milk Hotel&quot;,

199 views • 5 slides
Bisection Method For Finding Roots Root of function f: Value x such that f(x)=0 Many

Bisection Method For Finding Roots Root of function f: Value x such that f(x)=0 Many

Bisection Method For Finding Roots Root of function f: Value x such that f(x)=0 Many problems can be expressed as finding roots, e.g. square root of w is the same as root of f(x) = x 2 w Requirement: Need to be able to

421 views • 25 slides
Calibrate p values by taking the square root Rutgers Foundations of Probability Seminar

Calibrate p values by taking the square root Rutgers Foundations of Probability Seminar

Calibrate p values by taking the square root Rutgers Foundations of Probability Seminar September 12, 2016 Glenn Shafer 1. Significance levels and p values 2. Game theoretic probability 3. The dynamic nature of game theoretic testing

625 views • 51 slides
Computing the Matrix Square Root in a Matrix Group Nick Higham Department of Mathematics The

Computing the Matrix Square Root in a Matrix Group Nick Higham Department of Mathematics The

Computing the Matrix Square Root in a Matrix Group Nick Higham Department of Mathematics The Victoria University of Manchester higham@ma.man.ac.uk http://www.ma.man.ac.uk/~higham/ Joint work with Niloufer Mackey, D. Steven Mackey, and

507 views • 25 slides
Programming for Business Computing Graphical User Interface Ling-Chieh Kung Department of

Programming for Business Computing Graphical User Interface Ling-Chieh Kung Department of

Basic concepts Example 1: A simple square root calculator Example 2: A scatter plot plotter Example 1B: A cool square root calculator Programming for Business Computing Graphical User Interface Ling-Chieh Kung Department of Information

587 views • 54 slides
PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO

Mario Vuksan &amp; Tomislav PericinBlackHat USA 2013, Las Vegas PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO CONTINUE: PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO PRESS ROOT TO CONTINUE: CONTINUE: CONTINUE: CONTINUE:

690 views • 45 slides

More recommend