We present Onion ORAM, a constant bandwidth Oblivious RAM (ORAM) that leverages poly-logarithmic server computation to circumvent the logarithmic ORAM lower bound. Our construction does not rely on Fully Homomorphic Encryption, but employs an efficient additive homomorphic encryption scheme such as the Damgard-Jurik cryptosystem. Homomorphic operations on the encrypted blocks introduce onion layers of encryption - hence the name Onion ORAM. We propose novel techniques to prove security against a malicious server, without resorting to expensive and non-standard techniques such as SNARKs. To the best of our knowledge, Onion ORAM is the first concrete instantiation of a constant-bandwidth ORAM (even for the semi-honest setting).
↧