Research On The Technology Of Efficient Privacy Protection Of Data Access Pattern

With the frequent occurrence of data privacy leakage,the data privacy becomes a big issue.In the setting of outsourced storage and computing,a server could be compromised or some internal management errors could happen,which lead to the server be untrusted.As a result,only security policy enforced on the data itself is not enough.Research shows that,in the application of searchable encryption,the server can effectively identify query strings and even obtain the sensitive information related to the data by statistical analysis of the access pattern generated by the queries,such as the access address,access frequency,access sequence or randomness,and the type of operation on the data.To enhance the data security,it is important to protect the privacy of access pattern.Oblivious Random Access Machine(ORAM),Private Information Retrieval(PIR)and its extension,i.e.,Function Secret Sharing(FSS)are the main mechanisms to protect the privacy of access pattern.However,all of them have a big challenge that the efficiency is far from desirable.The cost in storage,communication and computing is huge.How to improve the efficiency of access pattern privacy protection is important while enhancing the data security.The technology how to improve the efficiency of access pattern privacy protection depends on its settings.This paper chooses accessing the data in cloud,synchronizing data to cloud,as well as privacy computing provided by cloud as the settings.Then,the corresponding type of access pattern privacy protections are generated as follows:the read and write access pattern privacy protection when the client is trusted,the write access pattern privacy protection when the client is trusted,and the read and write access pattern privacy protection when there is no trusted party.1.The read and write access pattern privacy protection when the client is trustedAmong all the existing privacy protection schemes,the challenge of efficiency is that the bandwidth and client secure storage are still large,which leads to a high latency when makes a request to a data block.Furthermore,the type of client which can be used to carry on the protection is constrained.Based on the state-of-the-art scheme,i.e.,Ring ORAM,this paper proposes an efficient scheme,i.e.,Cycle ORAM.By studing and carrying on the strategy of adjusting the randomness between the read process and the write process,the client secure storage is reduced.By studing and carrying on the strategy of leveraging the dummy blocks,the write process can be partly executed at the server side,and the bandwidth is reduced.Comparing to Ring ORAM,the secure client storage is reduced from?(log N)to O(1)(N is the total number of data blocks and the unit is the number of data blocks);With the increment of server storage,the bandwidth is reduced to 1/2 of that in Ring ORAM.By reducing the bandwidth and secure storage in client,Cycle ORAM improves the efficiency to read and write data blocks as well as allows more types of client to carry on the privacy protection.2.The write access pattern privacy protection when the client is trustedAmong all the existing privacy protection schemes,the challenge of efficiency is that the bandwidth and communication rounds caused by recursively querying and updating of the position of a data block are still large,which leads to a high latency when makes a request to a data block,especially when the quality of service in network is low.Based on the state-of-the-art scheme,i.e.,Hi VE,this paper proposes an efficient write-only privacy protection scheme,i.e.,CWORAM.With property that the position of a data block in a binary tree does not need to be updated in write-only access pattern privacy protection,the recursive storage and access to the position map are eliminated.Comparing to Hi VE,when the data block size satisfiesB=?(log² N),CWORAM reduces the bandwidth from O(log N)to O(1)and reduces the communication rounds from O(log²N)to O(1).By reducing the bandwidth and communication rounds,CWORAM decreases the affection on latency caused by the low quality of service in network and improves the efficiency to write data blocks.3.The read and write access pattern privacy protection when there is no trusted partyAmong all the existing privacy protection schemes,the challenge of efficiency is that computational complexities both in the Garbled Circuit and in the server are huge,which causes that the data volume involved in privacy computing is limited and the latency of privacy computing is high.Base on the state-of-the-art scheme,i.e.,Floram,this paper proposes an efficient privacy protection scheme,i.e.,Etoram.By transferring the Abelian group of the range of Distributed Point Function(DPF)from the set of data blocks to the set of their access counters,the size of the Abelian group is reduced.When the value of access counters is O(N),comparing to Floram,Etoram reduces the calls of the Pseudo Random Generator(PRG)in the Garbled Circuit from O(log N-log(?/B))to O(log N-log(?/B)-log(?/log(a N))),and reduces the calls of PRG in the server from O(2^{log N-log(?/B)})to O(2^{log N-log(?/B)-log(?/log(a N))}),where?is the security parameter and a is a constant coefficient.By reducing the computational complexities in the Garbled Circuit and in the server,Etoram enlarges the magnitude of data volume and improves the efficiency in private computing.