ORAMFS: Achieving Storage-Agnostic Privacy
Action | Key |
---|---|
Play / Pause | K or space |
Mute / Unmute | M |
Select next subtitles | C |
Select next audio track | A |
Show slide in full page or toggle automatic source change | V |
Seek 5s backward | left arrow |
Seek 5s forward | right arrow |
Seek 10s backward | shift + left arrow or J |
Seek 10s forward | shift + right arrow or L |
Seek 60s backward | control + left arrow |
Seek 60s forward | control + right arrow |
Decrease volume | shift + down arrow |
Increase volume | shift + up arrow |
Decrease playback rate | shift + comma |
Increase playback rate | shift + dot or shift + semicolon |
Seek to end | end |
Seek to beginning | beginning |
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamWhen subscribed to notifications, an email will be sent to you for all added annotations.
Your user account has no email address.
Information on this media
You may believe traditional storage encryption is enough to protect the privacy of your data at rest, even in untrusted environments. Think twice: Access pattern leakage can, in many cases, reveal sensitive information to an attacker. For example, a malicious cloud provider can still see whether a user performs read or write operations and which part of the data is accessed, even if all of the data is encrypted.
Oblivious Random Access Machines (ORAMs) are cryptographic schemes that hide both data and access patterns. This obfuscation is achieved by making redundant read/write operations and encrypting, re-randomizing, and shuffling the blocks composing the storage layer on every access. The resulting loss of performance is a tradeoff that allows to turn untrusted storage into a trusted one solely via software. However, existing solutions are cumbersome for the user, requiring the storage provider to support the ORAM scheme.
We implemented oramfs: an open source, cloud- and storage-agnostic, resizable ORAM client written in Rust that offers privacy features beyond encryption. In this talk, we look at how a practical ORAM scheme such as PathORAM works, give some background about oramfs, and show how it can be used to protect data resting on untrusted storage.
Nils is a Senior Security Engineer on Kudelski Security’s research team performing research on various topics including privacy, authentication, big data analytics, and internet scanning. He also writes blog posts on various topics for Kudelski’s research blog. Nils likes open source software and has presented his research at DEF CON and Black Hat Arsenal. He was part of creating a massively distributed system for breaking RSA public keys.
Tommaso Gagliardoni is a cryptographer, privacy hacktivist, and quantum security expert. He works as a researcher and innovation leader at Swiss-American cybersecurity company Kudelski Security. Tommaso published many influential peer-reviewed papers in the areas of cryptography, quantum computing, security, and privacy, and spoke at many international conferences in these fields. He obtained an M.Sc. in Mathematics at the University of Perugia, Italy, and a PhD at the Technical University of Darmstadt, Germany, with a dissertation on the quantum security of cryptographic primitives. Before joining Kudelski Security, he worked in the Security and Privacy group at IBM Research Zurich.
Other media in the channel "2021"
- 47 views, 1 this yearMeet Piotr, a firmware emulation tool for trainers and researchersJuly 7th, 2021
- 11 viewsIn Search of Lost Time: A Review of JavaScript Timers in BrowsersJuly 7th, 2021
- 42 viewsRevisiting the Art of Encoder-Fu for novel shellcode obfuscation techniquesJuly 7th, 2021
- 17 views, 2 this year, 1 this monthATT&CKing Kubernetes: A technical deep dive into the new ATT&CK for ContainersJuly 7th, 2021
- 26 views, 2 this yearSecurity alerting made easy using PythonJuly 7th, 2021
- 12 viewsHome-Made Distributed BlocklistJuly 7th, 2021