ORAMFS: Achieving Storage-Agnostic Privacy
Key | Action |
---|---|
K or space | Play / Pause |
M | Mute / Unmute |
C | Select next subtitles |
A | Select next audio track |
V | Show slide in full page or toggle automatic source change |
left arrow | Seek 5s backward |
right arrow | Seek 5s forward |
shift + left arrow or J | Seek 10s backward |
shift + right arrow or L | Seek 10s forward |
control + left arrow | Seek 60s backward |
control + right arrow | Seek 60s forward |
shift + down arrow | Decrease volume |
shift + up arrow | Increase volume |
shift + comma | Decrease playback rate |
shift + dot or shift + semicolon | Increase playback rate |
end | Seek to end |
beginning | Seek to beginning |
Share this media
HLS video stream
You can use an external player to play this stream (like VLC).
HLS video streamInformation on this media
Links:
Number of views:
25 (this month: 1)Creation date:
July 7, 2021Speakers:
Nils Amiet & Tommaso GagliardoniLicense:
CC BY-SA v4Description
You may believe traditional storage encryption is enough to protect the privacy of your data at rest, even in untrusted environments. Think twice: Access pattern leakage can, in many cases, reveal sensitive information to an attacker. For example, a malicious cloud provider can still see whether a user performs read or write operations and which part of the data is accessed, even if all of the data is encrypted.
Oblivious Random Access Machines (ORAMs) are cryptographic schemes that hide both data and access patterns. This obfuscation is achieved by making redundant read/write operations and encrypting, re-randomizing, and shuffling the blocks composing the storage layer on every access. The resulting loss of performance is a tradeoff that allows to turn untrusted storage into a trusted one solely via software. However, existing solutions are cumbersome for the user, requiring the storage provider to support the ORAM scheme.
We implemented oramfs: an open source, cloud- and storage-agnostic, resizable ORAM client written in Rust that offers privacy features beyond encryption. In this talk, we look at how a practical ORAM scheme such as PathORAM works, give some background about oramfs, and show how it can be used to protect data resting on untrusted storage.
Nils is a Senior Security Engineer on Kudelski Security’s research team performing research on various topics including privacy, authentication, big data analytics, and internet scanning. He also writes blog posts on various topics for Kudelski’s research blog. Nils likes open source software and has presented his research at DEF CON and Black Hat Arsenal. He was part of creating a massively distributed system for breaking RSA public keys.
Tommaso Gagliardoni is a cryptographer, privacy hacktivist, and quantum security expert. He works as a researcher and innovation leader at Swiss-American cybersecurity company Kudelski Security. Tommaso published many influential peer-reviewed papers in the areas of cryptography, quantum computing, security, and privacy, and spoke at many international conferences in these fields. He obtained an M.Sc. in Mathematics at the University of Perugia, Italy, and a PhD at the Technical University of Darmstadt, Germany, with a dissertation on the quantum security of cryptographic primitives. Before joining Kudelski Security, he worked in the Security and Privacy group at IBM Research Zurich.
Other media in the channel "2021"
46 views, 1 this monthMeet Piotr, a firmware emulation tool for trainers and researchersJuly 7th, 2021
11 views, 1 this monthIn Search of Lost Time: A Review of JavaScript Timers in BrowsersJuly 7th, 2021
42 views, 1 this monthRevisiting the Art of Encoder-Fu for novel shellcode obfuscation techniquesJuly 7th, 2021
15 views, 1 this monthATT&CKing Kubernetes: A technical deep dive into the new ATT&CK for ContainersJuly 7th, 2021
25 views, 1 this monthSecurity alerting made easy using PythonJuly 7th, 2021
12 views, 1 this monthHome-Made Distributed BlocklistJuly 7th, 2021