Practical ORAM delegation for untrusted memory on cloud servers

Assignee

• University of Pittsburgh—Of the Commonwealth System of Higher Education · US

Inventors

• Rujia Wang · Chicago, US
• Jun Yang · Nanhu, CN
• YouTao Zhang · Pittsburgh, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2212/1052
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

An apparatus including (i) a processor including a plurality of main buffer on board (BOB) memory controllers (MCs) and a secure engine, (ii) a plurality of simple BOB MCs, (iii) a secure delegator, and (iv) a plurality of memory modules. The secure delegator coupled to a first main BOB MC and a first simple BOB MC creates a secure channel. A second main BOB MC coupled to a second simple BOB MC creates a non-secure channel. The plurality of main BOB MCs, the secure engine and the secure delegator are provided within a trusted computing base (TCB) of the apparatus and the plurality of simple BOB MCs and the plurality of memory modules are provided outside the TCB. The secure delegator is configured to: (i) secure communication between the first main BOB MC and the secure delegator, and (ii) perform Path ORAM accesses to the plurality of memory modules.