Differentially Private Oblivious RAM

State-of-the-art mechanisms for oblivious RAM (ORAM) suffer from significant bandwidth overheads (greater than 100x) that impact the throughput and latency of memory accesses. This renders their deployment in high-performance and bandwidth-constrained applications difficult, motivating the design of lowoverhead approaches for memory access obfuscation. We introduce and formalize the notion of a differentially private ORAM that provides statistical privacy guarantees, and which to the extent of our knowledge, is the first of its kind. We present Root ORAM, a family of practical ORAMs that allow tunable trade-offs between system security and desired bandwidth overhead, and that provide the rigorous privacy guarantees of a differentially private ORAM. We demonstrate the practicality of Root ORAM using theoretical analysis, simulations, as well as real world experiments on Amazon EC2. Our theoretical analysis rigorously quantifies the privacy offered by Root ORAM and provably bounds the information leaked from observing memory access patterns. We also show that the simplest protocol in the Root ORAM family requires a bandwidth of a mere 10 blocks, at the cost of rigorously quantified security loss, and that this number is independent of the number of outsourced blocks N. This is an order of magnitude improvement over the state-of-theart ORAM schemes such as Path ORAM, which incurs a bandwidth overhead of 10 · logN blocks.