Oblivious Computation and Storage: Building a More Secure Cloud

Emil Stefanov, UC Berkeley

As cloud computing becomes increasingly popular, organizations face greater security threats. Public clouds have become a central point of attack and successful compromises can cause potentially billions of dollars of damage. Physical attacks on data center machines are very concerning because an attacker can gain full control of the machines and circumvent software protections.

We present an efficient processor architecture that allows us to build a more secure cloud that is resistant against physical attacks. We are able to achieve full security against malicious adversaries by only trusting and securing the CPU of a machine. We can leverage commodity components such as DRAM, hard drives, and network interfaces without requiring that they be secured against physical attacks. We achieve this by designing a novel Oblivious RAM algorithm ideal for hardware and building a memory controller that hides access patterns to DRAM and storage. The memory controller is integrated into the CPU and makes data dependent computation indistinguishable to an adversary.

Speaker Biography

Emil Stefanov is a 5th year graduate student at UC Berkeley working with Professor Dawn Song. His research interests include systems security, privacy, and applied cryptography focusing on secure cloud computing and privacy-preserving storage outsourcing. Some of his recent research topics include oblivious ram, secure processor architecture, searchable encryption, integrity verified file systems, dynamic proofs of retrievability, and private set intersection. Before joining UC Berkeley, Emil got his B.S. degree in Computer Science from Purdue University in 2009, and is expected to defend his Ph.D. in the summer of this year.

Emil was awarded an NSF graduate fellowship in 2009 and an NDSEG graduate fellowship in 2011. He is a coauthor of 15 conference proceeding papers and 5 journal papers, and has won a best paper award, an AT&T Best Applied Security Paper Award in 2012, and an AT&T best applied security paper finalist award in 2013. Besides his academic experience, Emil has also worked for a short time for NVIDIA, Microsoft, RSA labs, and Motorola as a summer intern.