# Software protection and simulation on oblivious RAMs

@article{Ostrovsky1996SoftwarePA, title={Software protection and simulation on oblivious RAMs}, author={Rafail Ostrovsky}, journal={J. ACM}, year={1996}, volume={43}, pages={431-473} }

Software protection is one of the most important issues concerning computer practice. There exist many heuristics and ad-hoc methods for protection, but the problem as a whole has not received the theoretical treatment it deserves. In this paper, we provide theoretical treatment of software protection. We reduce the problem of software protection to the problem of efficient simulation on oblivious RAM.
A machine is oblivious if thhe sequence in which it accesses memory locations is equivalent…

## Topics from this paper

## 1,507 Citations

Oblivious RAMs without cryptogrpahic assumptions

- Computer Science, MathematicsSTOC '10
- 2010

It is shown that simulation with an oblivious, coin-flipping RAM, with only a factor of ln increase in time and space requirements, is possible, even without any cryptographic assumptions.

Differentially Oblivious Turing Machines

- Computer ScienceITCS
- 2021

It is shown that any Turing machine computation can be generically compiled into a differentially oblivious one with only doubly logarithmic overhead, the first unconditional separation between obliviousness and differential obliviousness in the most natural setting of parameters where is a constant and δ is negligible.

Is There an Oblivious RAM Lower Bound?

- Computer Science, MathematicsITCS
- 2016

The lower bound on the overhead required to obliviously simulate programs, due to Goldreich and Ostrovsky, is revisited and it is proved that for the offline case, showing a lower bound without the above restriction is related to the size of the circuits for sorting.

Optimal Oblivious Parallel RAM

- Computer ScienceIACR Cryptol. ePrint Arch.
- 2020

It is shown that any Parallel RAM with memory capacity N can be obliviously simulated in space O(N), incurring only O(logN) blowup in (amortized) total work as well as in depth, and provides an essentially optimal OPRAM scheme.

Perfectly Oblivious (Parallel) RAM Revisited, and Improved Constructions

- Computer ScienceITC
- 2021

The performance metrics for perfect ORAM/OPRAM, and novel constructions that achieve asymptotical improvements for all performance metrics are revisited, and high-probability performance bounds that match the expected bounds are proved.

On the Depth of Oblivious Parallel RAM T -

- 2017

Oblivious Parallel RAM (OPRAM), first proposed by Boyle, Chung, and Pass, is the natural parallel extension of Oblivious RAM (ORAM). OPRAM provides a powerful cryptographic building block for hiding…

OptORAMa : Optimal Oblivious RAM Gilad Asharov

- 2019

Oblivious RAM (ORAM), first introduced in the ground-breaking work of Goldreich and Ostrovsky (STOC ’87 and J. ACM ’96) is a technique for provably obfuscating programs’ access patterns, such that…

Trace oblivious computation

- Computer ScienceSPLASH
- 2015

This thesis work adopts a language design approach to facilitate users to develop efficient oblivious applications and design languages and security type systems to support efficient algorithm implementations, while formally enforcing obliviousness.

Using Predicated Instructions in Oblivious Data Structures

- Computer Science
- 2020

It is shown that the program runtimes can be reduced and the effectiveness strongly depends on the control-flow of the input program.

Distributed Oblivious RAM for Secure Two-Party Computation

- Computer ScienceTCC
- 2013

We present a new method for secure two-party Random Access Memory (RAM) program computation that does not require taking a program and first turning it into a circuit. The method achieves logarithmic…

## References

SHOWING 1-10 OF 57 REFERENCES

Efficient computation on oblivious RAMs

- Computer ScienceSTOC '90
- 1990

This paper shows how to do an on-line simulation of an arbitrary RAM program by a probabilistic RAM whose memory access pattern is independent of the program which is being executed, and with a poly-logarithmic slowdown in the running time.

Towards a theory of software protection and simulation by oblivious RAMs

- Computer ScienceSTOC
- 1987

This paper distill and formulate the key problem of learning about a program from its execution, and presents an efficient way of executing programs such that it is infeasible to learn anything about the program by monitoring its executions.

Cryptographic defense against traffic analysis

- Computer ScienceSTOC '93
- 1993

A model which allows us formally to define “untraceability” of messages in a network of synchronously communicating processors is presented, using such cryptographic techniques as secure multiparty computation and non-interactive zero-knowledge proof.

Checking the correctness of memories

- Computer Science[1991] Proceedings 32nd Annual Symposium of Foundations of Computer Science
- 1991

The notion of program checking is extended to include programs that alter their environment, in particular, programs that store and retrieve data from memory, where n is the size of the structure.

Pseudo-random generators under uniform assumptions

- Computer ScienceSTOC '90
- 1990

The main result of this paper is to indeed prove that oneway functions in the uniform model imply uniformly secure generators.

Relations Among Complexity Measures

- Computer ScienceJACM
- 1979

It is shown that n steps of the computation of an arbitrary machine with one- dimensional tapes can be performed by a combinational logic network of cost O( n log n) and delay O(n) and the results are the best possible, at least insofar as on-hne simulation is concerned.

Pseudo-random permutation generators and cryptographic composition

- Computer ScienceSTOC '86
- 1986

Part of the cryptographic folklore is that cryptographic composition increases security, and this paper formalizes the notions of cryptographic composition and partial security in this paper and proves that indeed the folklore is correct, i.e. the cryptographic composition of two partially secure permutations generators yields a more secure permutation generator.

Designing programs that check their work

- Computer Science, MathematicsSTOC '89
- 1989

This paper defines the concept of a program checker, designs program checkers for a few specific and carefully chosen problems in the class P of problems solvable in polynomial time and characterizes the problems that can be checked.

How to generate cryptographically strong sequences of pseudo random bits

- Mathematics, Computer Science23rd Annual Symposium on Foundations of Computer Science (sfcs 1982)
- 1982

A general algorithmic scheme for constructing polynomial-time deterministic algorithms that stretch a short secret random input into a long sequence of unpredictable pseudo-random bits is presented.

Protecting externally supplied software in small computers

- Engineering, Computer Science
- 1980

This thesis employs two tools to achieve the security requirements of vendors of external software: tamper-resistant modules (TRMs) and cryptographic techniques.