Oblivious outsourced storage with delegation

M. Franz, P. Williams, B. Carbunar, S. Katzenbeisser, Andreas Peter, R. Sion, M. Sotakova

    Research output: Contribution to conferencePaperAcademicpeer-review

    21 Citations (Scopus)
    4 Downloads (Pure)


    In the past few years, outsourcing private data to untrusted servers has become an important challenge. This raises severe questions concerning the security and privacy of the data on the external storage. In this paper we consider a scenario where multiple clients want to share data on a server, while hiding all access patterns. We propose here a first solution to this problem based on Oblivious RAM (ORAM) techniques. Data owners can delegate rights to external new clients enabling them to privately access portions of the outsourced data served by a curious server. Our solution is as efficient as the underlying ORAM constructs and allows for delegated read or write access while ensuring strong guarantees for the privacy of the outsourced data. The server does not learn anything about client access patterns while clients do not learn anything more than what their delegated rights permit.
    Original languageUndefined
    Number of pages14
    Publication statusPublished - 4 Mar 2011
    Event15th International Conference on Financial Cryptography and Data Security, FC 2011 - Gros Islet, St. Lucia
    Duration: 28 Feb 20114 Mar 2011


    Conference15th International Conference on Financial Cryptography and Data Security, FC 2011
    Other28 February - 04 March 2011


    • IR-87351
    • EWI-23753
    • Outsourced
    • Storage
    • Oblivious
    • Delegation
    • SCS-Cybersecurity

    Cite this