Publicação
Improving Confidential BFT State Machine Replication
| Resumo: | The Byzantine Fault-Tolerant (BFT) state machine replication technique satisfies the integrity and availability of a service even if a fraction of its replicas fail arbitrarily, either by crashing or presenting malicious behaviour. Confidentiality can also be achieved in BFT systems using Secret Sharing to ensure that malicious parties cannot decipher the stored information. Despite this, access patterns can still be leaked to an attacker and potentially reveal the ciphered information, especially if there is some knowledge about its nature. The goal of this thesis is to build a system implementing BFT State Machine Replication not only with Integrity, Availability and Confidentiality but also Access Pattern Privacy. To achieve access pattern privacy, and give an additional layer of protection to the existing solutions, Oblivious RAM was used. When retrieving information, Oblivious RAM not only retrieves and updates that desired piece of information but also other items stored, to make the operation oblivious. Moreover, this solution was implemented with support for multiple clients, to improve the usability and real-world applicability of the developed work. When compared with the existing ORAM literature, our solution ensures a further layer of security, because of its integration with BFT and Secret Sharing. Furthermore, the developed solution was implemented and compared with other Oblivious RAM constructions, to show its efficiency and evaluate its performance. The obtained results were favourable, making this work a practical Oblivious RAM with support for concurrent clients, while at the same time supporting multiple servers subject to Byzantine failures. |
|---|---|
| Autores principais: | Santos, Cristiano Miguel Coutinho dos |
| Assunto: | Oblivious RAM Armazenamento Seguro Tolerância a Faltas Bizantina Confidencialidade Privacidade de Padrão de Acesso Teses de mestrado - 2024 |
| Ano: | 2024 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso aberto |
| Instituição associada: | Universidade de Lisboa |
| Idioma: | inglês |
| Origem: | Repositório da Universidade de Lisboa |
| Resumo: | The Byzantine Fault-Tolerant (BFT) state machine replication technique satisfies the integrity and availability of a service even if a fraction of its replicas fail arbitrarily, either by crashing or presenting malicious behaviour. Confidentiality can also be achieved in BFT systems using Secret Sharing to ensure that malicious parties cannot decipher the stored information. Despite this, access patterns can still be leaked to an attacker and potentially reveal the ciphered information, especially if there is some knowledge about its nature. The goal of this thesis is to build a system implementing BFT State Machine Replication not only with Integrity, Availability and Confidentiality but also Access Pattern Privacy. To achieve access pattern privacy, and give an additional layer of protection to the existing solutions, Oblivious RAM was used. When retrieving information, Oblivious RAM not only retrieves and updates that desired piece of information but also other items stored, to make the operation oblivious. Moreover, this solution was implemented with support for multiple clients, to improve the usability and real-world applicability of the developed work. When compared with the existing ORAM literature, our solution ensures a further layer of security, because of its integration with BFT and Secret Sharing. Furthermore, the developed solution was implemented and compared with other Oblivious RAM constructions, to show its efficiency and evaluate its performance. The obtained results were favourable, making this work a practical Oblivious RAM with support for concurrent clients, while at the same time supporting multiple servers subject to Byzantine failures. |
|---|