Basic implementation of S3ORAM. The full paper is available at https://eprint.iacr.org/2017/819.pdf. This project is built on CodeLite IDE (link: http://codelite.org). It is recommended to install CodeLite to load the full S3ORAM workspace.
- 2017-12-25: S3ORAM now supports more than 3 servers with higher privacy levels.
-
NTL v9.10.0 (download link: http://www.shoup.net/ntl/download.html)
-
ZeroMQ (download link: http://zeromq.org/intro:get-the-software)
All S3ORAM configurations are located in S3ORAM/config.h
.
#define BLOCK_SIZE 128 -> Block size (in bytes)
#define HEIGHT 4 -> Height of S3ORAM Tree
#define BUCKET_SIZE 333 -> Bucket size
#define EVICT_RATE 280 -> Eviction frequency
static const unsigned long long P = 1073742353; -> Prime field (size should be equal to the defined TYPE_DATA)
#define NUM_SERVERS 7 -> Number of servers \ell.
#define PRIVACY_LEVEL 3 -> Privacy level t.
const long long int vandermonde[NUM_SERVERS] -> The first row of inverse of vandermonde matrix (should be defined according to SERVER_ID from 1....n)
const std::string SERVER_ADDR[NUM_SERVERS] -> Server IP addresses
#define SERVER_PORT 5555 -> Define the first port for incremental to generate other ports for client-server / server-server communications
Due to the imperfection of PRF, it is recommended to select BUCKET_SIZE
larger than EVICT_RATE
to avoid bucket overflow.
The folder S3ORAM/data
is required to store generated S3ORAM data structure.
Goto folder S3ORAM/
and execute
make
, which produces the binary executable file named S3ORAM
in S3ORAM/Debug/
.
Run the binary executable file S3ORAM
, which will ask for either Client or Server mode. The S3ORAM implementation can be tested using either single machine or multiple machines:
- Set
SERVER_ADDR
inS3ORAM/config.h
to belocalhost
. - Choose unique
SERVER_PORT
andSERVER_RECV_PORT
for each server entity. - Compile the code with
make
in theS3ORAM/
folder. - Go to
S3ORAM/Debug
and run the compiledS3ORAM
file in different Terminals, each playing the client/server role.
- Copy the binary file
S3ORAM
compiled under the same configuration to running machines. - For first time usage, run the
S3ORAM/Debug/S3ORAM
file on the client machine to initialize the S3ORAM structure first. - Copy the folder
S3ORAM/data/i/
to server i, or follow the instruction on the client machine to transmit all data to corresponding server (It is recommend to manually copy the folder to avoid interuption during tranmission). - For each server i, run the compiled file
S3ORAM
and select the server role (option 2) and the corresponding IDi
.
Since android device is resource-limited, it is recommended to generate ORAM data using resourceful client machine (e.g., desktop/laptop), and then copy generated client local data (S3ORAM/data/client_local/
folder) to the android device for running the experiment. Here the instruction to generate android executable file:
- Download Android NDK (link: https://developer.android.com/ndk/downloads/index.html)
- Add the location of
ndk-build
file (i.e., in$android-ndk-path/build/
) toPATH
environment variable via e.g.,
1. vim ~/.profile
2. add `` export PATH=$PATH:$android-ndk-path/build/`` at the end of the file, where $android-ndk-path is the (absolute) path of the android NDK
3. save and reload the profile
- Goto folder
android-jni/jni
. Open the fileAndroid.mk
and fixSRC_PATH
andNDK_PATH
variables, whereSRC_PATH
is the absolute path to the S3ORAM src code (e.g., $home/S3ORAM/S3ORAM/), andNDK_PATH
is the absolute path to the Android NDK (e.g., $home/$android-ndk-path). - Disable
NTL_LIB
macro in fileS3ORAM/config.h
. - Goto folder
android-jni/jni
, executendk-build
command, which will generate executable files3oram_client
and library filelibgnustl_shared.so
inandroid-jni/libs/armeabi/
folder. - Create a folder named
s3oram
in the android phone (viaadb shell
). Insides3oram
folder, create a folder namedbin
. - Copy files
s3oram_client
andlibgnustl_shared.so
to folders3oram/bin/
in the android phone viaadb push
. Copy S3ORAM client data folder (i.e.,S3ORAM/data/client_local/
) tos3oram/
in the android phone. - Access to the Android phone via
adb shell
. Set the LD_LIBRARY_PATH tos3oram/bin/
export LD_LIBRARY_PATH=$home/s3oram/bin
- Locate to folder
s3oram/bin
, run the files3oram_client
to run the program.
For any inquiries, bugs, and assistance on building and running the code, please contact Thang Hoang ([email protected]).