Efficient Oblivious Permutation via the Waksman Network

Abstract

Memory accesses to data stored on an untrusted server are known to leak information, even if the data is encrypted. The oblivious permutation (OP) is a key primitive for algorithms and protocols that are designed to hide these client accesses to the server. An OP algorithm permutes outsourced data blocks according to a given permutation without revealing the permutation to the server. Existing solutions strive to use only O (B) bits of client memory when permuting n blocks each of B bits. State-of-the-art O (B) bit solutions, require an optimal O (n log n) I/Os to complete. However, the hidden constant factor is at least $19600$. In this work, we depart from this memory constraint and, in pursuit of an I/O efficient algorithm, consider the context of cloud storage where a client can have a larger amount of private memory. We propose an algorithm, WaksmanOP, that uses 2n + o(n) + 2B bits of client storage and permutes data in at most 4n log n - 3.6n I/Os. WaksmanOP is based on the Waksman network and involves a novel routing algorithm that carefully configures network switch settings using small client space. We implement WaksmanOP and compare it with existing solutions. Compared to practical methods based on sorting, WaksmanOP reduces the number of I/Os by a log n factor and uses significantly less client space than methods based on shuffling for large values of B. (e.g., 41MB vs. 6.4GB of private memory to permute 16TB of data).