0Pricing
Cryptology Academy · Lesson

ORAM in Cloud Storage and Secure Processors

Explore ORAM applications in trusted execution environments (SGX, TrustZone) and encrypted cloud databases.

Intel SGX and Access Pattern Leakage

Intel SGX (Software Guard Extensions) provides hardware-isolated enclaves where code and data are encrypted and authenticated. However, the operating system can still observe which memory pages the enclave accesses by monitoring page table entries. This page-level access pattern can be exploited in side-channel attacks. A classic attack is the "controlled channel attack" by Xu, Cui, and Peinado (2015), which reconstructed RSA keys from SGX memory access patterns.

Cache-Timing Side Channels in SGX

Beyond page-level access patterns, SGX is vulnerable to cache-timing side channels. An attacker sharing the processor can observe cache hits and misses caused by the enclave, inferring fine-grained (cache-line level) access patterns. These attacks work because the CPU cache is shared between the enclave and untrusted code. Mitigations include constant-time programming and ORAM to randomize memory access patterns.

All lessons in this course

  1. The Access Pattern Leakage Threat
  2. Path ORAM: Hiding Memory Access
  3. Circuit ORAM and Practical Performance
  4. ORAM in Cloud Storage and Secure Processors
← Back to Cryptology Academy