This library implements an Oblivious RAM (ORAM) for secure enclave applications.
This crate assumes that ORAM clients are running inside a secure enclave architecture that provides memory encryption. It does not perform encryption-on-write and thus is not secure without memory encryption.
The API can be found here along with an example for usage.
Add the following line to the dependencies of your Cargo.toml:
oram = "0.2.0-pre.1"
Rust 1.81 or higher.
- Original Path ORAM paper, which introduced the standard "vanilla" variant of Path ORAM on which this library is based.
- Path ORAM retrospective paper, containing a high-level overview of developments related to Path ORAM.
- Oblix paper, which describes the oblivious stash data structure this library implements.
The authors of this code are Spencer Peters (@spencerpeters) and Kevin Lewi (@kevinlewi). To learn more about contributing to this project, see this document.
Within src/:
lib.rsdefines theOramtrait and public API.path_oram.rsdefines the main ORAM implementation.position_map.rsandstash.rsdefine the oblivious position map and stash respectively.bucket.rsdefines low-level block and bucket structs.linear_time_oram.rscontains a trivial linear-time ORAM implementation used as a base case.database.rsdefines a simple RAM abstraction (to be removed).utils.rscontains utilities related to oblivious sorting and tree index calculations.test_utils.rscontains code shared between tests.
This project is dual-licensed under either the MIT license or the Apache License, Version 2.0. You may select, at your option, one of the above-listed licenses.