C++, language-based techniques, side-channel attacks, oblivious memory
Computer Sciences | Information Security | Software Engineering
Infrastructure as a service (IaaS) is an enormously beneficial model for centralized data computation and storage. Yet, existing network-layer and hardware-layer security protections do not address a broad category of vulnerabilities known as side-channel attacks. Over the past several years, numerous techniques have been proposed at all layers of the software/hardware stack to prevent the inadvertent leakage of sensitive data. This report discusses a new technique which integrates seamlessly with C++ programs. We introduce a library, libOblivious, which provides thin wrappers around existing C++ standard template library classes, endowing them with the property of memory-trace obliviousness.
Constable, Scott D. and Chapin, Steve, "libOblivious: A C++ Library for Oblivious Data Structures and Algorithms" (2018). Electrical Engineering and Computer Science - Technical Reports. 184.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.