Pancake: Frequency Smoothing for Encrypted Data Stores presented at 29thUSENIXSecuritySymposium 2020

by Thomas Ristenpart, Paul Grubbs, Anurag Khandelwal, Rachit Agarwal, Marie-sarah Lacharité, Lloyd Brown, Lucy Li,


Summary : We present PANCAKE, the first system to protect key-value stores from access pattern leakage attacks with small constant factor bandwidth overhead. PANCAKE uses a new approach, that we call frequency smoothing, to transform plaintext accesses into uniformly distributed encrypted accesses to an encrypted data store. We show that frequency smoothing prevents access pattern leakage attacks by passive persistent adversaries in a new formal security model. We integrate PANCAKE into three key-value stores used in production clusters, and demonstrate its practicality: on standard benchmarks, PANCAKE achieves 229× better throughput than non-recursive Path ORAM — within 3–6× of insecure baselines for these key-value stores.