{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,1]],"date-time":"2026-06-01T23:10:35Z","timestamp":1780355435993,"version":"3.54.1"},"reference-count":50,"publisher":"MDPI AG","issue":"1","license":[{"start":{"date-parts":[[2019,3,25]],"date-time":"2019-03-25T00:00:00Z","timestamp":1553472000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["CNS-1413996"],"award-info":[{"award-number":["CNS-1413996"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"Oblivious RAM (ORAM) is a cryptographic primitive which obfuscates the access patterns to a storage, thereby preventing privacy leakage. So far in the current literature, only \u2018fully functional\u2019 ORAMs are widely studied which can protect, at a cost of considerable performance penalty, against the strong adversaries who can monitor all read and write operations. However, recent research has shown that information can still be leaked even if only the write access pattern (not reads) is visible to the adversary. For such weaker adversaries, a fully functional ORAM turns out to be an overkill, causing unnecessary overheads. Instead, a simple \u2018write-only\u2019 ORAM is sufficient, and, more interestingly, is preferred as it can offer far better performance and energy efficiency than a fully functional ORAM. In this work, we present Flat ORAM: an efficient write-only ORAM scheme which outperforms the closest existing write-only ORAM called HIVE. HIVE suffers from performance bottlenecks while managing the memory occupancy information vital for correctness of the protocol. Flat ORAM introduces a simple idea of Occupancy Map (OccMap) to efficiently manage the memory occupancy information resulting in far better performance. Our simulation results show that, compared to HIVE, Flat ORAM offers \r\n \r\n \r\n \r\n 50\r\n %\r\n \r\n \r\n \r\n performance gain on average and up to \r\n \r\n \r\n \r\n 80\r\n %\r\n \r\n \r\n \r\n energy savings.<\/jats:p>","DOI":"10.3390\/cryptography3010010","type":"journal-article","created":{"date-parts":[[2019,3,27]],"date-time":"2019-03-27T05:03:12Z","timestamp":1553662992000},"page":"10","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":7,"title":["Flat ORAM: A Simplified Write-Only Oblivious RAM Construction for Secure Processors"],"prefix":"10.3390","volume":"3","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-7568-3262","authenticated-orcid":false,"given":"Syed Kamran","family":"Haider","sequence":"first","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Connecticut, Storrs, CT 06269-4157, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Marten","family":"van Dijk","sequence":"additional","affiliation":[{"name":"Department of Electrical and Computer Engineering, University of Connecticut, Storrs, CT 06269-4157, USA"}],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"1968","published-online":{"date-parts":[[2019,3,25]]},"reference":[{"key":"ref_1","unstructured":"Arbaugh, W., Farber, D., and Smith, J. (1997, January 4\u20137). A Secure and Reliable Bootstrap Architecture. Proceedings of the 1997 IEEE Symposium on Security and Privacy, Oakland, CA, USA."},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Sarmenta, L.F.G., van Dijk, M., O\u2019Donnell, C.W., Rhodes, J., and Devadas, S. (2006, January 3). Virtual Monotonic Counters and Count-Limited Objects using a TPM without a Trusted OS. Proceedings of the 1st ACM Workshop on Scalable Trusted Computing (STC\u201906), Alexandria, VA, USA.","DOI":"10.1145\/1179474.1179485"},{"key":"ref_3","unstructured":"Trusted Computing Group (2019, March 24). TCG Specification Architecture Overview Revision 1.2. Available online: https:\/\/trustedcomputinggroup.org\/."},{"key":"ref_4","unstructured":"Grawrock, D. (2006). The Intel Safer Computing Initiative: Building Blocks for Trusted Computing, Intel Press."},{"key":"ref_5","unstructured":"Lie, D., Mitchell, J., Thekkath, C., and Horwitz, M. (2003, January 11\u201314). Specifying and Verifying Hardware for Tamper-Resistant Software. Proceedings of the IEEE Symposium on Security and Privacy, Berkeley, CA, USA."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Lie, D., Thekkath, C., and Horowitz, M. (2003, January 19\u201322). Implementing an Untrusted Operating System on Trusted Hardware. Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, Bolton Landing, NY, USA.","DOI":"10.1145\/945445.945463"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Lie, D., Thekkath, C., Mitchell, M., Lincoln, P., Boneh, D., Mitchell, J., and Horowitz, M. (2000, January 12\u201315). Architectural Support for Copy and Tamper Resistant Software. Proceedings of the 9th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-IX), Cambridge, MA, USA.","DOI":"10.1145\/378993.379237"},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Suh, G.E., Clarke, D., Gassend, B., van Dijk, M., and Devadas, S. (2003). AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. Proceedings of the 17th ICS (MIT-CSAIL-CSG-Memo-474 Is an Updated Version), ACM.","DOI":"10.1145\/782814.782838"},{"key":"ref_9","unstructured":"Suh, G.E., O\u2019Donnell, C.W., Sachdev, I., and Devadas, S. (2005, January 4\u20138). Design and Implementation of the AEGIS Single-Chip Secure Processor Using Physical Random Functions. Proceedings of the 32nd Annual International Symposium on Computer Architecture (ISCA\u201905), Madison, MI, USA."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Fletcher, C., van Dijk, M., and Devadas, S. (2012, January 15). Secure Processor Architecture for Encrypted Computation on Untrusted Programs. Proceedings of the 7th ACM CCS Workshop on Scalable Trusted Computing, Raleigh, NC, USA.","DOI":"10.1145\/2382536.2382540"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Maas, M., Love, E., Stefanov, E., Tiwari, M., Shi, E., Asanovic, K., Kubiatowicz, J., and Song, D. (2013, January 4\u20138). Phantom: Practical oblivious computation in a secure processor. Proceedings of the 2013 ACM SIGSAC conference on Computer & Communications Security, Berlin, Germany.","DOI":"10.1145\/2508859.2516692"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"McKeen, F., Alexandrovich, I., Berenzon, A., Rozas, C.V., Shafi, H., Shanbhogue, V., and Savagaonkar, U.R. (2013, January 23\u201324). Innovative instructions and software model for isolated execution. Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (HASP \u201913), Tel-Aviv, Israel.","DOI":"10.1145\/2487726.2488368"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Zhuang, X., Zhang, T., and Pande, S. (2004, January 7\u201313). HIDE: An infrastructure for efficiently protecting information leakage on the address bus. Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Boston, MA, USA.","DOI":"10.1145\/1024393.1024403"},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"431","DOI":"10.1145\/233551.233553","article-title":"Software protection and simulation on oblivious RAMs","volume":"43","author":"Goldreich","year":"1996","journal-title":"J. ACM"},{"key":"ref_15","unstructured":"Boneh, D., Mazieres, D., and Popa, R.A. (2019, March 24). Remote Oblivious Storage: Making Oblivious RAM Practical. Available online: http:\/\/dspace.mit.edu\/bitstream\/handle\/1721.1\/62006\/MIT-CSAIL-TR-2011-018.pdf."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Damg\u00e5rd, I., Meldgaard, S., and Nielsen, J.B. (2011). Perfectly Secure Oblivious RAM without Random Oracles. Theory of Cryptography Conference, Springer.","DOI":"10.1007\/978-3-642-19571-6_10"},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., and Tamassia, R. (2011, January 21). Oblivious RAM simulation with efficient worst-case access overhead. Proceedings of the 3rd ACM Workshop on Cloud Computing Security Workshop (CCSW \u201911), Chicago, IL, USA.","DOI":"10.1145\/2046660.2046680"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., and Tamassia, R. (2012, January 7\u20139). Practical oblivious storage. Proceedings of the Second ACM Conference on Data and Application Security and Privacy (CODASPY \u201912), San Antonio, TX, USA.","DOI":"10.1145\/2133601.2133604"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., and Tamassia, R. (2012, January 17\u201319). Privacy-preserving group data access via stateless oblivious RAM simulation. Proceedings of the Twenty-Third Annual ACM-SIAM Symposium on Discrete Algorithms, Kyoto, Japan.","DOI":"10.1137\/1.9781611973099.14"},{"key":"ref_20","unstructured":"Ostrovsky, R. (1987, January 25\u201327). Efficient computation on oblivious RAMs. Proceedings of the Nineteenth Annual ACM Symposium On Theory of Computing, New York, NY, USA."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Ostrovsky, R., and Shoup, V. (1997, January 4\u20136). Private Information Storage (Extended Abstract). Proceedings of the Twenty-Ninth Annual ACM Symposium on Theory of Computing, El Paso, TX, USA.","DOI":"10.1145\/258533.258606"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Shi, E., Chan, T.H.H., Stefanov, E., and Li, M. (2011). Oblivious RAM with O((logN)3) Worst-Case Cost. Advances in Cryptology\u2014ASIACRYPT, Springer.","DOI":"10.1007\/978-3-642-25385-0_11"},{"key":"ref_23","unstructured":"Stefanov, E., Shi, E., and Song, D. (2012, January 5\u20138). Towards practical oblivious RAM. Proceedings of the NDSS Symposium 2012, San Diego, CA, USA."},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Stefanov, E., van Dijk, M., Shi, E., Fletcher, C., Ren, L., Yu, X., and Devadas, S. (2013, January 4\u20138). Path ORAM: An Extremely Simple Oblivious RAM Protocol. Proceedings of the ACM Computer and Communication Security Conference, Berlin, Germany.","DOI":"10.1145\/2508859.2516660"},{"key":"ref_25","doi-asserted-by":"crossref","unstructured":"Williams, P., and Sion, R. (2012, January 16\u201318). Single round access privacy on outsourced storage. Proceedings of the 2012 ACM Conference on Computer And Communications Security (CCS \u201912), Raleigh, NC, USA.","DOI":"10.1145\/2382196.2382229"},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Fletcher, C., Ren, L., Kwon, A., van Dijk, M., and Devadas, S. (2015, January 14\u201318). Freecursive ORAM: [Nearly] Free Recursion and Integrity Verification for Position-based Oblivious RAM. Proceedings of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), Istanbul, Turkey.","DOI":"10.1145\/2694344.2694353"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Zhang, X., Sun, G., Zhang, C., Zhang, W., Liang, Y., Wang, T., Chen, Y., and Di, J. (2015, January 5\u20139). Fork path: Improving efficiency of ORAM by removing redundant memory accesses. Proceedings of the 48th International Symposium on Microarchitecture, Waikiki, HI, USA.","DOI":"10.1145\/2830772.2830787"},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Yu, X., Haider, S.K., Ren, L., Fletcher, C., Kwon, A., van Dijk, M., and Devadas, S. (2015, January 13\u201317). Proram: Dynamic prefetcher for oblivious ram. Proceedings of the 42nd Annual International Symposium on Computer Architecture, Portland, OR, USA.","DOI":"10.1145\/2749469.2750413"},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Merin John, T., Kamran Haider, S., Omar, H., and van Dijk, M. (2017). Connecting the Dots: Privacy Leakage via Write-Access Patterns to the Main Memory. IEEE Trans. Dependable Secur. Comput.","DOI":"10.1109\/HST.2017.7951834"},{"key":"ref_30","unstructured":"Joye, M., and Yen, S.M. (2002). The Montgomery powering ladder. International Workshop on Cryptographic Hardware and Embedded Systems, Springer."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Blass, E.O., and Robertson, W. (2012, January 3\u20137). TRESOR-HUNT: Attacking CPU-bound encryption. Proceedings of the 28th Annual Computer Security Applications Conference, Orlando, FL, USA.","DOI":"10.1145\/2420950.2420961"},{"key":"ref_32","unstructured":"B\u00f6ck, B., and Austria, S.B. (2009). Firewire-Based Physical Security Attacks on Windows 7, EFS and BitLocker, Secure Business Austria Research Lab."},{"key":"ref_33","unstructured":"Maartmann-Moe, C. (2014, February 25). Inception. Available online: http:\/\/www. breaknenter.org\/projects\/inception\/."},{"key":"ref_34","first-page":"1","article-title":"Hit by a bus: Physical access attacks with Firewire","volume":"3","author":"Boileau","year":"2006","journal-title":"Present. Ruxcon"},{"key":"ref_35","unstructured":"Panholzer, P. (2008). Physical security attacks on windows vista. SEC Consult Vulnerability Lab Vienna Technology Report, SEC Consult Vulnerability Lab."},{"key":"ref_36","doi-asserted-by":"crossref","unstructured":"Stewin, P., and Bystrov, I. (2012). Understanding DMA malware. International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, Springer.","DOI":"10.1007\/978-3-642-37300-8_2"},{"key":"ref_37","first-page":"1","article-title":"Attacking intel trusted execution technology","volume":"2009","author":"Wojtczuk","year":"2009","journal-title":"Black Hat DC"},{"key":"ref_38","unstructured":"Wojtczuk, R., Rutkowska, J., and Tereshkin, A. (2009). Another Way to Circumvent Intel Trusted Execution Technology, Invisible Things Lab."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Ren, L., Yu, X., Fletcher, C., van Dijk, M., and Devadas, S. (2013, January 23\u201327). Design Space Exploration and Optimization of Path Oblivious RAM in Secure Processors. Proceedings of the 40th Annual International Symposium on Computer Architecture, Tel-Aviv, Israel.","DOI":"10.1145\/2485922.2485971"},{"key":"ref_40","doi-asserted-by":"crossref","unstructured":"Blass, E.O., Mayberry, T., Noubir, G., and Onarlioglu, K. (2014, January 3\u20137). Toward robust hidden volumes using write-only oblivious RAM. Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, Scottsdale, Arizona, USA.","DOI":"10.1145\/2660267.2660313"},{"key":"ref_41","unstructured":"Haider, S.K., and van Dijk, M. (arXiv, 2017). Revisiting Definitional Foundations of Oblivious RAM for Secure Processor Implementations, arXiv."},{"key":"ref_42","doi-asserted-by":"crossref","unstructured":"Fletcher, C., Ren, L., Yu, X., Van Dijk, M., Khan, O., and Devadas, S. (2014, January 15\u201319). Suppressing the Oblivious RAM Timing Channel While Making Information Leakage and Program Efficiency Trade-offs. Proceedings of the 2014 IEEE 20th International Symposium on High Performance Computer Architecture (HPCA), Orlando, FL, USA.","DOI":"10.1109\/HPCA.2014.6835932"},{"key":"ref_43","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1007\/s10207-016-0329-x","article-title":"Write-only oblivious RAM-based privacy-preserved access of outsourced data","volume":"16","author":"Li","year":"2013","journal-title":"Int. J. Inf. Secur."},{"key":"ref_44","doi-asserted-by":"crossref","unstructured":"Roche, D.S., Aviv, A., Choi, S.G., and Mayberry, T. (November, January 30). Deterministic, Stash-Free Write-Only ORAM. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS \u201917), Dallas, TX, USA.","DOI":"10.1145\/3133956.3134051"},{"key":"ref_45","doi-asserted-by":"crossref","unstructured":"Miller, J.E., Kasture, H., Kurian, G., Gruenwald, C., Beckmann, N., Celio, C., Eastep, J., and Agarwal, A. (2010, January 9\u201314). Graphite: A Distributed Parallel Simulator for Multicores. Proceedings of the HPCA\u201416 2010 The Sixteenth International Symposium on High-Performance Computer Architecture, Bangalore, India.","DOI":"10.1109\/HPCA.2010.5416635"},{"key":"ref_46","doi-asserted-by":"crossref","unstructured":"Woo, S.C., Ohara, M., Torrie, E., Singh, J.P., and Gupta, A. (1995, January 22\u201324). The SPLASH-2 programs: Characterization and methodological considerations. Proceedings of the 22nd Annual International Symposium on Computer Architecture, S. Margherita Ligure, Italy.","DOI":"10.1145\/223982.223990"},{"key":"ref_47","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1145\/1186736.1186737","article-title":"SPEC CPU2006 benchmark descriptions","volume":"34","author":"Henning","year":"2006","journal-title":"ACM Sigarch Comput. Archit. News"},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"209","DOI":"10.14778\/2735508.2735511","article-title":"Staring into the Abyss: An Evaluation of Concurrency Control with One Thousand Cores","volume":"8","author":"Yu","year":"2014","journal-title":"Proc. VLDB Endow."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Cooper, B.F., Silberstein, A., Tam, E., Ramakrishnan, R., and Sears, R. (2010, January 10\u201311). Benchmarking cloud serving systems with YCSB. Proceedings of the 1st ACM symposium on Cloud computing (SoCC\u201910), Indianapolis, IN, USA.","DOI":"10.1145\/1807128.1807152"},{"key":"ref_50","unstructured":"The Transaction Processing Council (2019, March 24). TPC-C Benchmark (Revision 5.9.0). Available online: http:\/\/www.tpc.org\/tpc_documents_current_versions\/current_specifications.asp."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/1\/10\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T12:40:32Z","timestamp":1760186432000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/3\/1\/10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,3,25]]},"references-count":50,"journal-issue":{"issue":"1","published-online":{"date-parts":[[2019,3]]}},"alternative-id":["cryptography3010010"],"URL":"https:\/\/doi.org\/10.3390\/cryptography3010010","relation":{},"ISSN":["2410-387X"],"issn-type":[{"value":"2410-387X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,3,25]]}}}