Paper 2020/083

Metal: A Metadata-Hiding File-Sharing System

Weikeng Chen and Raluca Ada Popa

Abstract

File-sharing systems like Dropbox offer insufficient privacy because a compromised server can see the file contents in the clear. Although encryption can hide such contents from the servers, metadata leakage remains significant. The goal of our work is to develop a file-sharing system that hides metadata---including user identities and file access patterns. Metal is the first file-sharing system that hides such metadata from malicious users and that has a latency of only a few seconds. The core of Metal consists of a new two-server multi-user oblivious RAM (ORAM) scheme, which is secure against malicious users, a metadata-hiding access control protocol, and a capability sharing protocol. Compared with the state-of-the-art malicious-user file-sharing scheme PIR-MCORAM (Maffei et al.'17), which does not hide user identities, Metal hides the user identities and is 500x faster (in terms of amortized latency) or 10^5x faster (in terms of worst-case latency).

Note: More details of Metal can be found in https://www.oblivious.app/. Updated 10/18/20 for additional appendices.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. NDSS 2020
DOI
10.14722/ndss.2020.24095
Keywords
anonymity
Contact author(s)
weikengchen @ berkeley edu
History
2020-10-19: last of 3 revisions
2020-01-28: received
See all versions
Short URL
https://ia.cr/2020/083
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2020/083,
      author = {Weikeng Chen and Raluca Ada Popa},
      title = {Metal: A Metadata-Hiding File-Sharing System},
      howpublished = {Cryptology {ePrint} Archive, Paper 2020/083},
      year = {2020},
      doi = {10.14722/ndss.2020.24095},
      url = {https://eprint.iacr.org/2020/083}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.