Oblivious Random Access Machine (ORAM) allows a client to hide the access pattern when accessing sensitive data on a remote server. It is known that there exists a logarithmic communication lower bound on any passive ORAM construction, where the server only acts as the storage service. This overhead was shown too costly for some applications. Several active ORAM schemes with server computation have been proposed to overcome this limitation. However, they mostly rely on costly homomorphic encryptions, whose performance is worse than passive ORAM. In this article, we propose S3ORAM, a new multi-server ORAM framework, which features O(1) client bandwidth blowup and low client storage without relying on costly cryptographic primitives. Our key idea is to harness Shamir Secret Sharing and a multi-party multiplication protocol on applicable binary tree-ORAM paradigms. This strategy allows the client to instruct the server(s) to perform secure and efficient computation on his/her behalf with a low intervention thereby, achieving a constant client bandwidth blowup and low server computational overhead. Our framework can also work atop a general ?-ary tree ORAM structure (??2). We fully implemented our framework, and strictly evaluated its performance on commodity cloud architecture (Amazon EC2). Our comprehensive experiments confirmed the efficiency of S3ORAM framework, where it is approximately 10× faster than the most efficient passive ORAM (i.e., Path-ORAM) for a moderate network bandwidth, while being three orders of magnitude faster than active ORAM with O(1) bandwidth blowup (i.e., Onion-ORAM). We have outsourced the implementation of our framework for public testing and adaptation
Voice-over-IP (VoIP) software are increasingly widespread, counting millions of monthly users. However, we argue that people ignore the drawbacks of transmitting information along with their voice, such as keystroke sounds -- as such sounds can reveal what someone is typing on a keyboard. In this paper, we present a new keyboard acoustic eavesdropping attack that involves VoIP, called Skype & Type (S&T). Unlike previous attacks, S&T assumes a weak adversary model that is practical in many real-world settings. Indeed, S&T is very feasible, as it does not require: (i) the attacker to be physically close to the victim; (ii) precise profiling of the victim's typing style and keyboard. Moreover, it can work with a very small amount of leaked keystrokes -- and leakage of keystrokes during a VoIP call is likely, as people often simultaneously "multi-task". As expected, VoIP software acquires and faithfully transmits all sounds, including keystrokes, which can include passwords and other sensitive information. We show that one very popular VoIP software (Skype) conveys enough audio information to reconstruct the victim's input: S&T can attain up to top-5 accuracy of 91.7% in guessing a random key pressed by the victim. This work extends previous results on S&T, demonstrating that our attack is effective with different recording devices (such as laptop and headset microphones, and smartphones close to the target keyboard), typing styles, and speed, and is particularly threatening when the victim is typing in a known language.
Keystroke behaviour-based authentication employs the unique typing behaviour of users to authenticate them. Recent such proposals for virtual keyboards on smartphones employ diverse temporal, contact, and spatial features to achieve over 95% accuracy. Consequently, they have been suggested as a second line of defense with text-based password authentication. We show that a state-of-the-art keystroke behaviour-based authentication scheme is highly vulnerable against mimicry attacks. While previous research used training interfaces to attack physical keyboards, we show that this approach has limited effectiveness against virtual keyboards. This is mainly due to the large number of diverse features that the attacker needs to mimic for virtual keyboards. We address this challenge by developing an augmented reality-based app that resides on the attacker's smartphone and leverages computer vision and keystroke data to provide real-time guidance during password entry on the victim's phone. In addition, we propose an audiovisual attack in which the attacker overlays transparent film printed with spatial pointers on the victim's device, and uses audio cues to match the temporal behaviour of the victim. Both attacks require neither tampering or installing software on the victim's device nor specialized hardware. We conduct experiments with 30 users to mount over 400 mimicry attacks. We show that our methods enable an attacker to mimic keystroke behaviour on virtual keyboards with little effort. Furthermore, since our augmented reality-based method provides the attacker with real-time guidance on how to submit touch input on smartphones, it can be extended to attack other touch input behaviour-based systems for smartphones.