This is an implementation of the PathORAM algorithm from the original paper. This implementation has the following features:
- it's written in C++ and is compilable into a standalone shared library (see usage example)
- all components (storage, position map and stash) are abstracted via interfaces
- storage component can be
InMemory
(using a preallocated heap array)FileSystem
(using a binary file)Redis
(using external Redis server and C++ client, supports batch read/write)Aerospike
(using external Aerospike server and official C client, supports batch read, no batch write)
- solution can optionally be compiled without support for some storage adapters (
InMemory
andFilesSystem
are always included) - position map can be either in-memory, or using another PathORAM, thus enabling arbitrary-level recursive PathORAM
- an optimization for multiple requests at a time (mixed get and put)
- PRG and encryption are done with OpenSSL, encryption is AES-CBC-256 (or AES-CTR-256), random IV every time
- the solution is tested, the coverage is 100%
- the solution is benchmarked
- the solution is documented, the documentation is online
- user inputs are screened (exceptions are thrown if the input is invalid)
- Makefile is sophisticated - with simple commands one can compile and run tests and benchmarks
- the code is formatted according to clang file
- there are VS Code configs that let one debug the code with breakpoints
Dependencies:
- for building a shared library
g++
that supports--std=c++17
make
- these libs
-l boost_system -l ssl -l crypto
- if
Redis
storage adapter is needed, also-l redis++ -l hiredis
- if
Aerospike
storage adapter is needed, also-l aerospike -l dl -l z
- if
- following configurations are supported:
make ... CPPFLAGS="-DINPUT_CHECK=false
will skip "inputs checks" (such as that AES key isKEYSIZE
)make ... CPPFLAGS="-DUSE_REDIS=false
will not compile Redis storage adapter (thus, dependencies not needed)make ... CPPFLAGS="-DUSE_AEROSPIKE=false
will not compile Aerospike storage adapter (thus, dependencies not needed)- you can combine the options
make ... CPPFLAGS="-DUSE_AEROSPIKE=false -DUSE_REDIS=false -DINPUT_CHECKS=false"
- for testing and benchmarking
- all of the above
- these libs
-l gtest -l pthread -l benchmark -l gmock
gcovr
for coveragedoxygen
for generating docs
- or, use this Docker image:
dbogatov/docker-images:pbc-latest
- note, to test against storage adapters other than
InMemory
andFileSystem
- To use
Redis
, a Redis instance has to be accessible overtcp://127.0.0.1:6379
- For example:
docker run -it -p 6379:6379 redis
- For example:
- To use
Aerospike
, an Aerospike instance has to be accessible over127.0.0.1:3000
- For example:
docker run -it -p 3000:3000 aerospike/aerospike-server
- For example:
- To use
Makefile is used for everything.
# to only compile shared library
make clean shared
# to only compile shared library without Redis and Aerospike
make clean shared CPPFLAGS="-DUSE_AEROSPIKE=false -DUSE_REDIS=false"
# to compile the shared library (libpathoram.so in ./bin) and run example code against it
make clean run-shared
# to compile and run all unit tests
make clean run-tests
# to compile and run all integration tests (usually heavier than units)
make clean run-integration
# to compile and run all benchmarks
make clean run-benchmarks
# to compute unit test coverage
make clean coverage
# to generate documentation
make clean docs