USENIX artifact reproduction script

Dockerfile

@@ -2,12 +2,12 @@ FROM ubuntu:18.04
 ARG DEBIAN_FRONTEND=noninteractive 
 #the above line is avoid interaction
 WORKDIR /root
-RUN apt update && apt install -y git build-essential libbsd-dev libssl-dev libboost-all-dev iproute2 iperf iputils-ping wget unzip net-tools wget ocaml libgcrypt20-dev ocaml-findlib opam m4 ocamlbuild numactl
+RUN apt update && apt install -y git build-essential libbsd-dev libssl-dev libboost-all-dev iproute2 iperf iputils-ping wget unzip net-tools wget ocaml libgcrypt20-dev ocaml-findlib opam m4 ocamlbuild numactl time
 RUN opam init -y && opam switch 4.06.0 && eval `opam config env` && opam install -y camlp4 ocamlfind ocamlbuild batteries
 RUN git clone https://github.com/samee/obliv-c.git && cd obliv-c && git checkout e02e5c590523ef4dae06e167a7fa00037bb3fdaf
 RUN cd obliv-c && ./configure && make
 RUN git clone https://gitlab.com/neucrypt/floram floram-floram-release && cd floram-floram-release && git checkout cbc6fa1434426096dda1fa567bacba1d7fc8d5b5
-COPY bench_oram_readwrite.oc bench_oram.patch /root/
+COPY bench_oram_readwrite.oc bench_oram.patch parse_logs /root/
 RUN cd floram-floram-release &&  sed -i '4i\OBLIVC_PATH = ~/obliv-c' Makefile && sed -i -e '8s/$/ -D _Float128=double/' Makefile
 RUN cd floram-floram-release && sed -i -e '28s/$/ bench_oram_readwrite/' Makefile
 RUN cd floram-floram-release/tests && cp /root/bench_oram_readwrite.oc bench_oram_readwrite.oc

parse_logs

@@ -0,0 +1,77 @@
+#!/usr/bin/perl
+
+# Parse the log output files of run-experiment
+# Send concatenated log files to stdin, or list them on the command
+# line.
+
+use strict;
+
+my $mode = '';
+my $depth = 0;
+my $who = 0;
+my $what = '';
+my $setupsize = 0;
+my $opsize = 0;
+my @seconds = (0, 0);
+my $netsetup = '';
+
+while(<>) {
+    chomp;
+    if (/Network setup: (.*)/) {
+        $netsetup = "$1 ";
+        next;
+    }
+    if (/===== Running floram (\S+) (\d+)/) {
+        $mode = $1;
+        $depth = $2;
+        @seconds = (0,0);
+        $what = '';
+        $setupsize = 0;
+        $opsize = 0;
+        next;
+    }
+    if (/===== P([01]) output/) {
+        $who = $1;
+        next;
+    }
+    if (/ORAM ACCESS \(SETUP/) {
+        $what = 'SETUP';
+        next;
+    }
+    if (/ORAM ACCESS \(READ|WRITE/) {
+        $what = 'OP';
+        next;
+    }
+    if (/Total time: (\d+\.?\d*) s/) {
+        $seconds[$who] = $1;
+        next;
+    }
+    if (/^\d+,8,/) {
+        my @F = split(/,/);
+        my @sizes = ();
+        my $i;
+        for ($i=4;$i<=$#F;$i+=3) {
+            push(@sizes, $F[$i]);
+        }
+        if ($what eq '') {
+            die "Unrecognized data line\n";
+        }
+        if ($what eq 'SETUP') {
+            $setupsize += $sizes[0];
+        } else {
+            foreach (@sizes) { $opsize += $_; }
+        }
+    }
+    $what = '';
+    if (/===== End/) {
+        my $maxsecs = $seconds[0];
+        $maxsecs = $seconds[1] if $seconds[1] > $maxsecs;
+        print "Floram $depth $netsetup$maxsecs s\n";
+        # The setupsize and opsize are the _sum_ for the two parties, so
+        # add them to get the total size for both parties, and divide by
+        # 2 to get the average size for each party
+        my $bytes = ($setupsize + $opsize) / 2;
+        my $kib = $bytes / 1024;
+        print "Floram $depth $netsetup$kib KiB\n";
+    }
+}

repro

@@ -0,0 +1,140 @@
+#!/bin/bash
+
+# Reproduce the Floram experiments from our paper:
+
+# Adithya Vadapalli, Ryan Henry, Ian Goldberg. Duoram: A
+# Bandwidth-Efficient Distributed ORAM for 2- and 3-Party Computation.
+# USENIX Security Symposium 2023.
+
+# cd into the directory containing this script (from the bash faq 028)
+if [[ $BASH_SOURCE = */* ]]; then
+  cd -- "${BASH_SOURCE%/*}/" || exit
+fi
+
+# If the master NUMA commands are set, use them for Floram
+if [ "$NUMA_P0" != "" ]; then
+    export FLORAM_NUMA_P0="$NUMA_P0"
+fi
+if [ "$NUMA_P1" != "" ]; then
+    export FLORAM_NUMA_P1="$NUMA_P1"
+fi
+
+# Allow running only subsets of the experiment suite.  Valid values are
+# "test", "small", "large", "scaling", "all", "none".  ("none" is useful
+# if you just want to re-parse the output of existing logs.  "scaling"
+# is the subset of "small" that generates the data points for Figure 10;
+# see the README for that one, since you need a machine with at least 64
+# cores to generate it.)
+if [ "$1" == "" ]; then
+    whichexps="test"
+else
+    whichexps="$1"
+fi
+
+# The number of operations per run; the graphs in the paper use 128
+if [ "$2" == "" ]; then
+    numops=128
+else
+    numops="$2"
+fi
+
+# Run one experiment
+# Arguments:
+# $1: mode (read, write, readwrite)
+# $2: depth (the ORAM has 2^depth elements)
+# $3: latency (e.g., 30ms)
+# $4: bandwidth (e.g., 100mbit)
+# $5: number of operations (e.g., 128)
+run() {
+    now=`date`
+    echo "$now: Running $1 $2 $3 $4 $5 ..."
+    logfile="${1}_${3}_${4}_${5}.out"
+    ./set-networking $3 $4
+    echo "Network setup: $3 $4" >> $logfile
+    ./run-experiment $1 $2 $5 >> $logfile
+}
+
+# Parse the output logs.  We run this in the docker in case you don't
+# have perl installed on the host.
+# Arguments: a list of logfiles
+parse() {
+    cat $* | docker exec -w /root -i floram_p0 ./parse_logs
+}
+
+# A very small kick-the-tires test to ensure everything compiled and
+# built properly
+if [ "$whichexps" == "test" ]; then
+    echo "Running test experiment..."
+    run read 16 1us 100gbit 2
+    parse read_1us_100gbit_2.out
+    exit
+fi
+
+now=`date`
+echo "$now: Starting experiments"
+
+if [ "$whichexps" == "small" -o "$whichexps" == "all" ]; then
+    echo "Running small experiments..."
+    # Figure 7(a), 8(c)
+    run readwrite 16 30ms 100mbit ${numops}
+    run readwrite 18 30ms 100mbit ${numops}
+    run readwrite 20 30ms 100mbit ${numops}
+    run readwrite 22 30ms 100mbit ${numops}
+    run readwrite 24 30ms 100mbit ${numops}
+    run readwrite 26 30ms 100mbit ${numops}
+    # Figure 7(b)
+    run readwrite 20 30ms 10mbit ${numops}
+    run readwrite 20 30ms 30mbit ${numops}
+    run readwrite 20 30ms 50mbit ${numops}
+    run readwrite 20 30ms 70mbit ${numops}
+    run readwrite 20 30ms 90mbit ${numops}
+    run readwrite 20 30ms 110mbit ${numops}
+    # Figure 7(c)
+    run readwrite 20 10ms 100mbit ${numops}
+    run readwrite 20 50ms 100mbit ${numops}
+    run readwrite 20 70ms 100mbit ${numops}
+    # Figures 8(a), 9(b), and 9(c)
+    # Note that we set the latency to 1us, which really means "don't add
+    # artificial latency", but we measure the onw-way latency to
+    # actually be 30us, which is what we report in the paper. (pings
+    # from one docker to the other take about 60us round trip.)
+    run read 16 1us 100gbit ${numops}
+    run read 18 1us 100gbit ${numops}
+    run read 20 1us 100gbit ${numops}
+    run read 22 1us 100gbit ${numops}
+    run read 24 1us 100gbit ${numops}
+    run read 26 1us 100gbit ${numops}
+    # Figure 8(b)
+    run write 16 1us 100gbit ${numops}
+    run write 18 1us 100gbit ${numops}
+    run write 20 1us 100gbit ${numops}
+    run write 22 1us 100gbit ${numops}
+    run write 24 1us 100gbit ${numops}
+    run write 26 1us 100gbit ${numops}
+    # Figure 9(a)
+    run read 18 30ms 100mbit ${numops}
+    run read 22 30ms 100mbit ${numops}
+    run read 24 30ms 100mbit ${numops}
+fi
+if [ "$whichexps" == "small" -o "$whichexps" == "scaling" -o "$whichexps" == "all" ]; then
+    # Figures 9(a), 10
+    run read 16 30ms 100mbit ${numops}
+    run read 20 30ms 100mbit ${numops}
+    run read 26 30ms 100mbit ${numops}
+fi
+if [ "$whichexps" == "large" -o "$whichexps" == "all" ]; then
+    echo "Running large experiments..."
+    # Figure 9(a)
+    run read 28 30ms 100mbit ${numops}
+    run read 30 30ms 100mbit ${numops}
+    run read 32 30ms 100mbit ${numops}
+    # Figures 9(b) and 9(c)
+    run read 28 1us 100gbit ${numops}
+    run read 30 1us 100gbit ${numops}
+    run read 32 1us 100gbit ${numops}
+fi
+
+now=`date`
+echo "$now: Experiments complete"
+
+parse *.out > floram.dat