Advertisement

No Such Thing as a Small Leak: Leakage-Abuse Attacks Against Symmetric Searchable Encryption

  • Alexandre Anzala-Yamajako
  • Olivier Bernard
  • Matthieu GiraudEmail author
  • Pascal Lafourcade
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 990)

Abstract

Symmetric Searchable Encryption (\(\mathrm {SSE}\)) schemes enable clients to securely outsource their data while maintaining the ability to perform keywords search over it. The security of these schemes is based on an explicit leakage profile [1], has initiated the investigation into how much information could be deduced in practice from this leakage. In this paper, after recalling the leakage hierarchy introduced in 2015 by Cash et al. and the passive attacks of [1] on \(\mathrm {SSE}\) schemes. We demonstrate the effectiveness of these attacks on a wider set of real-world datasets than previously shown. On the other hand, we show that the attacks are inefficient against some types of datasets. Finally, we used what we learned from the unsuccessful datasets to give insight into future countermeasures.

Keywords

Symmetric Searchable Encryption Leakage Passive attacks 

Notes

Acknowledgments

This research was conducted with the support of the FEDER program of 2014-2020, the region council of Auvergne-Rhône-Alpes, the support of the “Digital Trust” Chair from the University of Auvergne Foundation, the Indo-French Centre for the Promotion of Advanced Research (IFCPAR) and the Center Franco-Indien Pour La Promotion De La Recherche Avancée (CEFIPRA) through the project DST/CNRS 2015-03 under DST-INRIA-CNRS Targeted Programme.

References

  1. 1.
    Giraud, M., Anzala-Yamajako, A., Bernard, O., Lafourcade, P.: Practical passive leakage-abuse attacks against symmetric searchable encryption. In: Proceedings of the 14th International Joint Conference on e-Business and Telecommunications (ICETE 2017) - Volume 4: SECRYPT, Madrid, Spain, 24–26 July, 2017, pp. 200–211 (2017)Google Scholar
  2. 2.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Proceedings of the Forty-First Annual ACM Symposium on Theory of Computing, STOC 2009, pp. 169–178. ACM, New York (2009)Google Scholar
  3. 3.
    Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceedings of the 2000 IEEE Symposium on Security and Privacy, SP 2000, p. 44. IEEE Computer Society, Washington, DC (2000)Google Scholar
  4. 4.
    Goldreich, O.: Secure Multi-party Computation, Working Draft (1998)Google Scholar
  5. 5.
    Cash, D., et al.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: 21st Annual Network and Distributed System Security Symposium, NDSS 2014, San Diego, California, USA, 23–26 February, 2014 (2014)Google Scholar
  6. 6.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS 2012, pp. 965–976. ACM, New York (2012)Google Scholar
  7. 7.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-40041-4_20CrossRefGoogle Scholar
  8. 8.
    Faber, S., Jarecki, S., Krawczyk, H., Nguyen, Q., Rosu, M., Steiner, M.: Rich queries on encrypted data: beyond exact matches. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 123–145. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-24177-7_7CrossRefGoogle Scholar
  9. 9.
    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 79–88. ACM, New York (2006)Google Scholar
  10. 10.
    Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: 19th Annual Network and Distributed System Security Symposium, NDSS 2012, San Diego, California, USA, 5–8 February, 2012 (2012)Google Scholar
  11. 11.
    Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015, pp. 668–679. ACM, New York (2015)Google Scholar
  12. 12.
    Pouliot, D., Wright, C.V.: The shadow nemesis: inference attacks on efficiently deployable, efficiently searchable encryption. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria, 24–28 October, 2016, pp. 1341–1352 (2016)Google Scholar
  13. 13.
    Zhang, Y., Katz, J., Papamanthou, C.: All Your Queries Are Belong to Us: The Power of File-Injection Attacks on Searchable Encryption. Cryptology ePrint Archive, Report 2016/172 (2016) http://eprint.iacr.org/2016/172
  14. 14.
    Abdelraheem, M.A., Andersson, T., Gehrmann, C., Glackin, C.: Practical attacks on relational databases protected via searchable encryption. IACR Cryptology ePrint Archive 2018, p. 715 (2018)Google Scholar
  15. 15.
    Wang, G., et al.: Leakage models and inference attacks on searchable encryption for cyber-physical social systems. IEEE Access 6, 21828–21839 (2018)CrossRefGoogle Scholar
  16. 16.
    Lau, B., Chung, S.P., Song, C., Jang, Y., Lee, W., Boldyreva, A.: Mimesis aegis: a mimicry privacy shield-a system’s approach to data privacy on public cloud. In: Proceedings of the 23rd USENIX Security Symposium, San Diego, CA, USA, 20–22 August, 2014, pp. 33–48 (2014)Google Scholar
  17. 17.
    Project Gutenberg. http://www.gutenberg.org/wiki/Main_Page. Accessed Mar 2016
  18. 18.
    Apache Commons email dataset. http://mail-archives.apache.org/mod_mbox/commons-user/. Accessed Mar 2016
  19. 19.
    Apache Hadoop email dataset. http://mail-archives.apache.org/mod_mbox/hadoop-user/. Accessed Mar 2018
  20. 20.
    Apache Lucene email dataset. http://mail-archives.apache.org/mod_mbox/lucene-java-user/. Accessed Apr 2016
  21. 21.
    Apache Subversion email dataset. http://mail-archives.apache.org/mod_mbox/subversion-users/. Accessed Mar 2018
  22. 22.
    Enron email dataset. http://www.cs.cmu.edu/~./enron/. Accessed Apr 2016
  23. 23.
    IMDb dataset. https://www.imdb.com/interfaces/. Accessed Mar 2018
  24. 24.
    Nasa-HTTP server logs. http://ita.ee.lbl.gov/html/contrib/NASA-HTTP.html. Accessed Mar 2018
  25. 25.
    Porter, M.F.: An algorithm for suffix striping. Program 14, 130–137 (1980)CrossRefGoogle Scholar
  26. 26.
    CipherCloud. Cloud Data Encryption. https://www.ciphercloud.com/technologies/encryption/. Accessed 18 Jan 2017
  27. 27.
    Bitglass. Security, Compliance, and Encryption. http://www.bitglass.com/salesforce-security. Accessed 18 Jan 2017
  28. 28.
    Skyhigh Networds. Skyhigh for Salesforce. https://www.skyhighnetworks.com/product/salesforce-security/. Accessed 18 Jan 2017

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Alexandre Anzala-Yamajako
    • 1
  • Olivier Bernard
    • 2
  • Matthieu Giraud
    • 3
    Email author
  • Pascal Lafourcade
    • 3
  1. 1.European Patent OfficeMunichGermany
  2. 2.Laboratoire ChiffreTHALES Communications and SecurityGennevilliersFrance
  3. 3.Université Clermont Auvergne, LIMOSAubièreFrance

Personalised recommendations