Structured Encryption and Leakage Suppression

  • Seny KamaraEmail author
  • Tarik Moataz
  • Olya Ohrimenko
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10991)


Structured encryption (STE) schemes encrypt data structures in such a way that they can be privately queried. One aspect of STE that is still poorly understood is its leakage. In this work, we describe a general framework to design STE schemes that do not leak the query/search pattern (i.e., if and when a query was previously made).

Our framework consists of two compilers. The first can be used to make any dynamic STE scheme rebuildable in the sense that the encrypted structures it produces can be rebuilt efficiently using only O(1) client storage. The second transforms any rebuildable scheme that leaks the query/search pattern into a new scheme that does not. Our second compiler is a generalization of Goldreich and Ostrovsky’s square root oblivious RAM (ORAM) solution but does not make use of black-box ORAM simulation. We show that our framework produces STE schemes with query complexity that is asymptotically better than ORAM simulation in certain (natural) settings and comparable to special-purpose oblivious data structures.

We use our framework to design a new STE scheme that is “almost” zero-leakage in the sense that it reveals an, intuitively-speaking, small amount of information. We also show how the scheme can be used to achieve zero-leakage queries when one can tolerate a probabilistic guarantee of correctness. This construction results from applying our compilers to a new STE scheme we design called the piggyback scheme. This scheme is a general-purpose STE construction (in the sense that it can encrypt any data structure) that leaks the search/query pattern but hides the response length on non-repeating queries.



We are grateful to Hajar Alturki for useful feedback on the \(\mathsf {PBS}\) construction and to the anonymous reviewers for helpful suggestions.


  1. 1.
    Ajtai, M., Komlós, J., Szemerédi, E.: An o(n log n) sorting network. In: ACM Symposium on Theory of Computing (STOC 1983), pp. 1–9 (1983)Google Scholar
  2. 2.
    Amjad, G., Kamara, S., Moataz, T.: Breach-resistant structured encryption. IACR Cryptology ePrint Archive 2018:195 (2018)Google Scholar
  3. 3.
    Asharov, G., Naor, M., Segev, G., Shahaf, I.: Searchable symmetric encryption: optimal locality in linear space via two-dimensional balanced allocations. In: STOC 2016, pp. 1101–1114. ACM, New York (2016)Google Scholar
  4. 4.
    Batcher, K.: Sorting networks and their applications. In: Proceedings of the Joint Computer Conference, pp. 307–314 (1968)Google Scholar
  5. 5.
    Bost, R.: Sophos - forward secure searchable encryption. In: ACM CCS 2016 (2016)Google Scholar
  6. 6.
    Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: ACM CCS 2015, pp. 668–679. ACM (2015)Google Scholar
  7. 7.
    Cash, D., Jaeger, J., Jarecki, S., Jutla, C., Krawczyk, H., Rosu, M., Steiner, M.: Dynamic searchable encryption in very-large databases: data structures and implementation. In: NDSS 2014 (2014)Google Scholar
  8. 8.
    Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for Boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013). Scholar
  9. 9.
    Cash, D., Tessaro, S.: The locality of searchable symmetric encryption. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 351–368. Springer, Heidelberg (2014). Scholar
  10. 10.
    Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010). Scholar
  11. 11.
    Chase, M., Kamara, S.: Structured encryption and controlled disclosure. Technical report 2011/010.pdf, IACR Cryptology ePrint Archive (2010)CrossRefGoogle Scholar
  12. 12.
    Chaudhuri, S., Church, K.W., König, A.C., Sui, L.: Heavy-tailed distributions and multi-keyword queries. In: ACM SIGIR 2007 (2007)Google Scholar
  13. 13.
    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: CCS 2006 (2006)Google Scholar
  14. 14.
    Demertzis, I., Papamanthou, C.: Fast searchable encryption with tunable locality. In: SIGMOD 2017 (2017)Google Scholar
  15. 15.
    Fisch, B.A., et al.: Malicious-client security in blind seer: a scalable private DBMS. In: IEEE Symposium on Security and Privacy, pp. 395–410. IEEE (2015)Google Scholar
  16. 16.
    Garg, S., Mohassel, P., Papamanthou, C.: TWORAM: efficient oblivious RAM in two rounds with applications to searchable encryption. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 563–592. Springer, Heidelberg (2016). Scholar
  17. 17.
    Goh, E.-J.: Secure indexes. Technical report 2003/216, IACR ePrint Cryptography Archive (2003).
  18. 18.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM 43(3), 431–473 (1996)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Goodrich, M., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Oblivious RAM simulation with efficient worst-case access overhead. In: CCSW 2011 (2011)Google Scholar
  20. 20.
    Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: NDSS 2012 (2012)Google Scholar
  21. 21.
    Jarecki, S., Jutla, C., Krawczyk, H., Rosu, M., Steiner, M.: Outsourced symmetric private information retrieval. In: ACM CCS 2013 (2013)Google Scholar
  22. 22.
    Kamara, S.: Restructuring the NSA metadata program. In: Böhme, R., Brenner, M., Moore, T., Smith, M. (eds.) FC 2014. LNCS, vol. 8438, pp. 235–247. Springer, Heidelberg (2014). Scholar
  23. 23.
    Kamara, S., Moataz, T.: SQL on structurally-encrypted databases. IACR Cryptology ePrint Archive 2016, 453 (2016)Google Scholar
  24. 24.
    Kamara, S., Moataz, T.: Boolean searchable symmetric encryption with worst-case sub-linear complexity. In: Coron, J.-S., Nielsen, J.B. (eds.) EUROCRYPT 2017. LNCS, vol. 10212, pp. 94–124. Springer, Cham (2017). Scholar
  25. 25.
    Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 258–274. Springer, Heidelberg (2013). Scholar
  26. 26.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: ACM CCS 2012 (2012)Google Scholar
  27. 27.
    Kushilevitz, E., Lu, S., Ostrovsky, R.: On the (in)security of hash-based oblivious RAM and a new balancing scheme. In: SODA 2012 (2012)CrossRefGoogle Scholar
  28. 28.
    Liu, C., Zhu, L., Wang, M., Tan, Y.: Search pattern leakage in searchable encryption: attacks and new construction. Inf. Sci. 265, 176–188 (2014)CrossRefGoogle Scholar
  29. 29.
    Meng, X., Kamara, S., Nissim, K., Kollios, G.: GRECS: graph encryption for approximate shortest distance queries. In: CCS 2015 (2015)Google Scholar
  30. 30.
    Miers, I., Mohassel, P.: IO-DSSE: scaling dynamic searchable encryption to millions of indexes by improving locality. Cryptology ePrint Archive, Report 2016/830 (2016).
  31. 31.
    Naveed, M., Prabhakaran, M., Gunter, C.: Dynamic searchable encryption via blind storage. In: IEEE Symposium on Security and Privacy (S&P 2014) (2014)Google Scholar
  32. 32.
    Ostrovsky, R., Shoup, V.: Private information storage. In: ACM Symposium on Theory of Computing (STOC 1997), pp. 294–303 (1997)Google Scholar
  33. 33.
    Pappas, V., et al.: Blind seer: a scalable private DBMS. In: 2014 IEEE Symposium on Security and Privacy (SP), pp. 359–374. IEEE (2014)Google Scholar
  34. 34.
    Sedghi, S., van Liesdonk, P., Doumen, J.M., Hartel, P.H., Jonker, W.: Adaptively secure computationally efficient searchable symmetric encryption. Technical report TR-CTIT-09-13 (2009)Google Scholar
  35. 35.
    Shi, E., Chan, T.-H.H., Stefanov, E., Li, M.: Oblivious RAM with O((logN)3) worst-case cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 197–214. Springer, Heidelberg (2011). Scholar
  36. 36.
    Song, D., Wagner, D., Perrig, A.: Practical techniques for searching on encrypted data. In: IEEE S&P, pp. 44–55. IEEE Computer Society (2000)Google Scholar
  37. 37.
    Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In: NDSS 2014 (2014)Google Scholar
  38. 38.
    Stefanov, E., et al.: Path ORAM: an extremely simple oblivious RAM protocol. In: CCS 2013 (2013)Google Scholar
  39. 39.
    Williams, P., Sion, R., Carbunar, B.: Building castles out of mud: practical access pattern privacy and correctness on untrusted storage. In: CCS 2008 (2008)Google Scholar
  40. 40.
    Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. In: USENIX 2016 (2016)Google Scholar
  41. 41.
    Zhang, Y., O’Neill, A., Sherr, M., Zhou, W.: Privacy-preserving network provenance. Proc. VLDB Endow. 10(11), 1550–1561 (2017)CrossRefGoogle Scholar
  42. 42.
    Zipf, G.K.: The psycho-biology of language (1935)Google Scholar

Copyright information

© International Association for Cryptologic Research 2018

Authors and Affiliations

  1. 1.Brown UniversityProvidenceUSA
  2. 2.Microsoft ResearchCambridgeUK

Personalised recommendations