Advertisement

Order-Revealing Encryption: File-Injection Attack and Forward Security

  • Xingchen Wang
  • Yunlei Zhao
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11099)

Abstract

Order-preserving encryption (OPE) and order-revealing encryption (ORE) are among the core ingredients for encrypted databases (EDBs). In this work, we study the leakage of OPE and ORE and their forward security.

We propose generic yet powerful file-injection attacks (FIAs) on OPE/ORE, aimed at the situations of possessing order by and range queries. Our FIAs only exploit the ideal leakage of OPE/ORE (in particular, no need of data denseness or frequency). We executed some experiments on real datasets to test the performance, and the results show that our FIAs can cause an extreme hazard on most of the existing OPEs and OREs with high efficiency and 100% recovery rate.

We then formulate forward security of ORE, which is of independent of interest, and propose a practical compilation framework for achieving forward secure ORE in order to resist the perniciousness of FIA. The compilation framework can transform most of the existing OPEs/OREs into forward secure OREs, with the goal of minimizing the extra burden incurred on computation and storage. We also execute some experiments to analyze its performance.

Keywords

Order-revealing encryption Order-preserving encryption File-injection attack Forward security 

Notes

Acknowledgement

We thank the anonymous reviewers for their insightful comments. We are grateful to Yuan Li and Hongbing Wang for many helpful discussions.

Supplementary material

References

  1. 1.
    California Public Employee Payroll Data (2014). http://transparentcalifornia.com/downloads/
  2. 2.
  3. 3.
    Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: ACM SIGMOD International Conference on Management of Data, pp. 563–574. ACM, Paris (2004)Google Scholar
  4. 4.
    Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-01001-9_13CrossRefGoogle Scholar
  5. 5.
    Boldyreva, A., Chenette, N., O’Neill, A.: Order-preserving encryption revisited: improved security analysis and alternative solutions. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 578–595. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-22792-9_33CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Lewi, K., Raykova, M., Sahai, A., Zhandry, M., Zimmerman, J.: Semantically secure order-revealing encryption: multi-input functional encryption without obfuscation. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015. LNCS, vol. 9057, pp. 563–594. Springer, Heidelberg (2015).  https://doi.org/10.1007/978-3-662-46803-6_19CrossRefGoogle Scholar
  7. 7.
    Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 668–679. ACM, Denver (2015)Google Scholar
  8. 8.
    Cash, D., Liu, F.H., O’Neill, A., Zhang, C.: Reducing the leakage in practical order-revealing encryption. Cryptology ePrint Archive, Report 2016/661 (2016). http://eprint.iacr.org/2016/661
  9. 9.
    Chenette, N., Lewi, K., Weis, S.A., Wu, D.J.: Practical order-revealing encryption with limited leakage. In: Peyrin, T. (ed.) FSE 2016. LNCS, vol. 9783, pp. 474–493. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-52993-5_24CrossRefzbMATHGoogle Scholar
  10. 10.
    Durak, F.B., DuBuisson, T.M., Cash, D.: What else is revealed by order-revealing encryption? In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1155–1166. ACM, Vienna (2016)Google Scholar
  11. 11.
    Garg, S., Mohassel, P., Papamanthou, C.: TWORAM: Efficient Oblivious RAM in Two Rounds with Applications to Searchable Encryption. In: Robshaw, M., Katz, J. (eds.) CRYPTO 2016. LNCS, vol. 9816, pp. 563–592. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53015-3_20CrossRefzbMATHGoogle Scholar
  12. 12.
    Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM (JACM) 43(3), 431–473 (1996)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Grubbs, P., Sekniqi, K., Bindschaedler, V., Naveed, M., Ristenpart, T.: Leakage-abuse attacks against order-revealing encryption. In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 655–672. IEEE (2017)Google Scholar
  14. 14.
    He, W., Akhawe, D., Jain, S., Shi, E., Song, D.: Shadowcrypt: encrypted web applications for everyone. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 1028–1039. ACM, Scottsdale (2014)Google Scholar
  15. 15.
    Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: 19th Annual Network and Distributed System Security Symposium, vol. 20, p. 12. The Internet Society, San Diego (2012)Google Scholar
  16. 16.
    Kerschbaum, F.: Frequency-hiding order-preserving encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 656–667. ACM, Denver (2015)Google Scholar
  17. 17.
    Lau, B., Chung, S.P., Song, C., Jang, Y., Lee, W., Boldyreva, A.: Mimesis aegis: a mimicry privacy shield-a system’s approach to data privacy on public cloud. In: Proceeding of the 23rd USENIX conference on Security Symposium, pp. 33–48. USENIX Association, San Diego (2014)Google Scholar
  18. 18.
    Lewi, K., Wu, D.J.: Order-revealing encryption: new constructions, applications, and lower bounds. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1167–1178. ACM, Vienna (2016)Google Scholar
  19. 19.
    Naveed, M.: The fallacy of composition of oblivious ram and searchable encryption. Cryptology ePrint Archive, Report 2015/668 (2015). http://eprint.iacr.org/2015/668
  20. 20.
    Naveed, M., Kamara, S., Wright, C.V.: Inference attacks on property-preserving encrypted databases. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 644–655. ACM, Denver (2015)Google Scholar
  21. 21.
    Popa, R.A., Li, F.H., Zeldovich, N.: An ideal-security protocol for order-preserving encoding. In: 2013 IEEE Symposium on Security and Privacy (SP), pp. 463–477. IEEE, San Francisco (2013)Google Scholar
  22. 22.
    Popa, R.A., Redfield, C., Zeldovich, N., Balakrishnan, H.: Cryptdb: protecting confidentiality with encrypted query processing. In: Proceedings of the 23rd ACM Symposium on Operating Systems Principles, pp. 85–100. ACM, Cascais (2011)Google Scholar
  23. 23.
    Roche, D.S., Apon, D., Choi, S.G., Yerukhimovich, A.: Pope: partial order preserving encoding. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1131–1142. ACM, Vienne (2016)Google Scholar
  24. 24.
    Stefanov, E., Papamanthou, C., Shi, E.: Practical dynamic searchable encryption with small leakage. In: 21st Annual Network and Distributed System Security Symposium, vol. 71, pp. 72–75. The Internet Society, San Diego (2014)Google Scholar
  25. 25.
    Wang, X., Zhao, Y.: Order-revealing encryption: file-injection attack and forward security. Cryptology ePrint Archive, Report 2017/1086 (2017). http://eprint.iacr.org/2017/1086
  26. 26.
    Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. In: Proceeding of the 25th USENIX conference on Security Symposium, pp. 707–720. USENIX Association, Austin (2016)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Shanghai Key Laboratory of Data Science, School of Computer ScienceFudan UniversityShanghaiChina
  2. 2.State Key Laboratory of Integrated Services NetworksXidian UniversityXi’anChina
  3. 3.State Key Laboratory of CryptologyBeijingChina

Personalised recommendations