Authenticating Email Search Results

  • Olga Ohrimenko
  • Hobart Reynolds
  • Roberto Tamassia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7783)


Alice uses a web mail service and searches through her emails by keywords and dates. How can Alice be sure that search results she gets contain all the relevant emails she received in the past? We consider this problem and provide a solution where Alice sends to the server authentication information for every new email. In response to a query, the server augments the results with a cryptographic proof computed using the authentication information. Alice uses the proof and a locally-stored cryptographic digest to verify the correctness of the result. Our method adds a small overhead to the usual interaction between the email client and server.


Keyword Search Query Result Inverted Index Query Keyword Authentication Information 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ateniese, G., Burns, R., Curtmola, R., Herring, J., Khan, O., Kissner, L., Peterson, Z., Song, D.: Remote data checking using provable data possession. ACM Trans. Inf. Syst. Secur. 14(1), 12:1–12:34 (2011)Google Scholar
  2. 2.
    Blanzieri, E., Bryl, A.: A survey of learning-based techniques of email spam filtering. Artif. Intell. Rev. 29(1), 63–92 (2008)CrossRefGoogle Scholar
  3. 3.
    Boneh, D., Boyen, X.: Short signatures without random oracles and the SDH assumption in bilinear groups. J. Cryptology 21(2), 149–177 (2008)MathSciNetzbMATHCrossRefGoogle Scholar
  4. 4.
    Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. In: Proceedings of the 13th ACM Conference on Computer and Communications Security, CCS 2006, pp. 79–88. ACM, New York (2006)CrossRefGoogle Scholar
  5. 5.
    Devanbu, P., Gertz, M., Martel, G., Stubblebine, S.G.: Authentic data publication over the internet. J. Comput. Secur. 11(3), 291–314 (2003)Google Scholar
  6. 6.
    Dodis, Y., Vadhan, S., Wichs, D.: Proofs of retrievability via hardness amplification. In: Reingold, O. (ed.) TCC 2009. LNCS, vol. 5444, pp. 109–127. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  7. 7.
    Enron Email Dataset, (accessed on January 2012)
  8. 8.
    Erway, C., Küpçü, A., Papamanthou, C., Tamassia, R.: Dynamic provable data possession. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, CCS 2009, pp. 213–222. ACM, New York (2009)Google Scholar
  9. 9.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Oblivious RAM simulation with efficient worst-case access overhead. In: Proceedings of the 3rd ACM Workshop on Cloud Computing Security, CCSW 2011, pp. 95–100 (2011)Google Scholar
  10. 10.
    Goodrich, M.T., Mitzenmacher, M., Ohrimenko, O., Tamassia, R.: Privacy-preserving group data access via stateless oblivious RAM simulation. In: Proceedings of the 23rd Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2012, pp. 157–167. SIAM (2012)Google Scholar
  11. 11.
    Goodrich, M.T., Nguyen, D., Ohrimenko, O., Papamanthou, C., Tamassia, R., Triandopoulos, N., Lopes, C.V.: Efficient verification of web-content searching through authenticated web crawlers. PVLDB 5(10), 920–931 (2012)Google Scholar
  12. 12.
    Goodrich, M.T., Tamassia, R., Triandopoulos, N.: Efficient authenticated data structures for graph connectivity and geometric search problems. Algorithmica 60(3), 505–552 (2011)MathSciNetzbMATHCrossRefGoogle Scholar
  13. 13.
    Goodrich, M.T., Tamassia, R., Yao, D.: Accredited DomainKeys: a service architecture for improved email validation. In: Proceedings of the Conference on Email and Anti-Spam, CEAS 2005 (July 2005)Google Scholar
  14. 14.
    Juels, A., Kaliski Jr., B.S.: PORs: proofs of retrievability for large files. In: Proceedings of the 14th ACM Conference on Computer and Communications Security, CCS 2007, pp. 584–597. ACM, New York (2007)CrossRefGoogle Scholar
  15. 15.
    Kamara, S., Papamanthou, C.: Parallel and dynamic searchable symmetric encryption. In: Financial Cryptography and Data Security, FC 2013 (to appear, 2013) Google Scholar
  16. 16.
    Kamara, S., Papamanthou, C., Roeder, T.: CS2: A searchable cryptographic cloud storage system. Technical report, Microsoft Research (2011),
  17. 17.
    Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 19th ACM Conference on Computer and Communications Security, CCS 2012, pp. 965–976. ACM, New York (2012)CrossRefGoogle Scholar
  18. 18.
    Leiba, B., Fenton, J.: DomainKeys Identified Mail (DKIM): Using digital signatures for domain verification. In: Proceedings of the Conference on Email and Anti-Spam, CEAS 2007 (August 2007)Google Scholar
  19. 19.
    Merkle, R.C.: A certified digital signature. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 218–238. Springer, Heidelberg (1990)Google Scholar
  20. 20.
    Nguyen, L.: Accumulators from bilinear pairings and applications. In: Menezes, A. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 275–292. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  21. 21.
    Papamanthou, C., Tamassia, R., Triandopoulos, N.: Optimal verification of operations on dynamic sets. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol. 6841, pp. 91–110. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  22. 22.
    Preparata, F.P., Shamos, M.I.: Computational Geometry - An Introduction. Springer (1985)Google Scholar
  23. 23.
    Shi, E., Chan, T.H.H., Stefanov, E., Li, M.: Oblivious RAM with o((logn)3) worst-case cost. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 197–214. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  24. 24.
    Stefanov, E., Shi, E., Song, D.: Towards Practical Oblivious RAM. In: Proceedings of the 19th Network and Distributed System Security Symposium, NDSS 2012 (2012)Google Scholar
  25. 25.
    Tamassia, R.: Authenticated data structures. In: Di Battista, G., Zwick, U. (eds.) ESA 2003. LNCS, vol. 2832, pp. 2–5. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  26. 26.
    Zobel, J., Moffat, A.: Inverted files for text search engines. ACM Comput. Surv. 38(2) (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Olga Ohrimenko
    • 1
  • Hobart Reynolds
    • 1
  • Roberto Tamassia
    • 1
  1. 1.Brown UniversityProvidenceUSA

Personalised recommendations