skip to main content
10.1145/2810103.2813700acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Public Access

Leakage-Abuse Attacks Against Searchable Encryption

Published:12 October 2015Publication History

ABSTRACT

Schemes for secure outsourcing of client data with search capability are being increasingly marketed and deployed. In the literature, schemes for accomplishing this efficiently are called Searchable Encryption (SE). They achieve high efficiency with provable security by means of a quantifiable leakage profile. However, the degree to which SE leakage can be exploited by an adversary is not well understood.

To address this, we present a characterization of the leakage profiles of in-the-wild searchable encryption products and SE schemes in the literature, and present attack models based on an adversarial server's prior knowledge. Then we empirically investigate the security of searchable encryption by providing query recovery and plaintext recovery attacks that exploit these leakage profiles. We term these leakage-abuse attacks and demonstrate their effectiveness for varying leakage profiles and levels of server knowledge, for realistic scenarios. Amongst our contributions are realistic active attacks which have not been previously explored.

References

  1. Enron email dataset. https://www.cs.cmu.edu/~./enron/. Accessed: 2015-05--13.Google ScholarGoogle Scholar
  2. Bitglass. Security, Compliance, and Encryption. http://www.bitglass.com/solutions/salesforce-encryption.Google ScholarGoogle Scholar
  3. D. Cash, J. Jaeger, S. Jarecki, C. S. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Dynamic searchable encryption in very-large databases: Data structures and implementation. In NDSS~2014, San Diego, California, USA, Feb. 23--26, 2014. The Internet Society.Google ScholarGoogle ScholarCross RefCross Ref
  4. D. Cash, S. Jarecki, C. S. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In R. Canetti and J. A. Garay, editors, CRYPTO~2013, Part I, volume 8042 of LNCS, pages 353--373, Santa Barbara, CA, USA, Aug. 18--22, 2013. Springer, Berlin, Germany.Google ScholarGoogle Scholar
  5. CipherCloud. Cloud Data Encryption. http://www.ciphercloud.com/technologies/encryption/.Google ScholarGoogle Scholar
  6. R. Curtmola, J. A. Garay, S. Kamara, and R. Ostrovsky. Searchable symmetric encryption: improved definitions and efficient constructions. In A. Juels, R. N. Wright, and S. Vimercati, editors, ACM CCS 06, pages 79--88, Alexandria, Virginia, USA, Oct. 30~--~Nov. 3, 2006. ACM Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. O. Goldreich and R. Ostrovsky. Software protection and simulation on oblivious RAMs. Journal of the ACM, 43(3):431--473, 1996. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. W. He, D. Akhawe, S. Jain, E. Shi, and D. Song. Shadowcrypt: Encrypted web applications for everyone. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 1028--1039. ACM, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. M. S. Islam, M. Kuzu, and M. Kantarcioglu. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012. The Internet Society, 2012.Google ScholarGoogle Scholar
  10. S. Kamara and C. Papamanthou. Parallel and dynamic searchable symmetric encryption. In A.-R. Sadeghi, editor, FC 2013, volume 7859 of LNCS, pages 258--274, Okinawa, Japan, Apr. 1--5, 2013. Springer, Berlin, Germany.Google ScholarGoogle ScholarCross RefCross Ref
  11. S. Kamara, C. Papamanthou, and T. Roeder. Dynamic searchable symmetric encryption. In T. Yu, G. Danezis, and V. D. Gligor, editors, ACM CCS 12, pages 965--976, Raleigh, NC, USA, Oct. 16--18, 2012. ACM Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. K. Kurosawa. Garbled searchable symmetric encryption. In N. Christin and R. Safavi-Naini, editors, FC 2014, volume 8437 of LNCS, pages 234--251, Christ Church, Barbados, Mar. 3--7, 2014. Springer, Berlin, Germany.Google ScholarGoogle Scholar
  13. K. Kurosawa and Y. Ohtaki. How to update documents verifiably in searchable symmetric encryption. In M. Abdalla, C. Nita-Rotaru, and R. Dahab, editors, CANS 13, volume 8257 of LNCS, pages 309--328, Paraty, Brazil, Nov. 20--22, 2013. Springer, Berlin, Germany. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. B. Lau, S. Chung, C. Song, Y. Jang, W. Lee, and A. Boldyreva. Mimesis aegis: A mimicry privacy shield--a systems approach to data privacy on public cloud. In Proceedings of the 23rd USENIX conference on Security Symposium, pages 33--48. USENIX Association, 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. M. Naveed, M. Prabhakaran, and C. A. Gunter. Dynamic searchable encryption via blind storage. In 2014 IEEE Symposium on Security and Privacy, pages 639--654, Berkeley, California, USA, May~18--21, 2014. IEEE Computer Society Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. W. Ogata, K. Koiwa, A. Kanaoka, and S. Matsuo. Toward practical searchable symmetric encryption. In K. Sakiyama and M. Terada, editors, IWSEC 13, volume 8231 of LNCS, pages 151--167, Okinawa, Japan, 2013. Springer, Berlin, Germany.Google ScholarGoogle Scholar
  17. I. Skyhigh~Networks. Skyhigh for Salesforce. https://www.skyhighnetworks.com/product/salesforce-encryption/.Google ScholarGoogle Scholar
  18. D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In 2000 IEEE Symposium on Security and Privacy, Berkeley, California, USA, May 14--17, 2000, pages 44--55. IEEE Computer Society, 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In 2000 IEEE Symposium on Security and Privacy, pages 44--55, Oakland, California, USA, May 2000. IEEE Computer Society Press. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. E. Stefanov, C. Papamanthou, and E. Shi. Practical dynamic searchable encryption with small leakage. In NDSS~2014, San Diego, California, USA, Feb. 23--26, 2014. The Internet Society.Google ScholarGoogle ScholarCross RefCross Ref

Index Terms

  1. Leakage-Abuse Attacks Against Searchable Encryption

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in
        • Published in

          cover image ACM Conferences
          CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
          October 2015
          1750 pages
          ISBN:9781450338325
          DOI:10.1145/2810103

          Copyright © 2015 ACM

          Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

          Publisher

          Association for Computing Machinery

          New York, NY, United States

          Publication History

          • Published: 12 October 2015

          Permissions

          Request permissions about this article.

          Request Permissions

          Check for updates

          Qualifiers

          • research-article

          Acceptance Rates

          CCS '15 Paper Acceptance Rate128of660submissions,19%Overall Acceptance Rate1,261of6,999submissions,18%

          Upcoming Conference

          CCS '24
          ACM SIGSAC Conference on Computer and Communications Security
          October 14 - 18, 2024
          Salt Lake City , UT , USA

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader