Abstract
In recent years, a number of attacks have been developed that can reconstruct encrypted one-dimensional databases that support range queries under the persistent passive adversary model. These attacks allow an (honest but curious) adversary (such as the cloud provider) to find the order of the elements in the database and, in some cases, to even reconstruct the database itself.
In this paper we present two mitigation techniques to make it harder for the adversary to reconstruct the database. The first technique makes it impossible for an adversary to reconstruct the values stored in the database with an error smaller than k, for k chosen by the client. By fine-tuning k, the user can increase the adversary’s error at will.
The second technique is targeted towards adversaries who have managed to learn the distribution of the queries issued. Such adversaries may be able to reconstruct most of the database after seeing a very small (i.e. poly-logarithmic) number of queries. To neutralize such adversaries, our technique turns the database to a circular buffer. All known techniques that exploit knowledge of distribution fail, and no technique can determine which record is first (or last) based on access pattern leakage.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Depending on the distribution, WQ may need to issue several queries. For the purposes of discussion, at this point we assume that just one extra query \([a',b']\) is issued.
- 2.
Actually, the same should be true for all combinations of values \(v_i\) and \(v_j\) as we will later show.
- 3.
If we issued queries one by one, the last query issued would always be a normal query.
- 4.
The reader might wonder that since there are five values (1 to 5), then each value should have probability 1/5 (not 3/5) to appear in the query results. We should note however that these queries are range queries that return more than one value.
References
Agrawal, R., Kiernan, J., Srikant, R., Xu, Y.: Order preserving encryption for numeric data. In: Proceedings of the ACM International Conference on Management of Data, SIGMOD (2004)
Bellare, M., Boldyreva, A., O’Neill, A.: Deterministic and efficiently searchable encryption. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 535–552. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74143-5_30
Boldyreva, A., Chenette, N., Lee, Y., O’Neill, A.: Order-preserving symmetric encryption. In: Joux, A. (ed.) EUROCRYPT 2009. LNCS, vol. 5479, pp. 224–241. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01001-9_13
Cash, D., Grubbs, P., Perry, J., Ristenpart, T.: Leakage-abuse attacks against searchable encryption. In: Proceedings of the ACM Conference on Computer and Communications Security, CCS (2015)
Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for Boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_20
Chang, Y.-C., Mitzenmacher, M.: Privacy preserving keyword searches on remote encrypted data. In: Ioannidis, J., Keromytis, A., Yung, M. (eds.) ACNS 2005. LNCS, vol. 3531, pp. 442–455. Springer, Heidelberg (2005). https://doi.org/10.1007/11496137_30
Chase, M., Kamara, S.: Structured encryption and controlled disclosure. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 577–594. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17373-8_33
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: Improved definitions and efficient constructions. In: Proceedings of the ACM Conference on Computer and Communications Security, CCS (2006)
Curtmola, R., Garay, J., Kamara, S., Ostrovsky, R.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
Demertzis, I., Papadopoulos, S., Papapetrou, O., Deligiannakis, A., Garofalakis, M.: Practical private range search revisited. In: Proceedings of the ACM International Conference on Management of Data, SIGMOD (2016)
Faber, S., Jarecki, S., Krawczyk, H., Nguyen, Q., Rosu, M., Steiner, M.: Rich queries on encrypted data: beyond exact matches. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 123–145. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24177-7_7
Gentry, C.: Computing arbitrary functions of encrypted data. Commun. ACM 53, 97–105 (2010)
Gentry, C., Boneh, D.: A Fully Homomorphic Encryption Scheme, vol. 20, no. 09. Stanford university, Stanford (2009)
Goh, E.J.: Secure indexes. Cryptology ePrint Archive, Report 2003/216 (2003). https://eprint.iacr.org/2003/216
Goldreich, O.: Towards a theory of software protection and simulation by oblivious RAMs. In: Proceedings of the ACM Symposium on Theory of Computing, STOC (1987)
Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game. In: Proceedings of the ACM Symposium on Theory of Computing, STOC (1987)
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious rams. J. ACM (JACM) 43(3), 431–473 (1996)
Granboulan, L., Pornin, T.: Perfect block ciphers with small blocks. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 452–465. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74619-5_28
Grubbs, P., Lacharite, M.S., Minaud, B., Paterson, K.G.: Pump up the volume: practical database reconstruction from volume leakage on range queries. In: Proceedings of the ACM Conference on Computer and Communications Security, CCS (2018)
Grubbs, P., Lacharité, M.S., Minaud, B., Paterson, K.G.: Learning to reconstruct: statistical learning theory and encrypted database attacks. Cryptology ePrint Archive, Report 2019/011 (2019). https://eprint.iacr.org/2019/011
Grubbs, P., Ristenpart, T., Shmatikov, V.: Why your encrypted database is not secure. In: Proceedings of the Workshop on Hot Topics in Operating Systems, HotOS (2017)
Grubbs, P., Sekniqi, K., Bindschaedler, V., Naveed, M., Ristenpart, T.: Leakage-abuse attacks against order-revealing encryption. In: Proceedings of IEEE Symposium on Security and Privacy, SP (2017)
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, CCS (2012)
Kellaris, G., Kollios, G., Nissim, K., O’Neill, A.: Generic attacks on secure outsourced databases. In: Proceedings of the ACM Conference on Computer and Communications Security, CCS (2016)
Kornaropoulos, E.M., Papamanthou, C., Tamassia, R.: Data recovery on encrypted databases with \(k\)-nearest neighbor query leakage. In: Proceedings of the IEEE Symposium on Security and Privacy, SP (2019)
Kornaropoulos, E.M., Papamanthou, C., Tamassia, R.: The state of the uniform: attacks on encrypted databases beyond the uniform query distribution. Cryptology ePrint Archive, Report 2019/441 (2019). https://eprint.iacr.org/2019/441
Kornaropoulos, E.M., Papamanthou, C., Tamassia, R.: The state of the uniform: attacks on encrypted databases beyond the uniform query distribution. In: Proceedings of the IEEE Symposium on Security and Privacy, SP (2020, to appear)
Lacharité, M.S., Minaud, B., Paterson, K.G.: Improved reconstruction attacks on encrypted data using range query leakage. In: Proceedings of the IEEE Symposium on Security and Privacy, SP (2018)
Markatou, E.A., Tamassia, R.: Full database reconstruction with access and search pattern leakage. Cryptology ePrint Archive, Report 2019/395 (2019). https://eprint.iacr.org/2019/395
Morris, B., Rogaway, P., Stegers, T.: Deterministic encryption with the Thorp shuffle. J. Cryptol. 31(2), 521–536 (2018)
Pandey, O., Rouselakis, Y.: Property preserving symmetric encryption. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 375–391. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_23
Pappas, V., et al.: Blind seer: a scalable private DBMS. In: Proceedings of the IEEE Symposium on Security and Privacy, SP (2014)
Poddar, R., Boelter, T., Popa, R.A.: Arx: a strongly encrypted database system. IACR Cryptology ePrint Archive 2016/591 (2016)
Pouliot, D., Wright, C.V.: The shadow nemesis: inference attacks on efficiently deployable, efficiently searchable encryption. In: Proceedings of the ACM Conference on Computer and Communications Security, CCS (2016)
Song, D.X., Wagner, D., Perrig, A.: Practical techniques for searches on encrypted data. In: Proceeding of IEEE Symposium on Security and Privacy, SP (2000)
Vaikuntanathan, V.: Computing blindfolded: new developments in fully homomorphic encryption. In: Proceedings of the IEEE Symposium on Foundations of Computer Science, FOCS (2011)
Yao, A.C.: Protocols for secure computations. In: Proceedings of the IEEE Symposium on Foundations of Computer Science, FOCS (1982)
Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. In: Proceeding of the USENIX Security Symposium (2016)
Acknowledgments
We are grateful to Arkady Yerukhimovich for valuable comments and suggestions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Markatou, E.A., Tamassia, R. (2019). Mitigation Techniques for Attacks on 1-Dimensional Databases that Support Range Queries. In: Lin, Z., Papamanthou, C., Polychronakis, M. (eds) Information Security. ISC 2019. Lecture Notes in Computer Science(), vol 11723. Springer, Cham. https://doi.org/10.1007/978-3-030-30215-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-030-30215-3_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-30214-6
Online ISBN: 978-3-030-30215-3
eBook Packages: Computer ScienceComputer Science (R0)