Abstract
While Searchable Encryption (SE) is often used to support securely outsourcing sensitive data, many existing SE solutions usually expose certain information to facilitate better performance, which often leak sensitive information, e.g., search patterns are leaked due to observable query trapdoors. Several inference attacks have been designed to exploit such leakage, e.g., a query recovery attack can invert opaque query trapdoors to their corresponding keywords. However, most of these existing query recovery attacks assume that an adversary knows almost all plaintexts as prior knowledge in order to successfully map query trapdoors to plaintext keywords with a high probability. Such an assumption is usually impractical. In this paper, we propose new query recovery attacks in which an adversary only needs to have partial knowledge of the original plaintexts. We further develop a countermeasure to mitigate inference attacks on SE. Our experimental results demonstrate the feasibility and efficacy of our proposed scheme.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. J. ACM (JACM) 43(3), 431–473 (1996)
Bsch, C., Hartel, P., Jonker, W., et al.: A survey of provably secure searchable encryption. ACM Comput. Surv. (CSUR) 47(2), 18 (2015)
Curtmola, R., Garay, J., Kamara, S., et al.: Searchable symmetric encryption: improved definitions and efficient constructions. J. Comput. Secur. 19(5), 895–934 (2011)
He, W., Akhawe, D., Jain, S., et al.: Shadowcrypt: encrypted web applications for everyone. In: Proceedings of the 2014 ACM Special Interest Group on Security, Audit and Control, Scottsdale Arizona, USA, pp. 1028–1039 (2014)
Lau, B., Chung, S., Song, C., et al.: Mimesis aegis: a mimicry privacy shielda system’s approach to data privacy on public cloud. In: Proceedings of the 23rd USENIX Security Symposium, SanDiego California, USA, pp. 33–48 (2014)
Skyhigh Networks. https://www.skyhighnetworks.com/
CipherCloud. https://www.ciphercloud.com/
Islam, M.S., Kuzu, M., Kantarcioglu, M.: Access pattern disclosure on searchable encryption: ramification, attack and mitigation. In: NDSS, vol. 20, p. 12 (2012)
Cash, D., Grubbs, P., Perry, J., et al.: Leakage-abuse attacks against searchable encryption. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, pp. 668–679. ACM (2015)
Zhang, Y., Katz, J., Papamanthou, C.: All your queries are belong to us: the power of file-injection attacks on searchable encryption. IACR Cryptology ePrint Archive, 2016:172 (2016)
Pouliot, D., Wright, C.V.: The shadow nemesis: inference attacks on efficiently deployable, efficiently searchable encryption. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 1341–1352. ACM (2016)
Cash, D., Jarecki, S., Jutla, C., Krawczyk, H., Roşu, M.-C., Steiner, M.: Highly-scalable searchable symmetric encryption with support for boolean queries. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 353–373. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_20
Li, J., Wang, Q., Wang, C., et al.: Fuzzy keyword search over encrypted data in cloud computing. In: INFOCOM, 2010 Proceedings IEEE, pp. 1–5. IEEE (2010)
Kamara, S., Papamanthou, C., Roeder, T.: Dynamic searchable symmetric encryption. In: Proceedings of the 2012 ACM Conference on Computer and Communications Security, pp. 965–976. ACM (2012)
Bitglass. http://www.bitglass.com/
Virtru. http://www.virtru.com/
Enron Email Dataset. www.cs.cmu.edu/~./enron/. Accessed 13 May 2015
Porter, M.: An algorithm for suffix striping. Program 14(3), 130–137 (1980)
Common-English-Words. http://www.textfixer.com/tutorials/common-english-words.txt/
Gartner Report: How to Evaluate and Operate a Cloud Access Security Broker, 8 December 2015
Liu, C., Zhu, L., Wang, M., et al.: Search pattern leakage in searchable encryption: attacks and new construction. Inf. Sci. 265, 176–188 (2014)
Acknowledgments
This work is supported by the National High Technology Research and Development Program of China (863 Program) under Grant No. 2015AA016001, Production-Study-Research Cooperation Project in Guangdong Province under Grant No. 2016B090921001, Innovation projects in Shandong Province under Grant No. 2014ZZCX03411, and National Natural Science Foundation of China under Grant No. 61370068.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Wang, G., Liu, C., Dong, Y., Pan, H., Han, P., Fang, B. (2018). Query Recovery Attacks on Searchable Encryption Based on Partial Knowledge. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds) Security and Privacy in Communication Networks. SecureComm 2017. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 238. Springer, Cham. https://doi.org/10.1007/978-3-319-78813-5_27
Download citation
DOI: https://doi.org/10.1007/978-3-319-78813-5_27
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-78812-8
Online ISBN: 978-3-319-78813-5
eBook Packages: Computer ScienceComputer Science (R0)