skip to main content
10.1145/2810103.2813700acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Public Access

Leakage-Abuse Attacks Against Searchable Encryption

Published: 12 October 2015 Publication History

Abstract

Schemes for secure outsourcing of client data with search capability are being increasingly marketed and deployed. In the literature, schemes for accomplishing this efficiently are called Searchable Encryption (SE). They achieve high efficiency with provable security by means of a quantifiable leakage profile. However, the degree to which SE leakage can be exploited by an adversary is not well understood.
To address this, we present a characterization of the leakage profiles of in-the-wild searchable encryption products and SE schemes in the literature, and present attack models based on an adversarial server's prior knowledge. Then we empirically investigate the security of searchable encryption by providing query recovery and plaintext recovery attacks that exploit these leakage profiles. We term these leakage-abuse attacks and demonstrate their effectiveness for varying leakage profiles and levels of server knowledge, for realistic scenarios. Amongst our contributions are realistic active attacks which have not been previously explored.

References

[1]
Enron email dataset. https://www.cs.cmu.edu/~./enron/. Accessed: 2015-05--13.
[2]
Bitglass. Security, Compliance, and Encryption. http://www.bitglass.com/solutions/salesforce-encryption.
[3]
D. Cash, J. Jaeger, S. Jarecki, C. S. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Dynamic searchable encryption in very-large databases: Data structures and implementation. In NDSS~2014, San Diego, California, USA, Feb. 23--26, 2014. The Internet Society.
[4]
D. Cash, S. Jarecki, C. S. Jutla, H. Krawczyk, M.-C. Rosu, and M. Steiner. Highly-scalable searchable symmetric encryption with support for boolean queries. In R. Canetti and J. A. Garay, editors, CRYPTO~2013, Part I, volume 8042 of LNCS, pages 353--373, Santa Barbara, CA, USA, Aug. 18--22, 2013. Springer, Berlin, Germany.
[5]
CipherCloud. Cloud Data Encryption. http://www.ciphercloud.com/technologies/encryption/.
[6]
R. Curtmola, J. A. Garay, S. Kamara, and R. Ostrovsky. Searchable symmetric encryption: improved definitions and efficient constructions. In A. Juels, R. N. Wright, and S. Vimercati, editors, ACM CCS 06, pages 79--88, Alexandria, Virginia, USA, Oct. 30~--~Nov. 3, 2006. ACM Press.
[7]
O. Goldreich and R. Ostrovsky. Software protection and simulation on oblivious RAMs. Journal of the ACM, 43(3):431--473, 1996.
[8]
W. He, D. Akhawe, S. Jain, E. Shi, and D. Song. Shadowcrypt: Encrypted web applications for everyone. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pages 1028--1039. ACM, 2014.
[9]
M. S. Islam, M. Kuzu, and M. Kantarcioglu. Access pattern disclosure on searchable encryption: Ramification, attack and mitigation. In 19th Annual Network and Distributed System Security Symposium, NDSS 2012. The Internet Society, 2012.
[10]
S. Kamara and C. Papamanthou. Parallel and dynamic searchable symmetric encryption. In A.-R. Sadeghi, editor, FC 2013, volume 7859 of LNCS, pages 258--274, Okinawa, Japan, Apr. 1--5, 2013. Springer, Berlin, Germany.
[11]
S. Kamara, C. Papamanthou, and T. Roeder. Dynamic searchable symmetric encryption. In T. Yu, G. Danezis, and V. D. Gligor, editors, ACM CCS 12, pages 965--976, Raleigh, NC, USA, Oct. 16--18, 2012. ACM Press.
[12]
K. Kurosawa. Garbled searchable symmetric encryption. In N. Christin and R. Safavi-Naini, editors, FC 2014, volume 8437 of LNCS, pages 234--251, Christ Church, Barbados, Mar. 3--7, 2014. Springer, Berlin, Germany.
[13]
K. Kurosawa and Y. Ohtaki. How to update documents verifiably in searchable symmetric encryption. In M. Abdalla, C. Nita-Rotaru, and R. Dahab, editors, CANS 13, volume 8257 of LNCS, pages 309--328, Paraty, Brazil, Nov. 20--22, 2013. Springer, Berlin, Germany.
[14]
B. Lau, S. Chung, C. Song, Y. Jang, W. Lee, and A. Boldyreva. Mimesis aegis: A mimicry privacy shield--a systems approach to data privacy on public cloud. In Proceedings of the 23rd USENIX conference on Security Symposium, pages 33--48. USENIX Association, 2014.
[15]
M. Naveed, M. Prabhakaran, and C. A. Gunter. Dynamic searchable encryption via blind storage. In 2014 IEEE Symposium on Security and Privacy, pages 639--654, Berkeley, California, USA, May~18--21, 2014. IEEE Computer Society Press.
[16]
W. Ogata, K. Koiwa, A. Kanaoka, and S. Matsuo. Toward practical searchable symmetric encryption. In K. Sakiyama and M. Terada, editors, IWSEC 13, volume 8231 of LNCS, pages 151--167, Okinawa, Japan, 2013. Springer, Berlin, Germany.
[17]
I. Skyhigh~Networks. Skyhigh for Salesforce. https://www.skyhighnetworks.com/product/salesforce-encryption/.
[18]
D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In 2000 IEEE Symposium on Security and Privacy, Berkeley, California, USA, May 14--17, 2000, pages 44--55. IEEE Computer Society, 2000.
[19]
D. X. Song, D. Wagner, and A. Perrig. Practical techniques for searches on encrypted data. In 2000 IEEE Symposium on Security and Privacy, pages 44--55, Oakland, California, USA, May 2000. IEEE Computer Society Press.
[20]
E. Stefanov, C. Papamanthou, and E. Shi. Practical dynamic searchable encryption with small leakage. In NDSS~2014, San Diego, California, USA, Feb. 23--26, 2014. The Internet Society.

Cited By

View all
  • (2024)Performing Encrypted Cloud Data Keyword Searches Using Blockchain Technology on Smart DevicesBasrah Researches Sciences10.56714/bjrs.50.1.2450:1(17)Online publication date: 30-Jun-2024
  • (2024)MUSESProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699045(2581-2598)Online publication date: 14-Aug-2024
  • (2024)Exploiting Hidden Information Leakages in Backward Privacy for Dynamic Searchable Symmetric EncryptionApplied Sciences10.3390/app1406228714:6(2287)Online publication date: 8-Mar-2024
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CCS '15: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security
October 2015
1750 pages
ISBN:9781450338325
DOI:10.1145/2810103
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 October 2015

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. leakage
  2. searchable encryption
  3. vulnerabilities

Qualifiers

  • Research-article

Funding Sources

Conference

CCS'15
Sponsor:

Acceptance Rates

CCS '15 Paper Acceptance Rate 128 of 660 submissions, 19%;
Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)497
  • Downloads (Last 6 weeks)90
Reflects downloads up to 06 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Performing Encrypted Cloud Data Keyword Searches Using Blockchain Technology on Smart DevicesBasrah Researches Sciences10.56714/bjrs.50.1.2450:1(17)Online publication date: 30-Jun-2024
  • (2024)MUSESProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3699045(2581-2598)Online publication date: 14-Aug-2024
  • (2024)Exploiting Hidden Information Leakages in Backward Privacy for Dynamic Searchable Symmetric EncryptionApplied Sciences10.3390/app1406228714:6(2287)Online publication date: 8-Mar-2024
  • (2024)SecretFlow-SCQL: A Secure Collaborative Query PlatformProceedings of the VLDB Endowment10.14778/3685800.368582117:12(3987-4000)Online publication date: 8-Nov-2024
  • (2024)Revisiting frequency-smoothing encryption: new security definitions and efficient constructionCybersecurity10.1186/s42400-024-00208-w7:1Online publication date: 1-Aug-2024
  • (2024)Evaluating Leakage Attacks Against Relational Encrypted SearchProceedings of the 2024 on Cloud Computing Security Workshop10.1145/3689938.3694776(15-28)Online publication date: 19-Nov-2024
  • (2024)PathGES: An Efficient and Secure Graph Encryption Scheme for Shortest Path QueriesProceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security10.1145/3658644.3670305(4047-4061)Online publication date: 2-Dec-2024
  • (2024)Single Round-trip Hierarchical ORAM via Succinct IndicesProceedings of the 19th ACM Asia Conference on Computer and Communications Security10.1145/3634737.3656290(1644-1659)Online publication date: 1-Jul-2024
  • (2024)Secure, Dynamic, and Efficient Keyword Search With Flexible Merging for Cloud StorageIEEE Transactions on Services Computing10.1109/TSC.2024.344255817:5(2822-2835)Online publication date: Sep-2024
  • (2024)Opca: Enabling Optimistic Concurrent Access for Multiple Users in Oblivious Data StorageIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2024.344162335:11(1891-1903)Online publication date: Nov-2024
  • Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media