Hiding the Access Pattern is Not Enough: Exploiting Search Pattern Leakage in Searchable Encryption
作者: Simon Oya , Florian Kerschbaum
DOI:
关键词:
摘要: Recent Searchable Symmetric Encryption (SSE) schemes enable secure searching over an encrypted database stored in a server while limiting the information leaked to server. These focus on hiding access pattern, which refers set of documents that match client's queries. This provides protection against current attacks largely depend this leakage succeed. However, most SSE constructions also leak whether or not two queries aim for same keyword, called search pattern. In work, we show pattern can severely undermine defenses. We propose attack leverages both and leakage, as well some background query distribution information, recover keywords performed by client. Our follows maximum likelihood estimation approach, is easy adapt defenses obfuscate empirically our efficient, it outperforms other proposed attacks, completely thwarts out three evaluate against, even when these are high privacy regimes. findings highlight feature lacking, key towards providing practical guarantees SSE.
arxiv.org
harvard.edu参考文章(27)
Mikhail Zaslavskiy, Francis Bach, Jean-Philippe Vert, A Path Following Algorithm for Graph Matching international conference on image and signal processing. pp. 329- 337 ,(2008) , 10.1007/978-3-540-69905-7_38
Omkant Pandey, Yannis Rouselakis, Property Preserving Symmetric Encryption Advances in Cryptology – EUROCRYPT 2012. pp. 375- 391 ,(2012) , 10.1007/978-3-642-29011-4_23
Oded Goldreich, Rafail Ostrovsky, Software protection and simulation on oblivious RAMs Journal of the ACM. ,vol. 43, pp. 431- 473 ,(1996) , 10.1145/233551.233553
David Cash, Paul Grubbs, Jason Perry, Thomas Ristenpart, Leakage-Abuse Attacks Against Searchable Encryption computer and communications security. pp. 668- 679 ,(2015) , 10.1145/2810103.2813700
Michael L. Fredman, Robert Endre Tarjan, Fibonacci heaps and their uses in improved network optimization algorithms Journal of the ACM. ,vol. 34, pp. 596- 615 ,(1987) , 10.1145/28869.28874
Cynthia Dwork, Differential privacy: a survey of results theory and applications of models of computation. ,vol. 4978, pp. 1- 19 ,(2008) , 10.1007/978-3-540-79228-4_1
Mingzhong Wang, Yu-an Tan, Chang Liu, Liehuang Zhu, Search pattern leakage in searchable encryption: Attacks and new construction Information Sciences. ,vol. 265, pp. 176- 188 ,(2014) , 10.1016/J.INS.2013.11.021
Reza Curtmola, Juan Garay, Seny Kamara, Rafail Ostrovsky, Searchable symmetric encryption: Improved definitions and efficient constructions Journal of Computer Security. ,vol. 19, pp. 895- 934 ,(2011) , 10.3233/JCS-2011-0426
B. Chor, O. Goldreich, E. Kushilevitz, M. Sudan, Private information retrieval foundations of computer science. pp. 41- 50 ,(1995) , 10.1109/SFCS.1995.492461
H. W. Kuhn, The Hungarian method for the assignment problem Naval Research Logistics Quarterly. ,vol. 2, pp. 83- 97 ,(1955) , 10.1002/NAV.3800020109