Practical Volume-Based Attacks on Encrypted Databases

Poddar, Rishabh; Wang, Stephanie; Lu, Jianan; Popa, Raluca Ada

doi:10.1109/eurosp48549.2020.00030

Cited by 20 publications

(11 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Mitigating Other Attacks. Existing attacks can be classified into: known-data/query attacks [5,10,23], inference attacks [21,33,34,41], and injection attacks [40,54]. For the first two types, the adversary is passive and requires an amount of auxiliary information, such as a subset of target databases/queries or a statistical distribution similar to the target databases/queries.…”

Section: Security Of Hdxtmentioning

confidence: 99%

Result-pattern-hiding Conjunctive Searchable Symmetric Encryption with Forward and Backward Privacy

Yuan

Zuo

Cui

et al. 2023

PoPETs

View full text Add to dashboard Cite

Dynamic searchable symmetric encryption (DSSE) enables the data owner to outsource its database (document sets) to an untrusted server and make searches and updates securely and efficiently. Conjunctive DSSE can process conjunctive queries that return the documents containing multiple keywords. However, a conjunctive search could leak the keyword pair result pattern (KPRP), where attackers can learn which documents contain any two keywords involved in the query. File-injection attack shows that KPRP can be utilized to recover searched keywords. To protect data effectively, DSSE should also achieve forward privacy, i.e., hides the link between updates to previous searches, and backward privacy, i.e., prevents deleted entries being accessed by subsequent searches. Otherwise, the attacker could recover updated/searched keywords and records. However, no conjunctive DSSE scheme in the literature can hide KPRP in sub-linear search efficiency while guaranteeing forward and backward privacy. In this work, we propose the first sub-linear KPRP-hiding conjunctive DSSE scheme (named HDXT) with both forward and backward privacy guarantees. To achieve these three security properties, we introduce a new cryptographic primitive: Attribute-updatable Hidden Map Encryption (AUHME). AUHME enables HDXT to efficiently and securely perform conjunctive queries and update the database in an oblivious way. In comparison with previous work that has weaker security guarantees, HDXT shows comparable, and in some cases, even better performance.

show abstract

Section: Security Of Hdxtmentioning

confidence: 99%

Result-pattern-hiding Conjunctive Searchable Symmetric Encryption with Forward and Backward Privacy

Yuan

Zuo

Cui

et al. 2023

PoPETs

View full text Add to dashboard Cite

show abstract

“…Those attacks aim to improve plaintext recovery rate without pre-fixed query distribution. There are also recent attacks that purely exploit size pattern leakage [21], [22], [23], [24], [25]. In summary, forward and backward private SSE schemes are still vulnerable to many leakage-abuse attacks.…”

Section: Leakages and Attacks Of Dssementioning

confidence: 99%

“…In particular, Blackstone et al [21] proposed attacks that rely on much weaker assumptions by only exploiting document size information, which can be applied not only to SSE with standard leakage but also to ORAM. Similarly, several attacks [22], [23], [24], [25] to encrypted database that only exploit size pattern leakage were also proposed. All these attacks emphasize that even seemingly harmless size pattern can be used to perform severe attacks.…”

Section: Ignored Size Pattern Leakagementioning

confidence: 99%

Eurus: Towards an Efficient Searchable Symmetric Encryption With Size Pattern Protection

Liu

Huang

Song

et al. 2022

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

To achieve efficiently search and update on outsourced encrypted data, dynamic searchable symmetric encryption (DSSE) was proposed by just leaking some well-defined leakages. Though small, many recent works show that an attacker can exploit these leakages to undermine the security of existing DSSE schemes. In particular, an attacker can exploit even seemingly harmless size pattern to perform severe attacks. Many exiting schemes resort to oblivious RAM (ORAM) to hide search/access pattern; however, even such powerful cryptographic primitive cannot protect size pattern leakage. In this paper, we first show that size pattern can lead to more information leakages, which is not well studied or protected by existing schemes. We then extend the existing privacy notion for DSSE to capture the size pattern leakage, achieving a strong forward and backward privacy definition. Following the definition, we propose a new DSSE scheme Eurus. Eurus can eliminate search/access pattern by relying on a multi-server ORAM scheme, meanwhile reducing size pattern with reasonable efficiency. We show that Eurus can reduce leakage significantly with better efficiency, compared with state-of-the-art leakage reduction schemes.

show abstract

“…Since their inception [8,34], many authors have proposed SSE schemes with different privacy and utility trade-offs. Design-ing SSE schemes without access pattern leakage implies leveraging expensive primitives such as ORAM [11] or PIR [7], which incurs expensive bandwidth, computational, and storage costs, while still being vulnerable to certain volume-based attacks [14,19,30]. In this work we target efficient and deployable SSE schemes that leak the access and search patterns [2,4,5,8,16,18,21,22,26,27,34,35].…”

Section: Related Workmentioning

confidence: 99%

IHOP: Improved Statistical Query Recovery against Searchable Symmetric Encryption through Quadratic Optimization

Oya¹,

Kerschbaum²

2021

Preprint

View full text Add to dashboard Cite

Searchable Symmetric Encryption (SSE) schemes allow a client to perform secure searches over encrypted databases on a remote server. These schemes leak certain information that an honest-but-curious service provider can use to recover the keywords of the client's queries. Effective query recovery attacks typically rely on auxiliary ground-truth information about the queries or dataset. Query recovery is also possible under the weaker statistical auxiliary information assumption, although statistical-based attacks achieve lower accuracy and are not considered a serious threat. In this work we present IHOP, a statistical-based query recovery attack that formulates query recovery as a quadratic optimization problem and reaches a solution by iterating over linear assignment problems. We show that IHOP outperforms all other statisticalbased query recovery attacks on SSE schemes with typical access and search pattern leakage, reaching query recovery accuracies around 80% and 90%. We adapt IHOP against accesspattern obfuscation defenses and show that it still achieves reasonable recovery rates, outperforming existing attacks in this scenario. Finally, we use IHOP in a frequency-only leakage setting where the client's queries are correlated, and show that our attack can exploit query dependencies even when PANCAKE, a recent frequency-hiding defense by Grubbs et al., is applied. Our findings indicate that statistical query recovery attacks pose a severe threat to privacy-preserving SSE schemes.

show abstract

Practical Volume-Based Attacks on Encrypted Databases

Cited by 20 publications

References 46 publications

Result-pattern-hiding Conjunctive Searchable Symmetric Encryption with Forward and Backward Privacy

Result-pattern-hiding Conjunctive Searchable Symmetric Encryption with Forward and Backward Privacy

Eurus: Towards an Efficient Searchable Symmetric Encryption With Size Pattern Protection

IHOP: Improved Statistical Query Recovery against Searchable Symmetric Encryption through Quadratic Optimization

Contact Info

Product

Resources

About