161 research outputs found
Privacy-Preserving Genetic Relatedness Test
An increasing number of individuals are turning to Direct-To-Consumer (DTC)
genetic testing to learn about their predisposition to diseases, traits, and/or
ancestry. DTC companies like 23andme and Ancestry.com have started to offer
popular and affordable ancestry and genealogy tests, with services allowing
users to find unknown relatives and long-distant cousins. Naturally, access and
possible dissemination of genetic data prompts serious privacy concerns, thus
motivating the need to design efficient primitives supporting private genetic
tests. In this paper, we present an effective protocol for privacy-preserving
genetic relatedness test (PPGRT), enabling a cloud server to run relatedness
tests on input an encrypted genetic database and a test facility's encrypted
genetic sample. We reduce the test to a data matching problem and perform it,
privately, using searchable encryption. Finally, a performance evaluation of
hamming distance based PP-GRT attests to the practicality of our proposals.Comment: A preliminary version of this paper appears in the Proceedings of the
3rd International Workshop on Genome Privacy and Security (GenoPri'16
Searchable atribute-based mechanism with efficiient data sharing for secure cloud storage
To date, the growth of electronic personal data leads to a trend that data owners prefer to remotely outsource their data to clouds for the enjoyment of the high-quality retrieval and storage service without worrying the burden of local data management and maintenance. However, secure share and search for the outsourced data is a formidable task, which may easily incur the leakage of sensitive personal information. Efficient data sharing and searching with security is of critical importance. This paper, for the first time, proposes a searchable attribute-based proxy re-encryption system. When compared to existing systems only supporting either searchable attribute-based functionality or attribute-based proxy re-encryption, our new primitive supports both abilities and provides flexible keyword update service. Specifically, the system enables a data owner to efficiently share his data to a specified group of users matching a sharing policy and meanwhile, the data will maintain its searchable property but also the corresponding search keyword(s) can be updated after the data sharing. The new mechanism is applicable to many real-world applications, such as electronic health record systems. It is also proved chosen ciphertext secure in the random oracle model
Low-Frequency Black-Box Backdoor Attack via Evolutionary Algorithm
While convolutional neural networks (CNNs) have achieved success in computer
vision tasks, it is vulnerable to backdoor attacks. Such attacks could mislead
the victim model to make attacker-chosen prediction with a specific trigger
pattern. Until now, the trigger injection of existing attacks is mainly limited
to spatial domain. Recent works take advantage of perceptual properties of
planting specific patterns in the frequency domain, which only reflect
indistinguishable pixel-wise perturbations in pixel domain. However, in the
black-box setup, the inaccessibility of training process often renders more
complex trigger designs. Existing frequency attacks simply handcraft the
magnitude of spectrum, introducing anomaly frequency disparities between clean
and poisoned data and taking risks of being removed by image processing
operations (such as lossy compression and filtering). In this paper, we propose
a robust low-frequency black-box backdoor attack (LFBA), which minimally
perturbs low-frequency components of frequency spectrum and maintains the
perceptual similarity in spatial space simultaneously. The key insight of our
attack restrict the search for the optimal trigger to low-frequency region that
can achieve high attack effectiveness, robustness against image transformation
defenses and stealthiness in dual space. We utilize simulated annealing (SA), a
form of evolutionary algorithm, to optimize the properties of frequency trigger
including the number of manipulated frequency bands and the perturbation of
each frequency component, without relying on the knowledge from the victim
classifier. Extensive experiments on real-world datasets verify the
effectiveness and robustness of LFBA against image processing operations and
the state-of-the-art backdoor defenses, as well as its inherent stealthiness in
both spatial and frequency space, making it resilient against frequency
inspection
FTA: Stealthy and Robust Backdoor Attack with Flexible Trigger on Federated Learning
Current backdoor attacks against federated learning (FL) strongly rely on
universal triggers or semantic patterns, which can be easily detected and
filtered by certain defense mechanisms such as norm clipping, comparing
parameter divergences among local updates. In this work, we propose a new
stealthy and robust backdoor attack with flexible triggers against FL defenses.
To achieve this, we build a generative trigger function that can learn to
manipulate the benign samples with an imperceptible flexible trigger pattern
and simultaneously make the trigger pattern include the most significant hidden
features of the attacker-chosen label. Moreover, our trigger generator can keep
learning and adapt across different rounds, allowing it to adjust to changes in
the global model. By filling the distinguishable difference (the mapping
between the trigger pattern and target label), we make our attack naturally
stealthy. Extensive experiments on real-world datasets verify the effectiveness
and stealthiness of our attack compared to prior attacks on decentralized
learning framework with eight well-studied defenses
File-Injection Attacks on Searchable Encryption, Based on Binomial Structures
One distinguishable feature of file-inject attacks on searchable encryption schemes is the 100% query recovery rate, i.e., confirming the corresponding keyword for each query. The main efficiency consideration of file-injection attacks is the number of injected files. In the work of Zhang et al. (USENIX 2016), injected files are required, each of which contains keywords for the keyword set . Based on the construction of the uniform -set, Wang et al. need fewer injected files when considering the threshold countermeasure. In this work, we propose a new attack that further reduces the number of injected files where Wang et al. need up to 38% more injections to achieve the same results. The attack is based on an increment -set, which is also defined in this paper
CCA-1 Secure Updatable Encryption with Adaptive Security
Updatable encryption (UE) enables a cloud server to update ciphertexts using client-generated tokens. There are two types of UE: ciphertext-independent (c-i) and ciphertext-dependent (c-d). In terms of construction and efficiency, c-i UE utilizes a single token to update all ciphertexts. The update mechanism relies mainly on the homomorphic properties of exponentiation, which limits the efficiency of encryption and updating. Although c-d UE may seem inconvenient as it requires downloading parts of the ciphertexts during token generation, it allows for easy implementation of the Dec-then-Enc structure. This methodology significantly simplifies the construction of the update mechanism. Notably, the c-d UE scheme proposed by Boneh et al. (ASIACRYPT’20) has been reported to be 200 times faster than prior UE schemes based on DDH hardness, which is the case for most existing c-i UE schemes. Furthermore, c-d UE ensures a high level of security as the token does not reveal any information about the key, which is difficult for c-i UE to achieve. However, previous security studies on c-d UE only addressed selective security; the studies for adaptive security remain an open problem.
In this study, we make three significant contributions to ciphertextdependent updatable encryption (c-d UE). Firstly, we provide stronger security notions compared to previous work, which capture adaptive security and also consider the adversary’s decryption capabilities under the adaptive corruption setting. Secondly, we propose a new c-d UE scheme that achieves the proposed security notions. The token generation technique significantly differs from the previous Dec-then-Enc structure, while still preventing key leakages. At last, we introduce a packing technique that enables the simultaneous encryption and updating of multiple messages within a single ciphertext. This technique helps alleviate the cost of c-d UE by reducing the need to download partial ciphertexts during token generation
Inject Less, Recover More: Unlocking the Potential of Document Recovery in Injection Attacks Against SSE
Searchable symmetric encryption has been vulnerable to inference attacks that rely on uniqueness in leakage patterns. However, many keywords in datasets lack distinctive leakage patterns, limiting the effectiveness of such attacks. The file injection attacks, initially proposed by Cash et al. (CCS 2015), have shown impressive performance with 100% accuracy and no prior knowledge requirement. Nevertheless, this attack fails to recover queries with underlying keywords not present in the injected files. To address these limitations, our research introduces a novel attack strategy called LEAP-Hierarchical Fusion Attack (LHFA) that combines the strengths of both file injection attacks and inference attacks. Before initiating keyword injection, we introduce a new approach for inert/active keyword selection. In the phase of selecting injected keywords, we focus on keywords without unique leakage patterns and recover them, leveraging their presence for document recovery. Our goal is to achieve an amplified effect in query recovery. We demonstrate a minimum query recovery rate of 1.3 queries per injected keyword with a 10% data leakage of a real-life dataset, and initiate further research to overcome challenges associated with non-distinctive keywords
Similar Data is Powerful: Enhancing Inference Attacks on SSE with Volume Leakages
Searchable symmetric encryption (SSE) schemes provide users with the ability to perform keyword searches on encrypted databases without the need for decryption. While this functionality is advantageous, it introduces the potential for inadvertent information disclosure, thereby exposing SSE systems to various types of attacks. In this work, we introduce a new inference attack aimed at enhancing the query recovery accuracy of RefScore (presented at USENIX 2021). The proposed approach capitalizes on both similar data knowledge and an additional volume leakage as auxiliary information, facilitating the extraction of keyword matches from leaked data. Empirical evaluations conducted on multiple real-world datasets demonstrate a notable enhancement in query recovery accuracy, up to 19.5%. We also analyze the performance of the proposed attack in the presence of diverse countermeasures
- …