An In-Depth Analysis on Efficiency and Vulnerabilities on a Cloud-Based Searchable Symmetric Encryption Solution

Searchable Symmetric Encryption (SSE) has come to be as an integral cryptographic approach in a world where digital privacy is essential. The capacity to search through encrypted data whilst maintaining its integrity meets the most important demand for security and confidentiality in a society that is increasingly dependent on cloud-based services and data storage. SSE offers efficient processing of queries over encrypted datasets, allowing entities to comply with data privacy rules while preserving database usability. Our research goes into this need, concentrating on the development and thorough testing of an SSE system based on Curtmola’s architecture and employing Advanced Encryption Standard (AES) in Cypher Block Chaining (CBC) mode. A primary goal of the research is to conduct a thorough evaluation of the security and performance of the system. In order to assess search performance, a variety of database settings were extensively tested, and the system's security was tested by simulating intricate threat scenarios such as count attacks and leakage abuse. The efficiency of operation and cryptographic robustness of the SSE system are critically examined by these reviews

Leakage-Abuse Attacks Against Forward and Backward Private Searchable Symmetric Encryption

Dynamic searchable symmetric encryption (DSSE) enables a server to efficiently search and update over encrypted files. To minimize the leakage during updates, a security notion named forward and backward privacy is expected for newly proposed DSSE schemes. Those schemes are generally constructed in a way to break the linkability across search and update queries to a given keyword. However, it remains underexplored whether forward and backward private DSSE is resilient against practical leakage-abuse attacks (LAAs), where an attacker attempts to recover query keywords from the leakage passively collected during queries. In this paper, we aim to be the first to answer this question firmly through two non-trivial efforts. First, we revisit the spectrum of forward and backward private DSSE schemes over the past few years, and unveil some inherent constructional limitations in most schemes. Those limitations allow attackers to exploit query equality and establish a guaranteed linkage among different (refreshed) query tokens surjective to a candidate keyword. Second, we refine volumetric leakage profiles of updates and queries by associating each with a specific operation. By further exploiting update volume and query response volume, we demonstrate that all forward and backward private DSSE schemes can leak the same volumetric information (e.g., insertion volume, deletion volume) as those without such security guarantees. To testify our findings, we realize two generic LAAs, i.e., frequency matching attack and volumetric inference attack, and we evaluate them over various experimental settings in the dynamic context. Finally, we call for new efficient schemes to protect query equality and volumetric information across search and update queries.Comment: A short version of this paper has been accepted to the 30th ACM Conference on Computer and Communications Security (CCS'23

Differentially Private Searchable Symmetric Encryption Scheme with Configurable Pattern Leakage

Searchable symmetric encryption (SSE) allows a data owner to outsource its data to a cloud server while maintaining the ability to search over it. Most existing SSE schemes leak access-pattern leakage, and thus are vulnerable to attacks like the IKK attack. Oblivious RAM and PIR can be used to construct SSE schemes that fully hide access patterns. However, such schemes su er from heavy communication overhead or computation overhead making them impractical. Chen et al. proposed an obfuscation mechanism to protect existing SSE schemes against access-pattern leakage. This mechanism can produce di erentially private access patterns per keyword. However, it cannot hide whether or not the same keyword is being searched multiple times or, in other words, the search patterns, making this mechanism vulnerable to search-pattern attacks. In this thesis, we propose a stronger security de nition for di erentially private searchable symmetric encryption schemes and present a real construction, DP-SSE, ful lling it. On the one hand, DP-SSE is adaptively semantically secure and provides di erential privacy for both keywords and documents implying search-pattern hiding and access-pattern hiding, respectively. On the other hand, DP-SSE has communication overhead as small as O(log log n) and computation complexity of O(n log log n) when querying relatively frequent keyword w. When assuming queries follow Zip an distribution, the amortized communication overhead would be O(log n log log n). By replicating the IKK attack, we show that DP-SSE can actually hide access patterns and make it di cult to extract useful information from di erentially private access-pattern leakage. Finally, we perform KMeans clustering, we were able to show that inferring search patterns from di erentially private access-pattern leakage is di cult, namely search patterns are hidden