157 research outputs found
Dynamic Searchable Symmetric Encryption with Forward and Stronger Backward Privacy
Dynamic Searchable Symmetric Encryption (DSSE) enables a client to perform updates and searches on encrypted data which makes it very useful in practice. To protect DSSE from the leakage of updates (leading to break query or data privacy), two new security notions, forward and backward privacy, have been proposed recently. Although extensive attention has been paid to forward privacy, this is not the case for backward privacy. Backward privacy, first formally introduced by Bost et al., is classified into three types from weak to strong, exactly Type-III to Type-I. To the best of our knowledge, however, no practical DSSE schemes without trusted hardware (e.g. SGX) have been proposed so far, in terms of the strong backward privacy and constant roundtrips between the client and the server.
In this work, we present a new DSSE scheme by leveraging simple symmetric encryption with homomorphic addition and bitmap index. The new scheme can achieve both forward and backward privacy with one roundtrip. In particular, the backward privacy we achieve in our scheme (denoted by Type-I) is somewhat stronger than Type-I. Moreover, our scheme is very practical as it involves only lightweight cryptographic operations. To make it scalable for supporting billions of files, we further extend it to a multi-block setting. Finally, we give the corresponding security proofs and experimental evaluation which demonstrate both security and practicality of our schemes, respectively
Forward and Backward Private Searchable Encryption from Constrained Cryptographic Primitives
Using dynamic Searchable Symmetric Encryption, a user with limited storage resources can securely outsource a database to an untrusted server, in such a way that the database can still be searched and updated efficiently. For these schemes, it would be desirable that updates do not reveal any information a priori about the modifications they carry out, and that deleted results remain inaccessible to the server a posteriori. If the first property, called forward privacy, has been the main motivation of recent works, the second one, backward privacy, has been overlooked.
In this paper, we study for the first time the notion of backward privacy for searchable encryption. After giving formal definitions for different flavors of backward privacy, we present several schemes achieving both forward and backward privacy, with various efficiency trade-offs.
Our constructions crucially rely on primitives such as constrained pseudo-random functions and puncturable encryption schemes. Using these advanced cryptographic primitives allows for a fine-grained control of the power of the adversary, preventing her from evaluating functions on selected inputs, or decrypting specific ciphertexts. In turn, this high degree of control allows our SSE constructions to achieve the stronger forms of privacy outlined above. As an example, we present a framework to construct forward-private schemes from range-constrained pseudo-random functions.
Finally, we provide experimental results for implementations of our schemes, and study their practical efficiency
Leakage-Abuse Attacks Against Forward and Backward Private Searchable Symmetric Encryption
Dynamic searchable symmetric encryption (DSSE) enables a server to
efficiently search and update over encrypted files. To minimize the leakage
during updates, a security notion named forward and backward privacy is
expected for newly proposed DSSE schemes. Those schemes are generally
constructed in a way to break the linkability across search and update queries
to a given keyword. However, it remains underexplored whether forward and
backward private DSSE is resilient against practical leakage-abuse attacks
(LAAs), where an attacker attempts to recover query keywords from the leakage
passively collected during queries.
In this paper, we aim to be the first to answer this question firmly through
two non-trivial efforts. First, we revisit the spectrum of forward and backward
private DSSE schemes over the past few years, and unveil some inherent
constructional limitations in most schemes. Those limitations allow attackers
to exploit query equality and establish a guaranteed linkage among different
(refreshed) query tokens surjective to a candidate keyword. Second, we refine
volumetric leakage profiles of updates and queries by associating each with a
specific operation. By further exploiting update volume and query response
volume, we demonstrate that all forward and backward private DSSE schemes can
leak the same volumetric information (e.g., insertion volume, deletion volume)
as those without such security guarantees. To testify our findings, we realize
two generic LAAs, i.e., frequency matching attack and volumetric inference
attack, and we evaluate them over various experimental settings in the dynamic
context. Finally, we call for new efficient schemes to protect query equality
and volumetric information across search and update queries.Comment: A short version of this paper has been accepted to the 30th ACM
Conference on Computer and Communications Security (CCS'23
An In-Depth Analysis on Efficiency and Vulnerabilities on a Cloud-Based Searchable Symmetric Encryption Solution
Searchable Symmetric Encryption (SSE) has come to be as an integral cryptographic approach in a world where digital privacy is essential. The capacity to search through encrypted data whilst maintaining its integrity meets the most important demand for security and confidentiality in a society that is increasingly dependent on cloud-based services and data storage. SSE offers efficient processing of queries over encrypted datasets, allowing entities to comply with data privacy rules while preserving database usability. Our research goes into this need, concentrating on the development and thorough testing of an SSE system based on Curtmola’s architecture and employing Advanced Encryption Standard (AES) in Cypher Block Chaining (CBC) mode. A primary goal of the research is to conduct a thorough evaluation of the security and performance of the system. In order to assess search performance, a variety of database settings were extensively tested, and the system's security was tested by simulating intricate threat scenarios such as count attacks and leakage abuse. The efficiency of operation and cryptographic robustness of the SSE system are critically examined by these reviews
ACE: A Consent-Embedded privacy-preserving search on genomic database
In this paper, we introduce ACE, a consent-embedded searchable encryption
scheme. ACE enables dynamic consent management by supporting the physical
deletion of associated data at the time of consent revocation. This ensures
instant real deletion of data, aligning with privacy regulations and preserving
individuals' rights. We evaluate ACE in the context of genomic databases,
demonstrating its ability to perform the addition and deletion of genomic
records and related information based on ID, which especially complies with the
requirements of deleting information of a particular data owner. To formally
prove that ACE is secure under non-adaptive attacks, we present two new
definitions of forward and backward privacy. We also define a new hard problem,
which we call D-ACE, that facilitates the proof of our theorem (we formally
prove its hardness by a security reduction from DDH to D-ACE). We finally
present implementation results to evaluate the performance of ACE
Searchable Encryption for Conjunctive Queries with Extended Forward and Backward Privacy
Recent developments in the field of Dynamic Searchable Symmetric Encryption (DSSE) with forward and backward privacy have attracted much attention from both research and industrial communities. However, most forward and backward private DSSE schemes support single keyword queries only, which impedes its prevalence in practice. Until recently, Patranabis et al. (NDSS 2021) introduced a forward and backward private DSSE for conjunctive queries (named ODXT) based on the Oblivious Cross-Tags (OXT) framework. Unfortunately, its security is not comprehensive for conjunctive queries, and it deploys “lazy deletion”, which incurs more communication cost. Besides, it cannot delete a file in certain circumstances. To address these problems, we introduce two forward and backward private DSSE schemes with conjunctive queries (named SDSSE-CQ and SDSSE-CQ-S). To analysis their security, we present two new levels of backward privacy (named Type-O and Type-O, where Type-O is more secure than Type-O), which describe the leakages of conjunctive queries with OXT framework more accurately. Finally, the security and experimental evaluation demonstrate that our proposed schemes achieve better security with comparable computation and communication increase in comparison with ODXT
Forward and Backward Private DSSE for Range Queries
Due to its capabilities of searches and updates over the encrypted database, the dynamic searchable symmetric encryption
(DSSE) has received considerable attention recently. To resist leakage abuse attacks, a secure DSSE scheme usually requires forward and backward privacy. However, the existing forward and backward private DSSE schemes either only support single keyword queries or require more interactions between the client and the server. In this paper, we first give a new leakage function for range queries, which is more complicated than the one for single keyword queries. Furthermore, we propose a concrete forward and backward private DSSE scheme by using a refined binary tree data structure. Finally, the detailed security analysis and extensive experiments demonstrate that our proposal is secure and efficient, respectively
Multi - owner Secure Data Sharing in Cloud Computing Environment
Data sharing in the cloud is a technique that allows users to conveniently access data over the cloud. The data owner outsources their data in the cloud due to cost reduction and the great conveniences provided by cloud services. Data owner is not able to control over their data, because cloud service provider is a third party provider. The main crisis with data sharing in the cloud is the privacy and security issues. Various techniques are available to support user privacy and secure data sharing. This paper focus on various schemes to deal with secure data sharing such as Data sharing with forward security, secure data sharing for dynamic groups, Attribute based data sharing, encrypted data sharing and Shared Authority Based Privacy-Preserving Authentication Protocol for access control of outsourced data
Balancing Security, Performance and Deployability in Encrypted Search
Encryption is an important tool for protecting data, especially data stored in the cloud. However, standard encryption techniques prevent efficient search. Searchable encryption attempts to solve this issue, protecting the data while still providing search functionality. Retaining the ability to search comes at a cost of security, performance and/or utility.
An important practical aspect of utility is compatibility with legacy systems. Unfortunately, the efficient searchable encryption constructions that are compatible with these systems have been proven vulnerable to attack, even against weaker adversary models.
The goal of this work is to address this security problem inherent with efficient, legacy compatible constructions. First, we present attacks on previous constructions that are compatible with legacy systems, demonstrating their vulnerability. Then we present two new searchable encryption constructions. The first, weakly randomized encryption, provides superior security to prior easily deployable constructions, while providing similar ease of deployment and query performance nearly identical to unencrypted databases. The second construction, EDDiES, provides much stronger security at the expense of a slight regression on performance.
These constructions show that it is possible to achieve a better balance of security and performance with the utility constraints that come with deployment in legacy systems
- …