Adaptively Secure Computationally Efficient Searchable Symmetric Encryption

Searchable encryption is a technique that allows a client to store documents on a server in encrypted form. Stored documents can be retrieved selectively while revealing as little information as\ud possible to the server. In the symmetric searchable encryption domain, the storage and the retrieval are performed by the same client. Most conventional searchable encryption schemes suffer\ud from two disadvantages.\ud First, searching the stored documents takes time linear in the size of the database, and/or uses heavy arithmetic operations.\ud Secondly, the existing schemes do not consider adaptive attackers;\ud a search-query will reveal information even about documents stored\ud in the future. If they do consider this, it is at a significant\ud cost to updates.\ud In this paper we propose a novel symmetric searchable encryption\ud scheme that offers searching at constant time in the number of\ud unique keywords stored on the server. We present two variants of\ud the basic scheme which differ in the efficiency of search and\ud update. We show how each scheme could be used in a personal health\ud record system

Generalized external interaction with tamper-resistant hardware with bounded information leakage

This paper investigates secure ways to interact with tamper-resistant hardware leaking a strictly bounded amount of information. Architectural support for the interaction mechanisms is studied and performance implications are evaluated. The interaction mechanisms are built on top of a recently-proposed secure processor Ascend[ascend-stc12]. Ascend is chosen because unlike other tamper-resistant hardware systems, Ascend completely obfuscates pin traffic through the use of Oblivious RAM (ORAM) and periodic ORAM accesses. However, the original Ascend proposal, with the exception of main memory, can only communicate with the outside world at the beginning or end of program execution; no intermediate information transfer is allowed. Our system, Stream-Ascend, is an extension of Ascend that enables intermediate interaction with the outside world. Stream-Ascend significantly improves the generality and efficiency of Ascend in supporting many applications that fit into a streaming model, while maintaining the same security level.Simulation results show that with smart scheduling algorithms, the performance overhead of Stream-Ascend relative to an insecure and idealized baseline processor is only 24.5%, 0.7%, and 3.9% for a set of streaming benchmarks in a large dataset processing application. Stream-Ascend is able to achieve a very high security level with small overheads for a large class of applications.National Science Foundation (U.S.). Graduate Research Fellowship Program (Grant 1122374)American Society for Engineering Education. National Defense Science and Engineering Graduate FellowshipUnited States. Defense Advanced Research Projects Agency (Clean-slate design of Resilient, Adaptive, Secure Hosts Contract N66001-10-1-4089

Embellishing Text Search Queries to Protect User Privacy

Users of text search engines are increasingly wary that their activities may disclose confidential information about their business or personal profiles. It would be desirable for a search engine to perform document retrieval for users while protecting their intent. In this paper, we identify the privacy risks arising from semantically related search terms within a query, and from recurring highspecificity query terms in a search session. To counter the risks, we propose a solution for a similarity text retrieval system to offer anonymity and plausible deniability for the query terms, and hence the user intent, without degrading the system’s precision-recall performance. The solution comprises a mechanism that embellishes each user query with decoy terms that exhibit similar specificity spread as the genuine terms, but point to plausible alternative topics. We also provide an accompanying retrieval scheme that enables the search engine to compute the encrypted document relevance scores from only the genuine search terms, yet remain oblivious to their distinction from the decoys. Empirical evaluation results are presented to substantiate the effectiveness of our solution. 1

New constructions and practical applications for private stream searching (extended abstract

Abstract A system for private stream searching allows a clientto retrieve documents matching some search criteria from a remote server while the server evaluating the re-quest remains provably oblivious to the search criteria. In this extended abstract, we give a high level outlineof a new scheme for this problem and an experimental analysis of its scalability. The new scheme is highlyefficient in practice. We demonstrate the practical applicability of the scheme by considering its performancein the demanding scenario of providing a privacy preserving version of the Google News Alerts service.

New Constructions and Practical Applications for Private Stream Searching (Extended Abstract)

A system for private stream searching allows a client to retrieve documents matching some search criteria from a remote server while the server evaluating the request remains provably oblivious to the search criteria. In this extended abstract, we give a high level outline of a new scheme for this problem and an experimental analysis of its scalability. The new scheme is highly efficient in practice. We demonstrate the practical applicability of the scheme by considering its performance in the demanding scenario of providing a privacy preserving version of the Google News Alerts service

Privacy-Preserving Similarity-Based Text Retrieval

Article No.: 4</p