Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

9-2022

Abstract

Searchable Encryption schemes provide secure search over encrypted databases while allowing admitted information leakages. Generally, the leakages can be categorized into access and volume pattern. In most existing SE schemes, these leakages are caused by practical designs but are considered an acceptable price to achieve high search efficiency. Recent attacks have shown that such leakages could be easily exploited to retrieve the underlying keywords for search queries. Under the umbrella of attacking SE, we design a new Volume and Access Pattern Leakage-Abuse Attack (VAL-Attack) that improves the matching technique of LEAP (CCS ’21) and exploits both the access and volume patterns. Our proposed attack only leverages leaked documents and the keywords present in those documents as auxiliary knowledge and can effectively retrieve document and keyword matches from leaked data. Furthermore, the recovery performs without false positives. We further compare VAL-Attack with two recent well-defined attacks on several real-world datasets to highlight the effectiveness of our attack and present the performance under popular countermeasures.

Keywords

Searchable encryption, Access pattern, Volume pattern, Leakage, Attack

Discipline

Information Security

Publication

Proceedings of the 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, 2022 September 26-30

Volume

13554 LNCS

First Page

653

Last Page

676

ISBN

9783031171390

Identifier

10.1007/978-3-031-17140-6_32

Publisher

Springer

City or Country

Cham

Additional URL

https://doi.org/10.1007/978-3-031-17140-6_32

Download

Share

COinS