Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

7-2025

Abstract

Easily Deployable and Efficiently Searchable Encryption (EDESE) is a cryptographic primitive designed for practical searchable applications, offering efficient search and easy deployment. However, it remains vulnerable to Leakage-Abuse attacks, allowing adversaries to exploit keyword-matching processes to extract sensitive information. To address these vulnerabilities, we introduce Leakage-Resilient EDESE (LR-EDESE) with k-indistinguishability and controlled leakage functions. We then propose Volume Leakage-Resilient EDESE (VLR-EDESE), a new scheme to protect against both query and document volume leakage. Our experimental results demonstrate that at k = 5000 (maximum security setting), VLR-EDESE incurs an overhead of 63× compared to the baseline EDESE without leakage protection, outperforming state-of-the-art methods with 320× and 97× overhead, respectively. For smaller k values (10, 20, 50, 100), storage and communication overhead remain within 2× and 2.5× of the baseline EDESE, highlighting VLR-EDESE's flexibility. Finally, we present CloudSec, an implementation of VLR-EDESE that seamlessly integrates with cloud storage platforms, using OneDrive as an example.

Keywords

Security and privacy, Cryptography

Discipline

Information Security

Research Areas

Cybersecurity

Areas of Excellence

Digital transformation

Publication

SACMAT '25: Proceedings of the 30th ACM Symposium on Access Control Models and Technologies, Stony Brook, NY, 10 July

First Page

133

Last Page

144

ISBN

9798400715037

Identifier

10.1145/3734436.3734445

Publisher

ACM

City or Country

New York

Copyright Owner and License

Authors

Creative Commons License

Creative Commons Attribution 4.0 International License
This work is licensed under a Creative Commons Attribution 4.0 International License.

Additional URL

https://doi.org/10.1145/3734436.3734445

Download

Share

COinS