Publication Type

Conference Proceeding Article

Version

publishedVersion

Publication Date

11-2021

Abstract

Searchable Encryption (SE) enables private queries on encrypted documents. Most existing SE schemes focus on constructing industrialready, practical solutions at the expense of information leakages that are considered acceptable. In particular, ShadowCrypt utilizes a cryptographic approach named “efficiently deployable, efficiently searchable encryption” (EDESE) that reveals the encrypted dataset and the query tokens among other information. However, recent attacks showed that such leakages can be exploited to (partially) recover the underlying keywords of query tokens under certain assumptions on the attacker’s background knowledge. We continue this line of work by presenting LEAP, a new leakageabuse attack on EDESE schemes that can accurately recover the underlying keywords of query tokens based on partially known documents and the L2 leakage as per defined by Cash et al. (CCS ’15). As an auxiliary function, our attack supports document recovery in the similar setting. To the best of our knowledge, this is the first attack on EDESE schemes that achieves keyword recovery and document recovery without error based on partially known documents and L2 leakage. We conduct extensive experiments to demonstrate the effectiveness of our attack by varying levels of attacker’s background knowledge.

Keywords

Searchable encryption, leakage, attack

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Proceedings of the 2021 ACM Conference on Computer and Communications Security (ACM CCS 2021), Virtual Conference, November 15-19

First Page

2307

Last Page

2320

ISBN

9781450384544

Identifier

10.1145/3460120.3484540

Publisher

ACM

City or Country

Virtual Conference

Share

COinS