Publication Type
Conference Proceeding Article
Version
publishedVersion
Publication Date
11-2021
Abstract
Searchable Encryption (SE) enables private queries on encrypted documents. Most existing SE schemes focus on constructing industrialready, practical solutions at the expense of information leakages that are considered acceptable. In particular, ShadowCrypt utilizes a cryptographic approach named “efficiently deployable, efficiently searchable encryption” (EDESE) that reveals the encrypted dataset and the query tokens among other information. However, recent attacks showed that such leakages can be exploited to (partially) recover the underlying keywords of query tokens under certain assumptions on the attacker’s background knowledge. We continue this line of work by presenting LEAP, a new leakageabuse attack on EDESE schemes that can accurately recover the underlying keywords of query tokens based on partially known documents and the L2 leakage as per defined by Cash et al. (CCS ’15). As an auxiliary function, our attack supports document recovery in the similar setting. To the best of our knowledge, this is the first attack on EDESE schemes that achieves keyword recovery and document recovery without error based on partially known documents and L2 leakage. We conduct extensive experiments to demonstrate the effectiveness of our attack by varying levels of attacker’s background knowledge.
Keywords
Searchable encryption, leakage, attack
Discipline
Information Security
Research Areas
Cybersecurity
Publication
Proceedings of the 2021 ACM Conference on Computer and Communications Security (ACM CCS 2021), Virtual Conference, November 15-19
First Page
2307
Last Page
2320
ISBN
9781450384544
Identifier
10.1145/3460120.3484540
Publisher
ACM
City or Country
Virtual Conference
Citation
NING, Jianting; HUANG, Xinyi; POH, Geong Sen; YUAN, Jiaming; LI, Yingjiu; WENG, Jian; and DENG, Robert H..
LEAP: Leakage-abuse attack on efficiently deployable, efficiently searchable encryption with partially known dataset. (2021). Proceedings of the 2021 ACM Conference on Computer and Communications Security (ACM CCS 2021), Virtual Conference, November 15-19. 2307-2320.
Available at: https://ink.library.smu.edu.sg/sis_research/6740
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.