You are looking at a specific version 20170120:222918 of this paper. See the latest version.

Paper 2017/046

Practical Passive Leakage-Abuse Attacks Against Symmetric Searchable Encryption

Matthieu Giraud and Alexandre Anzala-Yamajako and Olivier Bernard and Pascal Lafourcade

Abstract

The problem of securely outsourcing client data with search functionality has given rise to efficient solutions called Symmetric Searchable Encryption (SSE) schemes. These schemes are provably secure with respect to an explicit leakage profile; however, determining how much information can be inferred in practice from this leakage remains difficult. First, we refine and formalize the leakage hierarchy introduced by Cash et al. in 2015. Second, we further extend the analysis of existing attacks to better understand their real-world efficiency and the practicality of their hypothesis. Finally, we present the first complete practical attacks on L4, L3 and L2 leakage profiles. Our attacks are passive and only assume the very realistic knowledge of a small sample of plaintexts; moreover, we show their devastating effect on real-world datasets.

Metadata
Available format(s)
PDF
Publication info
Preprint. MINOR revision.
Keywords
symmetric searchable encryptionleakagepassive attacks
Contact author(s)
matthieu giraud @ uca fr
History
2017-06-08: revised
2017-01-20: received
See all versions
Short URL
https://ia.cr/2017/046
License
Creative Commons Attribution
CC BY
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.