Paper 2016/920

Breaking Web Applications Built On Top of Encrypted Data

Paul Grubbs, Richard McPherson, Muhammad Naveed, Thomas Ristenpart, and Vitaly Shmatikov

Abstract

We develop a systematic approach for analyzing client-server applications that aim to hide sensitive user data from untrusted servers. We then apply it to Mylar, a framework that uses multi-key searchable encryption (MKSE) to build Web applications on top of encrypted data. We demonstrate that (1) the Popa-Zeldovich model for MKSE does not imply security against either passive or active attacks; (2) Mylar-based Web applications reveal users’ data and queries to passive and active adversarial servers; and (3) Mylar is generically insecure against active attacks due to system design flaws. Our results show that the problem of securing client-server applications against actively malicious servers is challenging and still unsolved. We conclude with general lessons for the designers of systems that rely on property-preserving or searchable encryption to protect data from untrusted servers.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Major revision.ACM CCS 2016
DOI
10.1145/2976749.2978351
Keywords
searchable encryptionaccess patternsdefinitions
Contact author(s)
pag225 @ cornell edu
History
2016-09-22: received
Short URL
https://ia.cr/2016/920
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2016/920,
      author = {Paul Grubbs and Richard McPherson and Muhammad Naveed and Thomas Ristenpart and Vitaly Shmatikov},
      title = {Breaking Web Applications Built On Top of Encrypted Data},
      howpublished = {Cryptology ePrint Archive, Paper 2016/920},
      year = {2016},
      doi = {10.1145/2976749.2978351},
      note = {\url{https://eprint.iacr.org/2016/920}},
      url = {https://eprint.iacr.org/2016/920}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.