Paper 2017/024
Searchable Encrypted Relational Databases: Risks and Countermeasures
Mohamed Ahmed Abdelraheem, Tobias Andersson and Christian Gehrmann
Abstract
We point out the risks of protecting relational databases via Searchable Symmetric Encryption (SSE) schemes by proposing an inference attack exploiting the structural properties of relational databases. We show that record-injection attacks mounted on relational databases have worse consequences than their file-injection counterparts on unstructured databases. Moreover, we discuss some techniques to reduce the effectiveness of inference attacks exploiting the access pattern leakage existing in SSE schemes. To the best of our knowledge, this is the first work that investigates the security of relational databases protected by SSE schemes.
Note: corrected some typos.
Metadata
- Available format(s)
- Publication info
- Published elsewhere. Minor revision. Data Privacy Management 12th International Workshop
- Keywords
- searchable symmetric encryptionrelational databasesinference attacksinjection attacksprivacy constraintsvertical fragmentation
- Contact author(s)
- moh ahm abdelraheem @ gmail com
- History
- 2018-05-01: last of 9 revisions
- 2017-01-13: received
- See all versions
- Short URL
- https://ia.cr/2017/024
- License
-
CC BY