Paper 2018/715

Practical Attacks on Relational Databases Protected via Searchable Encryption

Mohamed Ahmed Abdelraheem, Tobias Andersson, Christian Gehrmann, and Cornelius Glackin

Abstract

Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Published elsewhere. Minor revision. The 21th Information Security Conference (ISC 2018)
Keywords
searchable symmetric encryptionrelational databasesinference attackssubset sum problemindependent set problem
Contact author(s)
moh ahm abdelraheem @ gmail com
History
2018-08-01: received
Short URL
https://ia.cr/2018/715
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2018/715,
      author = {Mohamed Ahmed Abdelraheem and Tobias Andersson and Christian Gehrmann and Cornelius Glackin},
      title = {Practical Attacks on Relational Databases Protected via Searchable Encryption},
      howpublished = {Cryptology {ePrint} Archive, Paper 2018/715},
      year = {2018},
      url = {https://eprint.iacr.org/2018/715}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.