Cryptology ePrint Archive: Report 2018/715

Practical Attacks on Relational Databases Protected via Searchable Encryption

Mohamed Ahmed Abdelraheem and Tobias Andersson and Christian Gehrmann and Cornelius Glackin

Abstract: Searchable symmetric encryption (SSE) schemes are commonly proposed to enable search in a protected unstructured documents such as email archives or any set of sensitive text files. However, some SSE schemes have been recently proposed in order to protect relational databases. Most of the previous attacks on SSE schemes have only targeted its common use case, protecting unstructured data. In this work, we propose a new inference attack on relational databases protected via SSE schemes. Our inference attack enables a passive adversary with only basic knowledge about the meta-data information of the target relational database to recover the attribute names of some observed queries. This violates query privacy since the attribute name of a query is secret.

Category / Keywords: applications / searchable symmetric encryption; relational databases; inference attacks;subset sum problem;independent set problem

Original Publication (with minor differences): The 21th Information Security Conference (ISC 2018)

Date: received 31 Jul 2018

Contact author: moh ahm abdelraheem at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20180801:194949 (All versions of this report)

Short URL: ia.cr/2018/715


[ Cryptology ePrint archive ]